Data Breach Today

SEPTEMBER 16, 2024

Intellexa Poised for a Comeback, Warn Researchers The U.S. Department of the Treasury ramped up pressure on makers and sellers of Predator commercial spyware through sanctions on five individuals and a Caribbean company accused of enabling tens of millions of dollars of surveillance malware transactions.

276

276

Security Affairs

SEPTEMBER 16, 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. The vulnerability CVE-2024-43461 is a Windows MSHTML platform spoofing issue. MSHTML is a platform used by Internet Explorer.

Archiving 141

Archiving File names Libraries Passwords 141

Data Breach Today

SEPTEMBER 16, 2024

Cloud Service Appliance Admin Panels Exposed a Pathway to the Internet for Hackers Customers of internet appliance maker Ivanti face yet another hackable vulnerability. The Utah company warned customers Friday about exploitation of a Cloud Service Appliance detected in the wild. Ivanti said the vulnerability doesn't affect version 5; it released a patch on Sept. 10.

Cloud 269

Cloud IT 269

Security Affairs

SEPTEMBER 16, 2024

A hacker tricked ChatGPT into providing instructions to make homemade bombs demonstrating how to bypass the chatbot safety guidelines. A hacker and artist, who goes online as Amadon, tricked ChatGPT into providing instructions to make homemade bombs bypassing the safety guidelines implemented by the chatbot. Initially, the expert asked for detailed instructions to create a fertilizer bomb similar to the one used in the 1995 Oklahoma City bombing, but the chatbot refused due to ethical responsibi

Mining 140

Mining IT Artificial Intelligence Information Security 140

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

SEPTEMBER 16, 2024

Preparing healthcare organizations to respond to and rebound from a disruptive ransomware attack is akin to implementing a "12-step program," said Dr. Eric Liederman, CEO of consultancy CyberSolutionsMD and recently retired long-serving director of medical informatics at Kaiser Permanente.

Ransomware 257

Ransomware 257

Data Breach Today

SEPTEMBER 16, 2024

At-Large Wu Song, 39, Faces 28-Count Criminal Indictment U.S. federal prosecutors indicted a Chinese national employed by a state-owned aerospace and defense conglomerate with a yearslong phishing campaign aimed at extracting software developed for NASA. Prosecutors said Song began sending out targeted emails in 2017.

Phishing 173

Phishing 173

Security Affairs

SEPTEMBER 16, 2024

D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694 , CVE-2024-45695 , CVE-2024-45697 , impacting three wireless router models. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcoded credentials.

Manufacturing 136

Manufacturing Security Access Risk 136

Data Breach Today

SEPTEMBER 16, 2024

Repeat IPOs Have Been Very Rare in Security. Don't Expect SailPoint to Change That. Thoma Bravo has begun interviewing underwriters as it explores an initial public offering for SailPoint, Bloomberg reported last week. The private equity firm hasn't finalized details, including the timing of a potential listing for the identity governance and administration vendor.

Government 162

Government Security IT 162

WIRED Threat Level

SEPTEMBER 16, 2024

Apple is launching its first stand-alone password manager app in iOS 18. Here’s what you need to know.

Passwords 130

Passwords IT Privacy Security 130

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

SEPTEMBER 16, 2024

5 Cybersecurity Firms Provide Large Pool of Government-Funded Espionage Resources China's cyberespionage campaigns, viewed as an extension of the communist regime's wider geopolitical moves, rely on civilian hackers from domestic security firms for much of their success. Researchers say these groups face off in intense rivalries for lucrative government contracts.

IT 162

IT Government Cybersecurity Security 162

The Last Watchdog

SEPTEMBER 16, 2024

Boston, MA, Sept. 16, 2024, CyberNewsWire — Entro Security , pioneer of the award-winning Non-Human Identity (NHI) and Secrets Management platform, today released its research report, “ 2025 State of Non-Human Identities and Secrets in Cybersecurity.” The Entro Security Lab found that 97% of NHIs have excessive privileges increasing unauthorized access and broadening the attack surface, and 92% of organizations are exposing NHIs to third parties, also resulting in unauthorized access if th

Security 130

Security Cybersecurity Risk Access 130

Data Breach Today

SEPTEMBER 16, 2024

New Security Measures Follow High-Profile Hacks of Snowflake Customers Data warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.

Passwords 162

Passwords Security 162

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. Apple wants to dismiss its lawsuit against NSO Group due to three key developments.

Risk 127

Risk Government Manufacturing IT 127

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

SEPTEMBER 16, 2024

Attackers Could Exploit Flaw to Run Malicious Code on Google' s, Customers' Servers Google patched a critical remote execution vulnerability in its cloud platform Cloud Composer service, "CloudImposer," which could have allowed attackers to compromise millions of servers, say researchers from Tenable. The CloudImposer vulnerability could lead to the Jenga Tower effect.

Cloud 162

Cloud IT 162

eSecurity Planet

SEPTEMBER 16, 2024

As cyber threats become increasingly sophisticated, integrating artificial intelligence (AI) into cybersecurity is more than a passing trend — it’s a groundbreaking shift in protecting our digital assets. As cyber-attacks grow increasingly complex, leveraging AI becomes crucial for staying ahead of emerging threats. Let’s dive into how AI and cybersecurity are transforming in today’s highly modern and complex times, explore their benefits and challenges, and see how they shape the fu

Security 123

Security Artificial Intelligence Analytics Cybersecurity 123

KnowBe4

SEPTEMBER 16, 2024

Research from The Financial Ombudsman Service, a U.K. based organization dedicated to helping citizens with free financial advice, has found an increase in Authorized Pushed Payment (APP) scams. These attacks are rising both in number and sophistication.

Security 118

Security 118

Schneier on Security

SEPTEMBER 16, 2024

CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things.

Cloud 108

Cloud Government Security 108

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

KnowBe4

SEPTEMBER 16, 2024

Can you help me with your input? I'd love your thoughts about AI in InfoSec. This is a super short survey that asks about any AI tools you use or would like, how you feel about AI effectiveness, how it may change your headcount, and how confident you are to address AI-related security risks. The most important thing I'm dying to hear about is your biggest concerns about AI in cybersecurity in your own words.

Cybersecurity 115

Cybersecurity Risk Security Artificial Intelligence 115

Collaboration 2.0

SEPTEMBER 16, 2024

With this new accessibility innovation from Synchron, the entire Amazon smart home ecosystem can be controlled hands-free and voice-free.

Access 98

Access 98

KnowBe4

SEPTEMBER 16, 2024

Business email compromise (BEC) attacks have caused more than $55 billion in losses between 2013 and 2023, according to an advisory from the U.S. Federal Bureau of Investigation (FBI).

Security 114

Security 114

Collaboration 2.0

SEPTEMBER 16, 2024

Here are the best new features coming with Apple's latest software version, available for the iPhone 16 and older models.

98

98

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

KnowBe4

SEPTEMBER 16, 2024

The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data.

Ransomware 111

Ransomware IT Phishing Security 111

Collaboration 2.0

SEPTEMBER 16, 2024

Microsoft has made Windows licensing and activation ridiculously complex. Here's what you need to know.

98

98

OpenText Information Management

SEPTEMBER 16, 2024

As a global society we rely on machines so much that it’s easy to take them for granted. We rely on machines to ensure water comes out of our faucets, heat our homes and businesses, fill our cars with petrol or electricity, construct and maintain roads, transport people and goods, provide medical images, and manufacturing more machines. Businesses and consumers rely on machines so much that exponentially more will be built, and their designs and operational performance will need to last longer w

Energy and Utilities 90

Energy and Utilities e-Delivery Analytics Mining 90

Collaboration 2.0

SEPTEMBER 16, 2024

Linux distros are ideal operating systems for educational environments for multiple reasons. A big one is that they're 100% free to download.

Education 98

Education 98

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Cloud

eSecurity Planet

SEPTEMBER 16, 2024

Recent vulnerability news disclosed significant endpoint vulnerabilities, including side-channel attacks, command injection, remote code execution (RCE), SQL injection, and keystroke interference. Notable events last week include the RAMBO attack, command injection problems in Progress Software’s LoadMaster, and several zero-day vulnerabilities in Microsoft products that may cause privilege escalation and RCE.

Encryption 88

Encryption Privacy Systems administration Risk 88

Collaboration 2.0

SEPTEMBER 16, 2024

This new WatchOS 11 feature will detect if you have abnormal breathing patterns while you sleep. Here's why this metric matters and which models will have it.

IT 98

IT 98

OpenText Information Management

SEPTEMBER 16, 2024

Legal innovation requires a growth mindset: seeking new ways to solve problems and effectively deliver impact, value, and improve outcomes. Technology continues to evolve, giving legal practitioners new opportunities to up their game and leverage innovation to increase efficiency and efficacy. Over the past decade, to keep pace with digital transformation, legal leaders have embraced automation and machine learning to optimize operations and improve business outcomes.

Analytics 69

Analytics Digital transformation Risk Paper 69