Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks.

Ransomware 202

Ransomware Retail Government Sales 202

Data Breach Today

SEPTEMBER 26, 2024

Also: Ransomware Surged in 2023, MoneyGram Back in Service After Cyberattack This week, advice on spotting North Korean staff; ransomware attacks rose; MoneyGram back online; FCC fined political operative; CISA warned of water system attacks; Ukraine restricted Telegram use; North Korean hackers used new malware; U.K. arrested alleged hacker; PSNI is in data leak talks.

IT 185

IT Ransomware 185

WIRED Threat Level

SEPTEMBER 26, 2024

Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.

Privacy 143

Privacy Security 143

Data Breach Today

SEPTEMBER 26, 2024

Draft Guidelines Call for Longer, Randomized Passwords Instead of Memorized Phrases The National Institute of Standards and Technology is calling for longer, randomized passwords instead of memorized phrases containing combinations of upper and lowercase letters in new guidance that aims to modernize current password practices across the public and private sectors.

Passwords 167

Passwords 167

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Affairs

SEPTEMBER 26, 2024

Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller. These vulnerabilities can be exploited to trigger a denial-of-service (DoS) condition or execute remote code.

Energy and Utilities 118

Energy and Utilities Manufacturing IT Information Security 118

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts ( Neiko Rivera , Sam Curry , Justin Rhinehart , Ian Carroll ) discovered multiple vulnerabilities in Kia vehicles that allowed remote control of key functions using their license plates.

Access 102

Access Sales Cybersecurity IT 102

Data Breach Today

SEPTEMBER 26, 2024

Google Says Rust Language Initiative Eliminates Cross-Site Scripting, Other Flaws Google says switching to a memory-safe language such as Rust under its Safe Coding program has helped significantly reduce the number of vulnerabilities in Android systems. The number of vulnerabilities uncovered in Android devices has fallen from over 200 in 2019 to fewer than 50 by 2024.

IT 157

IT 157

Collaboration 2.0

SEPTEMBER 26, 2024

A website flaw - since patched - enabled these researchers to remotely track a car's location, unlock its doors, honk the horn, and start the engine.

IT 98

IT 98

Data Breach Today

SEPTEMBER 26, 2024

Hackers Could Cause Tanks to Overfill and Disable Leak Detection Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberattacks that cause physical damage.

Manufacturing 157

Manufacturing 157

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

SEPTEMBER 26, 2024

Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a complaint with Austria’s data protection authority (DSB) against Mozilla for enabling the privacy feature Privacy-Preserving Attribution (PPA) in Firefox without user consent.

Privacy 87

Privacy GDPR Personal data IT 87

Data Breach Today

SEPTEMBER 26, 2024

OpenAI Seeks to Become a For-Profit Company Wednesday brought more turmoil in the top ranks of OpenAI after three executives in leadership positions quit the company at a time when the AI giant seeks to convert itself into a for-profit entity. The new structure may affect how the company prioritizes and addresses AI risks.

Risk 157

Risk 157

The Guardian Data Protection

SEPTEMBER 26, 2024

Sharing these posts may seem harmless, but don’t be drawn in. There are better ways to combat the threats to our data If you’ve spent any time on Instagram or Facebook lately, you will probably have encountered concerned citizens sharing posts denying Meta, the parent company of both platforms as well as WhatsApp, the right to use their data to train AI systems.

Personal data 91

Personal data Artificial Intelligence IT 91

Data Breach Today

SEPTEMBER 26, 2024

Also: Reimbursements in Banana Gun Hack; Germany Shutters 47 Exchanges This week, BingX, Truflation, OpenAI X account hacked; Germany shut 47 exchanges; Caroline Ellison sentenced; two got crypto theft charges; one got crypto scam fine; Banana Gun will refund victims; WazirX, Liminal in dispute; SEC settled with TrueCoin, TrustToken; CFTC may settle with Mango Markets.

Marketing 157

Marketing 157

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

Sales

Collaboration 2.0

SEPTEMBER 26, 2024

Soundcore's most expensive headphones have a powerful ANC feature that delivers an immersive audio experience.

98

98

Data Breach Today

SEPTEMBER 26, 2024

Featurespace's AI Expertise Will Enhance Visa's Fraud, Risk and Payments Technology Visa has signed a definitive agreement to acquire AI-driven fraud prevention leader Featurespace. This acquisition will reinforce Visa's fraud detection capabilities, integrating advanced machine learning technology to strengthen financial crime prevention and protect global transactions.

Risk 157

Risk 157

IT Governance

SEPTEMBER 26, 2024

Extending your ISMS to address Cloud security risks ISO 27001 sets out the specification – the requirements – for an effective ISMS (information security management system). But did you know you can extend your ISO 27001 ISMS to cover specific aspects of Cloud security ? Two ISO standards in particular stand out: ISO 27017 ISO 27018 Let’s take a closer look at both ISO 27017 and ISO 27018.

Cloud 74

Cloud Risk Information Security Security 74

Data Breach Today

SEPTEMBER 26, 2024

Microsoft: Ransomware-as-a-Service Group Keeps Shifting Malware to Avoid Detection Threat actors tracked as "Vanilla Tempest" - and also known as Vice Society - appear to be changing up the ransomware they use to attack on U.S. healthcare organizations. Likely in a move to avoid detection, the ransomware-as-a-service group has shifted to INC Ransom malware, according to Microsoft.

Ransomware 144

Ransomware 144

Advertisement

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

Education

Collaboration 2.0

SEPTEMBER 26, 2024

Meta's new AI features bring a combination of image editing, voice interaction, and real-time translation to the forefront. Learn how Llama 3.2 is reshaping user experiences across Meta's ecosystem of apps.

98

98

Data Breach Today

SEPTEMBER 26, 2024

With No Federal Help in Sight, 6 Legislatures Hope to Stop Suspicious Transactions As cyber fraud against senior citizens rises, at least four U.S. states are considering new legislation to fill the gaps in fraud protection normally covered by the federal Consumer Financial Protection Bureau. The bills would protect seniors by empowering banks to block suspicious transactions.

144

144

Collaboration 2.0

SEPTEMBER 26, 2024

I never thought I'd say this, but Meta's announcements - from affordable Quest 3 headsets to updated Ray-Ban smart glasses - are a lot more exciting than Apple's right now.

75

75

Data Breach Today

SEPTEMBER 26, 2024

Troy Leach and Avani Desai on Risks of AI Hallucination and Misleading Outputs In the latest "Proof of Concept," Troy Leach of the Cloud Security Alliance and Avani Desai of Schellman discuss the risks of AI hallucinations. As AI models advance, hallucinations pose serious threats to security, especially when quick and accurate decision-making is essential.

Security 144

Security Cloud Risk 144

Advertisement

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

Paper

Collaboration 2.0

SEPTEMBER 26, 2024

I never thought I'd say this, but Meta's announcements - from affordable Quest 3 headsets to updated Ray-Ban smart glasses - are a lot more exciting than Apple's right now.

98

98

Jamf

SEPTEMBER 26, 2024

Learn to create EdTech roles to support classroom workflows and enhance educational technology integration with Jamf School and Jamf Teacher.

Education 73

Education 73

Collaboration 2.0

SEPTEMBER 26, 2024

Samsung has pulled back the curtain on its new Galaxy S24 FE, and although it's supposed to be a mid-range phone, it offers a similar experience to the flagship S24 model.

IT 74

IT 74

OpenText Information Management

SEPTEMBER 26, 2024

Calling all OpenText partners! Ice and Skye, our AI-generated guides, are eager to welcome you to OpenText World 2024 at The Venetian Resort, Las Vegas, November 18-21. Join us for our exclusive OpenText Partner Summit on November 18, then enjoy the premiere information management conference to see how reimagining information can reinvent knowledge workers and reinvigorate business.

Marketing 52

Marketing Analytics Cloud Cybersecurity 52

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

IT

Collaboration 2.0

SEPTEMBER 26, 2024

Disney+ is increasing prices for all plans on Oct. 17 - and offering password sharers a cost savings to officially add a friend. Here's how it will catch freeloaders.

Risk 74

Risk Passwords IT 74

Info Source

SEPTEMBER 26, 2024

KEY TAKEAWAYS Globally end customer organisations invested close to 7 Billion US$ into IDP solutions in 2023. The demand for IDP solutions grew at solid double digit rate compared to the previous year. The demand for the automation of business processes continues to increase, fueled by the shortage of skilled staff. 2023 showed a particularly strong growth of IDP solutions offered by vendors who specialise in enterprise automation solutions.

Marketing 52

Marketing Energy and Utilities e-Discovery Records Management 52

Collaboration 2.0

SEPTEMBER 26, 2024

We've rounded up the best laptop deals ahead of Amazon's Prime Big Deal Days sale, including significant deals on Apple's MacBook Pro, and computers from Asus, Lenovo, and more.

Sales 71

Sales 71