Fri.Jul 05, 2024

article thumbnail

OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report

Data Breach Today

Hacker had Unauthorized Access to Data on Designs for New AI Use Cases A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages comprised details of designs for new AI technologies, the New York Times said. The hacker did not access systems housing or building its applications.

Access 311
article thumbnail

Hackers stole OpenAI secrets in a 2023 security breach

Security Affairs

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of the company’s systems.

Security 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Breach Roundup: FBI Warns of US Renewable Energy Sector Threats

Data Breach Today

Google Offers $250,000 Reward for KVM Vulns; CocoaPods Flaws Expose Apple Apps This week: FBI warns of cyberthreats to U.S. renewable energy sector; Indonesia data center hacker apologizes; Google Pixel 6 series devices bricked, critical vulnerability in EoL D-Link routers, Google offers $250,000 reward for KVM vulnerabilities, NCA disrupts global Cobalt Strike supply chain.

306
306
article thumbnail

Hackers compromised Ethereum mailing list and launched a crypto draining attack

Security Affairs

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer. “This website had a crypto drainer running in the background, and if a user initiate

Phishing 143
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Cryptohack Roundup: JPEX Case Update

Data Breach Today

Also: SEC's Lawsuit Against Silvergate, Suspected Bittensor Exploit Every week, ISMG rounds up cybersecurity incidents in digital assets. This week's stories include singer Nine Chen’s potential prosecution in the JPEX case, SEC's lawsuit Silvergate, a suspected Bittensor exploit, and Q2 crypto scam stats.

More Trending

article thumbnail

Why Zero Trust Is Critical in Health and Government Sectors

Data Breach Today

Implementing a zero trust security approach is critical to avoid the types of major IT disruptions and massive data compromises seen in recent cyberattacks that affected the healthcare, public health and government sectors, said Clinton McCarty, CISO at National Government Services.

article thumbnail

Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

Security Affairs

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two custom classes to upload and load a malicious DLL.

Libraries 136
article thumbnail

New Zealand Fitness Retailer Hit By DragonForce Ransomware

Data Breach Today

Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks A ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday said on its leak site that it stole 5.31 gigabytes of data Elite Fitness.

Retail 189
article thumbnail

Phishing Attacks Themed Around Popular Weight Loss Drugs Increase 183%

KnowBe4

As popularity grows for these proven methods of weight loss, scammers have taken note and have placed a significant focus on separating victims from their money.

Phishing 128
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Health Benefits Administrator Reports 3rd-Party Hack to SEC

Data Breach Today

HealthEquity Says a Vendor's Compromised Credentials Led to Data Theft Breach HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a third-party vendor. Incident did not disrupt IT systems or processes.

Security 182
article thumbnail

The World’s Most Popular 3D-Printed Gun Was Designed by an Aspiring Terrorist

WIRED Threat Level

Growing numbers of insurgents and extremists use the FGC-9. Forensic analysis of online platforms reveals the dark world of the man who created it—a self-described incel who supported the German far right.

IT 126
article thumbnail

ISMG Editors: A Tribute to Steve King

Data Breach Today

Steve King's Legacy in Cybersecurity: Insights and Reflections In this special edition of the ISMG Editors’ Panel, we honored the memory of industry veteran Steve King, managing director of CyberEd.io. His friend Richard Bird joined ISMG editors to share reflections on Steve's legacy, his contributions to cybersecurity, and the importance of questioning the status quo.

article thumbnail

Don't Fall for It: How to Spot Social Media Job Scams a Mile Away

KnowBe4

As social media becomes more intertwined with our daily routines, cybercriminals are using it to trick people with fake job offers. What are these social-media recruitment scams, and how can you spot the red flags?

IT 122
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

FedRAMP Launches New Framework for Emerging Technologies

Data Breach Today

Framework Sets Stage for Agencies to Increasingly Adopt New, Modern Tech Solutions The Federal Risk Authorization Management Program unveiled a new framework designed to help agencies increasingly adopt emerging technologies that maintain rigorous security standards and that can be implemented into new and existing federal systems, according to a recent blog post.

Risk 162
article thumbnail

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

KnowBe4

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In a recent 90-day period, Menlo Labs uncovered a trifecta of sophisticated [highly evasive and adaptive threat] campaigns—LegalQloud, Eqooqp, and Boomer—compromising at least 40,000 high-value users, including C-suite executives from major banking institutions, financial powerhouses, insurance giants, legal firms, government agencies, and

Phishing 114
article thumbnail

Critical Vulnerabilities Found in Rockwell PanelView Plus

Data Breach Today

Microsoft Uncovers Critical Flaws in Rockwell PanelView Plus Microsoft has found critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers, potentially compromising industrial operations.

162
162
article thumbnail

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

KnowBe4

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.

Phishing 111
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Chrome to Block Entrust Certificates in November 2024

eSecurity Planet

Millions of websites could be displaying security warnings in Google Chrome starting this November. The cause? A recent announcement by Google Chrome regarding its trust in certificates issued by a major certificate authority (CA), Entrust. Website security is paramount in today’s digital age. That little lock icon in your browser address bar signifies a secure connection, protected by an SSL/TLS certificate.

article thumbnail

Weekly Update 407

Troy Hunt

It's a long one this week, in part due to the constant flood of new breaches and disclosures I discuss. I regularly have disclosure notices forwarded to me by followers who find themselves in new breaches, and it's always fascinating to hear how they're worded. You get a real sense of how much personal ownership a company is taking, how much blame they're putting back on the hackers and increasingly, how much they've been written by lawyers.

article thumbnail

The 17 best early anti-Prime Day deals: Best Buy, Walmart, Costco, and more

Collaboration 2.0

Prime Day returns July 16, but you can already shop great deals across tech, home, and beyond -- and not just at Amazon. Find some of the best anti-Prime Day deals from retailers such as Best Buy, Walmart, Costco, and more.

Retail 75
article thumbnail

New technique makes lengthy privacy notices easier to understand by converting them into machine-readable formats via TechExplore

IG Guru

Check out the article here The post New technique makes lengthy privacy notices easier to understand by converting them into machine-readable formats via TechExplore first appeared on IG GURU.

Privacy 61
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Fast workflows and diverse content: How AI is transforming radio production

CGI

In radio and audio production, artificial intelligence (AI) is already showing what it can achieve—simplifying work for editors, radically accelerating workflows, and enabling services that were previously unthinkable.

article thumbnail

What Is a Document Repository? Benefits, Set Up Tips and Best Practices

Docuware

Maintaining organized and secure business documents can be challenging without a digital repository that acts as the single source of truth. So, what exactly is it This blog post will answer all your questions and explain why your business needs one.

article thumbnail

Embracing AI: The key to accelerating and revolutionizing drug development

CGI

Conversations at BIO centered around the integration of AI in drug discovery. The key decision facing project teams across the industry is clear: embracing AI to accelerate and revolutionize drug development is the key to future success.

52
article thumbnail

Document Scanning for the Automotive Industry

Record Nations

Paper-based records are outdated, inefficient, and messy. Going digital helps businesses create a more organized and more accurate recordkeeping system. The automotive industry is no exception. Document scanning can transform your automotive business by improving customer service and streamlining vehicle maintenance tracking. Whether you are a dealership, auto repair shop, fleet management company, or another.

Paper 45
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

What Is a Document Repository? Benefits, Set Up Tips and Best Practices

Docuware

Maintaining organized and secure business documents can be challenging without a digital repository that acts as the single source of truth. So, what exactly is it This blog post will answer all your questions and explain why your business needs one.

article thumbnail

New Golang-based Zergeca Botnet appeared in the threat landscape

Security Affairs

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusTotal.

article thumbnail

Friday Squid Blogging: Newly Discovered Vampire Squid

Schneier on Security

A new vampire squid species was discovered in the South China Sea. Blog moderation policy.

109
109