Mon.Feb 12, 2024

article thumbnail

Bugcrowd Attains $102M Strategic Growth Funding Round

Data Breach Today

Company Will Use Investment to Expand Services, says CEO Dave Gerry Bugcrowd received a $102 million venture capital investment to fuel strategic growth, the company announced Monday. "Our customers are outgunned and outmatched. They need to tap into all this creativity that exists within the hacker community," said company CEO Dave Gerry.

289
289
article thumbnail

How to Push Back Against Infogov Push-Back

Weissman's World

We’ve all been there – You know what you want to do to fix your information quality and process issues You talked it up for months, up and down the org chart, and you got what you thought was a clear go-ahead But when you actually starting doing things, you got so much push-back –… Read More » How to Push Back Against Infogov Push-Back The post How to Push Back Against Infogov Push-Back appeared first on Holly Group.

IT 156
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Account Takeover Campaign Hits Execs in Microsoft Azure

Data Breach Today

Attackers Downloaded Files Containing Financial, Security and User Information A still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.

Phishing 310
article thumbnail

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Security Affairs

Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We’ve all used public Wi-Fi: it’s convenient, saves our data, and speeds up browsing. But while we enjoy its benefits, hackers do too. Here, we’ll explore how cybercriminals exploit public Wi-Fi to access your private data and possibly steal your identity.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Data Insights Are Key to Fighting Synthetic ID Fraud

Data Breach Today

Steve Lenderman on the Shift From Synthetic Identity to Synthetic Entity Fraud Synthetic IDs remain a problem not because of a lack of data but because of failure to identify the right data and establish correlations, said Steve Lenderman, co-chair of the Industry Working Groups for the International Association of Financial Crimes Investigators.

277
277

More Trending

article thumbnail

Authorities Bust Accused Seller of Widely Used RAT Malware

Data Breach Today

2 Men Arrested in Malta, Nigeria for Hawking Malware on Hacking Forums Since 2012 Federal authorities have seized internet domains and arrested two men in Malta and Nigeria who they say served as sales and customer service reps for a dark web business that sold RAT malware to cybercriminals over a 12-year period, leading to the "takeover and infection of computers worldwide.

Sales 281
article thumbnail

ExpressVPN leaked DNS requests due to a bug in the split tunneling feature

Security Affairs

A bug in the split tunneling feature implemented in ExpressVPN exposed the domains visited by the users. ExpressVPN addressed a bug in the split tunneling feature that exposed the domains visited by the users to configured DNS servers. The company opted to temporarily remove the feature in the Windows app to address the issue. The bug will be enabled in a future release when the company will fix it.

article thumbnail

Bipartisan Senate Bill Requires HHS to Bolster Cyber Efforts

Data Breach Today

Legislation Aims to Evaluate and Improve Agency's Cybersecurity Posture A new bipartisan Senate bill would require the U.S. Department of Health and Human Services to biennially conduct cybersecurity reviews and tests on its IT systems and report to Congress on how it is updating its cybersecurity strategy to keep up with evolving cyberthreats.

article thumbnail

CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube Webmail Persistent Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2023-43770 , to its Known Exploited Vulnerabilities (KEV) catalog.

IT 132
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Ransomware Disrupts Hospital Services in Romania and France

Data Breach Today

Emergency Services Are Suspended as Digital Systems Are Pulled Offline Ransomware operators disrupted emergency healthcare services over the weekend, crippling operations in nearly two dozen hospitals in Romania and France. Ransomware attacks increase the in-hospital mortality rate for already-admitted patients, a recent study concluded.

article thumbnail

Canada Gov plans to ban the Flipper Zero to curb car thefts

Security Affairs

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero , and similar hacking devices, to curb the surge in car thefts. Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It allows hacking digital stuff, such as radio protocols, access control systems, hardware, and more, reads the official website.

article thumbnail

A Backroom Deal Looms Over Section 702 Surveillance Fight

WIRED Threat Level

Top congressional lawmakers are meeting in private to discuss the future of a widely unpopular surveillance program, worrying members devoted to reforming Section 702.

Privacy 120
article thumbnail

US Feds arrested two men involved in the Warzone RAT operation

Security Affairs

The U.S. Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used to sell the remote access Trojan Warzone RAT (www.warzone[.]ws). The seizure is the result of an international law enforcement operation, federal authorities in Atlanta and Boston charged individuals in Malta and Nigeria, for their involvement in selling the malware.

Sales 131
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

VulnRecap 2/12/24: Ivanti, JetBrains, Fortinet, Linux Issues

eSecurity Planet

This week saw some repeat products from previous vulnerability recaps, such as Ivanti Policy Secure and JetBrains TeamCity servers. One of the most notable vulnerabilities for this week is Fortinet’s critical FortiOS issue, which affects Fortinet products that use the affected versions of the network operating system. Make sure your security teams consistently check vendor bulletins for vulnerability announcements so your business can stay on top of all threats.

article thumbnail

UK Publishes Cyber Governance Code of Practice for Consultation

Data Matters

On 23 January 2024, the UK government published its draft Cyber Governance Code of Practice (the “ Code ”) to help directors and other senior leadership boost their organizations’ cyber resilience. The draft Code, which forms part of the UK’s wider £2.6bn National Cyber Strategy , was developed in conjunction with several industry experts and stakeholders – including the UK National Cyber Security Centre.

article thumbnail

FCC Issues Declaratory Ruling that TCPA Applies to AI-Generated Voice Calls

Hunton Privacy

On February 8, 2024, the Federal Communications Commission declared that calls using AI- generated, cloned voices fall under the category of “artificial or prerecorded voice” within the Telephone Consumer Protection Act (“TCPA”) and therefore are generally prohibited without prior express consent, effective immediately. Callers must obtain prior express consent from the recipient before making a call using an artificial or prerecorded voice, absent an applicable statutory exemption or emergency.

article thumbnail

Residential Proxies vs. Datacenter Proxies: Choosing the Right Option

Security Affairs

Residential Proxies vs. Datacenter Proxies: this blog post examines the contours of each type and provides info on how to choose the perfect proxy option In the robust landscape of the digital era, our need for privacy, security, and accessibility on the internet has never been more acute. Whether it’s for gathering market intelligence, ensuring your privacy, or bypassing geographical restrictions, proxies have become the unsung heroes for individuals and enterprises alike.

Marketing 119
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The Hidden Injustice of Cyberattacks

WIRED Threat Level

Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.

Privacy 100
article thumbnail

Hard Lessons From Romance Scams

KnowBe4

Seeing as this week is Valentine’s Day, I should have written something about rom coms, true love, and trusting your heart more. But this is not one of those posts. This post is about romance scams and how hard they are to defend against, especially once sprung.

Phishing 104
article thumbnail

The customer experience evolution: Today’s data-driven, real-time discipline

IBM Big Data Hub

An evolution of customer experience (CX) was to be expected. Throughout modern history, organizations have encountered internal and external challenges that changed how they interact with customers and how customers view those organizations. Advancements in technology mean customers can order virtually any product and receive it in less than a week.

article thumbnail

Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

KnowBe4

New data sheds light on what kinds of cyber attacks are targeting your cybersecurity team, what it’s costing them, why it’s taking so much time to fix, and where you should focus resources.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Court Restores CPPA’s Authority to Enforce CPRA Regulations

Hunton Privacy

On February 9, 2024, a California state court of appeal ruled in favor of the California Privacy Protection Agency (“CPPA”) and vacated the lower court order postponing enforcement of the CPPA’s final regulations under the California Consumer Privacy Act. The appellate ruling issues a peremptory writ of mandate that directs the lower court to (1) vacate its prior order granting the Petition for Writ of Mandate in part and staying enforcement of the CPPA’s regulations for 12 months ( i.e. , until

Privacy 78
article thumbnail

2054, Part VI: Standoff at Arlington

WIRED Threat Level

“This eruption of violence had been brewing for years, through successive economic collapses, pandemics, and the utter dysfunction that had become American life.” An exclusive excerpt from 2054: A Novel.

article thumbnail

Maximizing your event-driven architecture investments: Unleashing the power of Apache Kafka with IBM Event Automation

IBM Big Data Hub

In today’s rapidly evolving digital landscape, enterprises are facing the complexities of information overload. This leaves them grappling to extract meaningful insights from the vast digital footprints they leave behind. Recognizing the need to harness real-time data, businesses are increasingly turning to event-driven architecture (EDA) as a strategic approach to stay ahead of the curve.

Access 77
article thumbnail

Americans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment Scams

KnowBe4

The US Federal Trade Commission (FTC) has disclosed that people in the United States lost a record $10 billion to fraud in 2023, a 14% increase from 2022. Nearly half of the losses were due to investment scams.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Why organizations need to prioritize a PQC-readiness lab

Thales Cloud Protection & Licensing

Why organizations need to prioritize a PQC-readiness lab madhav Tue, 02/13/2024 - 05:25 It’s an exciting time for technology – we are on the cusp of seeing some innovative and disruptive new technologies emerge that will have impacts on every industry and sector around the globe. From Quantum computers to Web3/Virtual Reality to Artificial Intelligence, there’s no doubt these will bring a critical shift in our daily lives.

article thumbnail

On Passkey Usability

Schneier on Security

Matt Burgess tries to only use passkeys. The results are mixed.

Passwords 115
article thumbnail

7 customer experience trends in 2024

IBM Big Data Hub

Customer experience (CX) defines a customer’s journey with a company, including both direct and indirect touchpoints. Businesses that place the emotional needs of the buyer persona at the forefront of the customer experience strategy fosters great relationships. Forrester reports that customer experience is a high priority for about 75% of global business and technology professionals and their organizations.