Krebs on Security

MAY 23, 2024

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation c

Cloud 290

Cloud Education Government Communications 290

The Last Watchdog

MAY 23, 2024

AppSec has never been more challenging. By the same token, AppSec technology is advancing apace to help companies meet this challenge. Related: AppSec market trajectory At RSAC 2024 , I sat down with Bruce Snell , cybersecurity strategist at Qwiet.ai , to hear a break down about how Qwiet has infused it’s preZero platform, with graph-database capabilities to deliver SAST, SCA, container scanning and secrets detection in a single solution.

Marketing 278

Marketing Cybersecurity Security IT 278

Data Breach Today

MAY 23, 2024

Also: Spanish Hacker Alcasec Arrested Again This week, Fluent Bit contains a flaw, Microsoft is nuking VBScript, Irish police and the SEC face fines, a man was sentenced for BEC, a flaw was found in Netflix's Genie, an Australia university said it was breached and Black Basta claimed an attack, and hacker Alcasec was arrested again.

Cloud 298

Cloud IT 298

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018. The threat group focuses on entities in countries in the South China Sea, experts noticed TTP overlap with operations attributed to APT41.

Archiving 133

Archiving Military Communications Phishing 133

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

MAY 23, 2024

'Rare Tools' Employed in 'Operation Diplomatic Specter,' Threat Researchers Find Security researchers warn that an active Chinese global cyberespionage campaign continues to target at least nine different governments across Asia, the Middle East and Africa, and specializes in gaining and maintaining persistence to email servers to amass intelligence, sometimes daily.

Government 219

Government Security 219

Data Breach Today

MAY 23, 2024

Advisory Says Disconnecting ICS Reduces Exposure to Malicious Cyber Activities Rockwell Automation warned customers to disconnect industrial control systems from the internet, citing escalating cyberthreats and rising global geopolitical tensions. Disconnecting these systems is a proactive measure to reduce the attack surface.

248

248

WIRED Threat Level

MAY 23, 2024

Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases.

Privacy 117

Privacy Security 117

Data Breach Today

MAY 23, 2024

Also: Pump.fun Hack, Arrests in $73M Pig-Butchering Scam This week, Gala Games and Pump.fun were hacked; alleged pig-butchering scammers, Incognito admin and illicit banking racketeers were arrested; Pink Drainer was shut down; the U.S. House approved a crypto bill; a man pleaded guilty to wire fraud; and tech companies formed a scam-fighting coalition.

173

173

Security Affairs

MAY 23, 2024

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). A remote attacker can exploit the flaws to gain code execution under certain conditions. Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 an

Authentication 129

Authentication Security Information Security IT 129

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

MAY 23, 2024

First Purchase in Bugcrowd's History to Boost Attack Surface Management, Visibility Bugcrowd has acquired Informer to enhance its external attack surface management, giving customers better visibility and security. The integration will bring Bugcrowd's existing bug bounty and penetration testing offerings together with new capabilities such as brand impersonation detection.

Security 162

Security IT 162

WIRED Threat Level

MAY 23, 2024

The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site's users—and then refashioning himself as a legit crypto crime expert.

Marketing 113

Marketing Privacy Security 113

Data Breach Today

MAY 23, 2024

It's the Latest Hack Reported in Recent Weeks by an Ambulance Services Provider An Illinois-based air-ground ambulance company is notifying more than 858,000 individuals that their sensitive information was compromised in a hacking incident that happened about a year ago. The breach is the latest hack on an ambulance company reported to regulators in recent weeks.

IT 162

IT 162

OpenText Information Management

MAY 23, 2024

At Dairy Farmers of America , we work with more than 6,200 affiliated farms across the country. As a milk marketing cooperative, we’re owned by the farmers who produce our products—and wherever you live, you’re probably not far from one of our thousands of farmer-owners. Driving 24/7 operations Because dairy products have a relatively short shelf life, our production processes must run seven days a week, 365 days a year.

ECM 109

ECM Cloud Paper Marketing 109

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

MAY 23, 2024

Former White House, Symantec Executive Will Rejoin Government Reports say former White House cybersecurity official and cybersecurity executive Jeff Greene will join CISA to replace outgoing official Eric Goldstein as executive assistant director for cybersecurity, although the agency has not confirmed it.

Cybersecurity 147

Cybersecurity Government IT 147

Schneier on Security

MAY 23, 2024

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.

Privacy 104

Privacy Encryption Communications Marketing 104

KnowBe4

MAY 23, 2024

As someone who can barely keep up when my 10-year-old shows me around his Minecraft worlds, I was a bit apprehensive about writing a review of our gamified cybersecurity awareness module. But hey, maybe being a bit of a klutz at gaming might actually be beneficial from a test case point of view, and who doesn't like a challenge, right?

Cybersecurity 108

Cybersecurity Security 108

Security Affairs

MAY 23, 2024

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. This backdoor is attributed to the arsenal of APT41,a group whose origin is tied to China.

Encryption 110

Encryption Cybersecurity Government Security 110

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

KnowBe4

MAY 23, 2024

Companies have needed a website for the last 25 years at least. But where do you host your site? The techies at HostingAdvice decided to create an extremely thorough real-world review site to share their expertise. And clearly, your organization's website is an attack vector and so cybersecurity has become critical.

Cybersecurity 101

Cybersecurity Security 101

IBM Big Data Hub

MAY 23, 2024

Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle ( in transit , at rest and in use ), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its so

Encryption 87

Encryption Security Cloud Compliance 87

KnowBe4

MAY 23, 2024

Several phishing campaigns are targeting users of the Foxit PDF Reader, according to researchers at Check Point. Foxit is a popular alternative to Adobe Acrobat Reader for viewing PDF files.

Phishing 96

Phishing Security 96

HID Global

MAY 23, 2024

Mercury’s latest firmware update, Version 2.1, will provide Mercury LP controllers & the new line of Mercury MP Controllers enhanced cybersecurity, integration opportunities & other benefits.

Cybersecurity 52

Cybersecurity 52

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Cloud

Jamf

MAY 23, 2024

There are five notable challenges in DWM whose overarching theme boils down to just one: It’s security…but on multiple levels. Learn more about each of these challenges and how they contribute to your security posture, and what organizations can do to address them effectively.

Security 52

Security 52

CGI

MAY 23, 2024

How do organizations navigate fast-paced, complex, and ongoing change while, at the same time, mitigate risks and drive business outcomes across their enterprise? Adapting work habits, transforming processes, and improving performance through change management is key, but also a major hurdle. For example, more than half of the business and technology executives we interviewed as part of our latest CGI Voice of Our Clients research cite change management as their top constraint to achieving their

Risk 52

Risk 52

IG Guru

MAY 23, 2024

Check out the bill here. The post US Congress Prepares Bill to Create a National Artificial Intelligence Research Resource first appeared on IG GURU.

Artificial Intelligence 78

Artificial Intelligence Compliance 78

Data Protection Report

MAY 23, 2024

As we have previously written , the Texas comprehensive privacy law, known as the Texas Data Privacy and Security Act (TDPSA), goes into effect on Monday, July 1, 2024. As a reminder, unlike other states’ comprehensive privacy laws that are currently in effect, Texas does not include a minimum number of residents for applicability. Instead, the three criteria for applicability of the TDPSA are that the company: conducts business in this state or produces a product or service consumed by reside

Artificial Intelligence 45

Artificial Intelligence Personal data Data Privacy Privacy 45

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Archive-It

MAY 23, 2024

by the Archiving & Data Services team Community News Join us in Chicago! Aerial photo of the Harold Washington Library Center, Chicago Public Library Archive-It partners and friends are invited to join this year’s partner meeting on Wednesday, August 14th , to coincide with the Society of American Archivists’ ARCHIVES * RECORDS 2024 meeting in Chicago.

Archiving 26

Archiving IT Libraries Analytics 26