Wed.Aug 28, 2024

article thumbnail

Nothing to Smile About: Hacks on Dental Practices Swell

Data Breach Today

Over 1.2 Million Patients' Sensitive Data Exposed So Far This Year Some dentists don't have much to smile about these days when it comes to cyberattacks. More than 1.2 million of their patients have had their sensitive data compromised in at least two dozen hacks and other breaches so far in 2024, including several incidents reported in the past month.

IT 173
article thumbnail

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State announced a $2.5 million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese Nation-State Attackers Tied to Versa Zero-Day Hit

Data Breach Today

Targeted Versa Software Used by Service Providers to Manage Wide Area Networks Chinese nation-state attackers are actively exploiting a zero-day vulnerability in Versa Director software, used by major internet and managed service providers to deploy, configure and monitor network infrastructure, security experts warn. Versa updated its software last month to patch the flaw.

Security 173
article thumbnail

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cyberespionage group APT33 (aka Peach Sandstorm , Holmium , Elfin , Refined Kitten , and Magic Hound ) used new custom multi-stage backdoor called Tickler to compromise organizations in sectors such as government, defense, satellite, oil, and gas in the U.S. and UAE.

IT 135
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Cisco Bolsters AI Security by Buying Robust Intelligence

Data Breach Today

Acquisition Underscores the Importance of AI Security in Modern IT Infrastructure Cisco announced its intent to acquire Robust Intelligence to fortify the security of AI applications. With this acquisition, Cisco aims to address AI-related risks, incorporating advanced protection to guard against threats such as jailbreaking, data poisoning and unintentional model outcomes.

Security 162

More Trending

article thumbnail

True Zero Trust Should Mean VPN Retirement

Data Breach Today

It’s now clear that remote and hybrid work environments are here to stay—but so are the headaches caused by legacy VPN, which grants network-wide access

Access 162
article thumbnail

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Security Affairs

BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) is an authentication bypass vulnerability in VMware ESXi.

article thumbnail

Microsoft Copilot Fixes ASCII Smuggling Vulnerability

Data Breach Today

Security Researcher Uncovered the Flaw, Which Allowed System Takeover Microsoft says it fixed a security flaw in artificial intelligence chatbot Copilot that enabled attackers to steal multifactor authentication code using a prompt injection attack. Security researcher Johann Rehberger said he discovered a way to invisibly force Copilot to send data.

article thumbnail

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apache OFBiz Incorrect Authorization Vulnerability CVE-2024-38856 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is an incorrect authorization issue in Apache OFBiz that impacts versions through 18.12.14, version 18.12.15 addressed the flaw.

IT 132
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

US Law Enforcement Cracks Down on AI-Led Child Abuse Content

Data Breach Today

Police, Prosecutors Say CSAM Generated by AI Is the Same as Traditional CSAM U.S. law enforcement is cracking down on users who use artificial intelligence to generate child sexual abuse material, stating there is no difference between material made by a computer and material from real life. "Put simply, CSAM generated by AI is still CSAM," said a U.S. attorney.

article thumbnail

Matthew Green on Telegram’s Encryption

Schneier on Security

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not.

article thumbnail

Netskope + Illumio: North, South, East, West—Securing Your Network with Zero Trust

Data Breach Today

Discover how you can successfully implement a zero-trust strategy with Netskope Zero Trust Network Access (ZTNA) and Illumio Zero Trust Segmentation (ZTS)

Security 162
article thumbnail

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

KnowBe4

New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves.

Phishing 122
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Telegram Founder Set to Appear Before French Court

Data Breach Today

Hearing Is Scheduled to Take Place Wednesday Telegram CEO and owner Pavel Durov is set to appear before a French court on Wednesday after being freed from police custody. Paris authorities arrested Durov on Saturday evening. French authorities also issued a warrant for the arrest of Durov's brother, Nikolai.

162
162
article thumbnail

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

KnowBe4

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG).

Phishing 121
article thumbnail

Seeking a Job in Cybersecurity? Protect Yourself From Scams

Data Breach Today

Learn How to Recognize Fraudulent Job Postings and Avoid Becoming a Scam Victim The demand for skilled cybersecurity professionals, coupled with the rise in remote work, has led to an increase in fraudulent job postings targeting tech-savvy individuals. Learn why this is so and how to protect yourself from deceptive schemes as you pursue a job in cybersecurity.

article thumbnail

Young Consulting data breach impacts 954,177 individuals

Security Affairs

A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breach impacting 950,000 individuals following a BlackSuit ransomware attack. On April 13 the company “became aware of technical difficulties” that impacted its infrastructure.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor

WIRED Threat Level

In addition to its longstanding password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm— or APT 33—has developed custom malware dubbed “Tickler.

Passwords 118
article thumbnail

Setup Manager offers streamlined device enrollment for Mac

Jamf

Jamf’s Setup Manager is a powerful tool: an Apple device enrollment program for Mac that makes enrollment a snap.

105
105
article thumbnail

The Samsung phone most people should buy in 2024 is only $299 during Labor Day

Collaboration 2.0

The Samsung Galaxy A35 5G has its flaws, but with a two-day battery life and a gorgeous display, it's hard to ignore how good it is for the price.

IT 98
article thumbnail

AI governance versus model management: What’s the difference?

Collibra

The world of artificial intelligence (AI) is chock-full with so many buzzwords and nomenclature that it’s hard to keep track of what’s really been said. It also causes a lot of confusion for those that aren’t steeped in this world on a regular basis, and even for those that are, there’s often disagreement on terms or phrases. Case in point — AI governance and AI model management.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Get an Amazon Fire tablet for around $50 with this Labor Day trade in deal

Collaboration 2.0

Amazon is offering a 46% discount on their Fire HD 8 Plus tablet ahead of Labor Day. But with a qualified trade in, you can save an additional 20%.

98
article thumbnail

The Legal Battles Taking Shape in the Clash Over Internet Content

Data Matters

A federal law known as Section 230 has provided a powerful legal shield for internet companies for nearly three decades. Designed to “promote the internet,” it protects platforms from civil liability for content posted to their sites by third parties. The post The Legal Battles Taking Shape in the Clash Over Internet Content appeared first on Data Matters Privacy Blog.

Privacy 88
article thumbnail

These 5 Linux file managers are way better than your default

Collaboration 2.0

Not happy with your Linux distro's default file manager? Stop struggling and try something different. Considering that these are all free, what do you have to lose?

98
article thumbnail

CILIP joins writes to Minister for School Standards in joint letter with national library charities

CILIP

CILIP joins writes to Minister for School Standards in joint letter with national library charities CILIP, CILIP School Libraries Group (CILIP SLG), the School Library Association, and the Association of Senior Children’s and Education Librarians (ASCEL) have written to the Minister for School Standards, Catherine McKinnell, to offer support with her programmes and to ask for an opportunity to discuss how school libraries can support the Government’s mission to break down barriers to opportunity

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

This 13-inch laptop I recommend for work travel is not a MacBook or a Dell

Collaboration 2.0

Lenovo's ThinkBook 13x Gen 4 has the lightweight and durable form factor the series is known for, with added integrations from the new Magic Bay, which makes swapping peripherals easy.

98
article thumbnail

Labour failed to respond on time to people’s requests for their data, says ICO

The Guardian Data Protection

Watchdog investigated after complaints from individuals who had sent subject access requests after 2021 cyberattack UK politics live – latest updates Labour has been criticised by the UK’s data protection watchdog for failing to respond to people who had formally asked the party for what information it held about them. The backlog mounted after a cyberattack on the party in October 2021, which led to a flood of requests from the public.

Access 65
article thumbnail

The tablet I recommend most for business travel is not an iPad or ThinkPad

Collaboration 2.0

The 11th-edition Surface Pro is Microsoft's first Copilot+ PC to hit the market, featuring a brilliant OLED display and snappy processor that's as versatile as it is efficient.