Wed.Nov 13, 2024

article thumbnail

Schneider Electric Warns of Critical Modicon Flaws

Data Breach Today

Multiple Critical Vulnerabilities Expose Industrial Control Risks French multinational Schneider Electric disclosed critical vulnerabilities in its Modicon M340, Momentum and MC80 programmable automation controllers. The vulnerabilities could allow unauthorized access, data manipulation and system interruptions.

Risk 256
article thumbnail

China’s Volt Typhoon botnet has re-emerged

Security Affairs

China’s Volt Typhoon botnet has re-emerged, using the same core infrastructure and techniques, according to SecurityScorecard researchers. The China-linked Volt Typhoon’s botnet has resurfaced using the same infrastructure and techniques, per SecurityScorecard researchers. In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. and Guam without being detected.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Feds Warn of Godzilla Webshell Threats to Health Sector

Data Breach Today

Stealthy Backdoor Publicly Available on GitHub Can Be Weaponized for Larger Attacks Godzilla webshell, a Chinese-language backdoor known for its stealth and ability to execute commands and manipulate files, is now publicly available on GitHub, and federal authorities have issued a stern warning to the healthcare sector to prepare for this threat and inevitable cyberattacks.

IT 237
article thumbnail

Zoom addressed two high-severity issues in its platform

Security Affairs

Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.

IT 111
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Cybersecurity Education Needs a Team: Better Partner Up!

Data Breach Today

Here's How Schools, Certification Bodies, Boot Camps and Leaders Can Lend a Hand Across the security landscape, partnerships are becoming a cornerstone in developing agile, prepared professionals who can not only react to threats but anticipate and neutralize them. Here's how universities, certification bodies, boot camps and industry leaders can drive the industry forward.

Education 211

More Trending

article thumbnail

The Intractable Problem of AI Hallucinations

Data Breach Today

Solutions to Gen AI's 'Creative' Errors Not Enterprise-Ready, Say Experts The tech industry is rushing out products to tamp down artificial intelligence models' propensity to lie faster than you can say "hallucinations." But many experts caution they haven't made generative AI ready for scalable, high-precision enterprise use.

article thumbnail

FY2024 in Review: SEC Enforcement Actions Against Investment Advisers to Private Funds, Registered Funds, and Retail Clients

Data Matters

In its 2024 fiscal year, the U.S. Securities and Exchange Commission brought over 130 enforcement actions against investment advisers and their representatives. This Sidley Update highlights the key areas of focus and notable actions and litigation from the past fiscal year. The post FY2024 in Review: SEC Enforcement Actions Against Investment Advisers to Private Funds, Registered Funds, and Retail Clients appeared first on Data Matters Privacy Blog.

Retail 86
article thumbnail

US Prosecutors Charge Hackers in Snowflake Data Theft

Data Breach Today

DOJ Accuses Alleged Hackers of Stealing Terabytes of Data from Snowflake Victims The Justice Department unsealed an indictment against alleged hackers Connor Moucka and John Binns, accusing them of stealing data from the cloud platform Snowflake, extorting millions in bitcoin and stealing sensitive personal information from over 165 organizations and millions of individuals.

Cloud 165
article thumbnail

Don’t Repeal Section 230. Clarify It.

John Battelle's Searchblog

The 26 words that “changed the internet.” Image NYT. (This is a column I wrote for Signal360 , P&G’s companion publication for its Signal conference, which I co-produce. It’s always fraught to weigh in on this fundamental piece of Internet legislation, so I welcome your thoughts!) It’s difficult to find anything Congress agrees on these days, but when it comes to the much-misunderstood policy known as “ Section 230 ,” it’s unanimous: this piece of 20th-cen

IT 98
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

1Password’s New Co-CEO Model to Drive Growth, Security Focus

Data Breach Today

CEOs Jeff Shiner, David Faugno Eye Extended Access Management, Enterprise Scale With a new co-CEO model, 1Password's Jeff Shiner and David Faugno align product and operational leadership to build on the extended access management platform. Focusing on global partnerships and expansion, the company targets enhanced security for diverse workplace environments.

Security 147
article thumbnail

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. ShrinkLocker ransomware was first discovered in May 2024 by researchers from Kaspersky. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

article thumbnail

Protect Your Small & Mid-Sized Business from Cyber Threats This Holiday

Data Breach Today

As the holiday season approaches, small businesses face a heightened risk of cyber threats.

Risk 214
article thumbnail

Mapping License Plate Scanners in the US

Schneier on Security

DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The mobile scanners on cars are not mapped. The post Mapping License Plate Scanners in the US appeared first on Schneier on Security.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

7 things to know about Bluesky before you join - and why you should

Collaboration 2.0

It's not a direct replacement for Twitter (X), but Bluesky has a lot to offer those who want a fresh start in a decentralized, privacy-minded network.

Privacy 140
article thumbnail

Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges

WIRED Threat Level

Alan Filion, believed to have operated under the handle “Torswats,” admitted to making more than 375 fake threats against schools, places of worship, and government buildings around the United States.

article thumbnail

How to add PGP support on Android for added security and privacy

Collaboration 2.0

If you need to add encryption or digital signing to the Thunderbird email app (or other supporting apps) on Android, there's one clear and easy route to success.

Privacy 134
article thumbnail

Criminal Threat Actor Uses Stolen Invoices to Distribute Malware

KnowBe4

Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor “Hive0145” that’s using stolen invoice notifications to trick users into installing malware.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Upgrade to Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle

Collaboration 2.0

This lifetime license bundle deal gives you access to the entire Microsoft Office Pro 2021 suite and Windows 11 Pro for just $53 for a limited time.

Access 95
article thumbnail

These Guys Hacked AirPods to Give Their Grandmas Hearing Aids

WIRED Threat Level

Three technologists in India used a homemade Faraday cage and a microwave oven to get around Apple’s location blocks.

article thumbnail

Businesses must reinvent themselves in the age of agentic AI

Collaboration 2.0

Being prepared for reinvention is crucial in an AI-first future. This research suggests your architecture and mindset need to adapt accordingly.

131
131
article thumbnail

Fortifying Defenses Against AI-Powered OSINT Cyber Attacks

KnowBe4

In the ever-evolving landscape of cybersecurity, the convergence of Artificial Intelligence (AI) and Open-Source Intelligence (OSINT) has created new opportunities for risk.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

We tested the iPhone 16 Pro camera system, and it's highly underrated - with one tragic flaw

Collaboration 2.0

With a fix for Apple's computational photography and another huge video upgrade, the iPhone 16 Pro camera delivers lots of value. But its flagship feature is a bit of a letdown.

IT 88
article thumbnail

Deepfake Fraud – Defense Strategies for Banks, Lenders & Financial Institutions

Thales Cloud Protection & Licensing

Deepfake Fraud – Defense Strategies for Banks, Lenders & Financial Institutions madhav Thu, 11/14/2024 - 06:39 In the age of Generative Artificial Intelligence (Gen AI), banks and financial institutions face increasing threats from sophisticated fraud techniques, including deepfakes, through Identity Spoofing. This becomes especially concerning for lending institutions ‘giving’ money.

article thumbnail

How Amazon Haul aims to beat Temu and Shein with its $20-or-less store

Collaboration 2.0

If you're wary of purchasing from popular discount apps, you now have a new, more familiar option with 'crazy low prices'.

IT 99
article thumbnail

Improve safety using root cause analysis and strengthening information management

OpenText Information Management

The energy and resources sector including utilities, oil and gas, chemicals, and metals & mining is one of the most hazardous in the world. The top hazards range from explosions and fires, chemical exposure, electrical hazards, dropped objects, machine related injuries, slips and falls, and many more. Despite the hazardous nature, the safety performance has continually improved over the last 4 decades.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

One of the best cheap earbuds I've tested isn't made by Soundcore or Earfun

Collaboration 2.0

If you're tired of hearing the same old, over-driven, bass-enhanced EQ of most earbuds, the Soundpeats Air 5 delivers an almost studio-quality sound without breaking the bank.

81
article thumbnail

Six ways telcos can outpace their competitors

CGI

Telcos are under pressure to remain competitive due to challenges from both industry incumbents and new tech entrants, as well as customer demands and regulatory requirements. To address these pressures, this blog provides six ways for telcos to accelerate profitable growth and stay competitive.

52
article thumbnail

We tested the iPhone 16 Pro camera system, and it's highly underrated - with one tragic flaw

Collaboration 2.0

With a fix for Apple's computational photography and another huge video upgrade, the iPhone 16 Pro camera delivers lots of value. But its flagship feature is a bit of a letdown.

IT 80