Wed.Oct 02, 2024

article thumbnail

Cybercrime is Still Evil Incorporated, But Disruptions Help

Data Breach Today

Naming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police Say Western law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as the psychological fallout criminal syndicates face when members get named, indicted and sanctioned.

298
298
article thumbnail

Telegram revealed it shared U.S. user data with law enforcement

Security Affairs

Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. The social media platform “potentially revealed” that it has shared the IP addresses or phone numbers of over 100 users with law enforcement.

IT 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Warnings Mount Over Fake North Korean IT Workers

Data Breach Today

German Domestic Intelligence Agency Says German Companies Have Fallen For Scam The German federal domestic intelligence agency is adding to warnings over North Korean IT workers obtaining remote work in Western tech companies. The world's most secretive and repressive regime looks for multiple ways to circumvent strict economic sanctions.

IT 288
article thumbnail

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Security Affairs

Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, two of which have been rated as critical. Of the 14 security flaws nine are rated high, and three are rated medium in severity. The flaws impact residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices.

IoT 141
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

How Are We Going to Fill 4.8 Million Cybersecurity Jobs?

Data Breach Today

CISO Jon France on Talent Shortage, Skills Gap in ISC2's 2024 Workforce Study ISC2’s 2024 Cybersecurity Workforce Study warns of a stagnant workforce, a growing skills gap and a shortage of 4.8 million cybersecurity professionals worldwide. Despite increasing demand, many organizations struggle to fill critical roles, hindered by budget constraints and skills shortages.

More Trending

article thumbnail

Amazon CISO Amy Herzog on Embedding Security in Ring, Alexa

Data Breach Today

How Amazon Accelerates Product Development While Securing Customer Data Amy Herzog, chief information security officer for Ads and Devices at Amazon, shares how her cybersecurity team accelerates product development by integrating security from the start to secure customer data on popular consumer devices like Ring and Alexa.

Security 271
article thumbnail

Rhadamanthys information stealer introduces AI-driven capabilities

Security Affairs

The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorded Future’s Insikt group have documented the evolution of the Rhadamanthys info stealer. The malware was first identified in 2022, and since then it has been upgraded with advanced features, the latest version 0.7.0 introduces AI-driven capabilities for extracting cryptocurrency seed phrases from i

article thumbnail

UK ICO Fines Police Service Northern Ireland 750,000 Pounds

Data Breach Today

A 2023 Breach Exposed Personal Details of All PSNI Officers and Staff The U.K. data regulator the Police Service for Northern Ireland 750,000 pounds following a 2023 data breach that exposed personal details of the entire workforce. The U.K. Information Commissioner's Office determined the breach occurred when police attempted to respond to two open records requests.

article thumbnail

Police arrested four new individuals linked to the LockBit ransomware operation

Security Affairs

An international police operation led to the arrest of four individuals linked to the LockBit ransomware group, including a developer. Europol, the UK, and the US law enforcement authorities announced a new operation against the LockBit ransomware gang. The police arrested an alleged LockBit developer at France’s request while vacationing outside Russia and two individuals in the UK for supporting a LockBit affiliate.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Global Governments Release New Ransomware Response Guidance

Data Breach Today

Counter Ransomware Group Focuses on Timely Reporting, Avoiding Paying the Ransom New voluntary ransomware guidance released during the International Counter Ransomware Initiative meeting this week calls for victims to report attacks to law enforcement on a more timely basis - and involve more advisors in deciding whether to pay a ransom.

article thumbnail

Dick’s Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal Controls

KnowBe4

The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.

Security 131
article thumbnail

OpenAI Valuation Nearly Doubles to $157B After $6.6B Funding

Data Breach Today

Thrive Capital, Microsoft, SoftBank, Nvidia Reportedly Lead OpenAI's Latest Funding OpenAI’s new $6.6 billion round of funding has nearly doubled its valuation to $157 billion. With investments from Thrive Capital, Microsoft, SoftBank and Nvidia, OpenAI plans to expand its AI research while facing pressures around executive turnover and its transition away from a nonprofit model.

IT 173
article thumbnail

Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!

Security Affairs

Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor’s Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting to exploit a recently disclosed vulnerability, tracked as CVE-2024-45519, in Synacor’s Zimbra Collaboration. Starting on September 28, 2024, threat actors have been attempting to exploit the issue to achieve remote code execution on vulnerable instances.

IT 131
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

US DOJ Unveils New Strategic Approach to Counter Cybercrime

Data Breach Today

Justice Department Releases Cybercrime Plan, Focusing on Global Partnerships The United States Justice Department is coordinating its cybercrime defense mission under a new strategic approach released Wednesday that aims to enhance the collection of electronic evidence, bolster international collaboration and focus on disrupting significant cybercrime actors.

IT 173
article thumbnail

News alert: Aembit appoints former Snowflake security director Mario Duarte as its new CISO

The Last Watchdog

Silver Spring, MD, Oct. 2, 2024, CyberNewswire — Aembit , the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment to address pressing gaps in non-human identity security. Duarte’s journey in cybersecurity began with a passion for penetration testing, sparked by the 1980s cult classic film WarGames.

Security 130
article thumbnail

Hawaii Clinic Notifies 124,000 of Hack Credited to Lockbit

Data Breach Today

Data Leak Preceded Law Enforcement Crackdown on Group That Targets Health Sector A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. Lockbit 3.0 claims to have published the stolen records on its data leak site in June - months before global authorities this week disclosed a crackdown on the cybercrime gang.

IT 173
article thumbnail

U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-29824 (CVSS score of 9.6) to its Known Exploited Vulnerabilities (KEV) catalog.

IT 129
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

OpenAI's New Model is Berry Good at Deception

Data Breach Today

Strawberry Can Also Assist with Making Weapons that Wipe Out Humans OpenAI claims its new artificial intelligence model, designed to "think" and "reason," can solve linguistic and logical problems that stump existing models. Officially called o1, the model nicknamed Strawberry can deceiving users and help make weapons that can obliterate the human race.

article thumbnail

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

KnowBe4

The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus to Iranian and Middle Eastern affairs, such as current or former senior government officials, senior think tank personnel, journalists, activists, and lobbyists.

Phishing 119
article thumbnail

6 best practices for stellar software delivery management with OpenText™ ALM Octane 

OpenText Information Management

Software delivery management is critical for balancing speed, agility, and quality to ensure that organizations deliver innovation and high-quality applications faster. As teams grow and projects become more complex, tools like OpenTextâ„¢ ALM Octane play a vital role in managing the entire application lifecycle. ALM Octane is designed to optimize software development, testing, and delivery across teams, making it a powerful solution for software development and QA professionals.

article thumbnail

From Desire Paths to Security Highways: Lessons from Disney's Approach to User-Centric Design

KnowBe4

When Walt Disney first unveiled the Magic Kingdom, he made a decision that would revolutionize theme park design - and inadvertently offer a valuable lesson for cybersecurity professionals.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Ring finally adds 24/7 continuous recording to some subscription plans

Collaboration 2.0

The home security company introduces several more cool features to its Ring Protect Plan - now rebranded to Ring Home.

article thumbnail

California AI Safety Bill Vetoed

Schneier on Security

Governor Newsom has vetoed the state’s AI safety bill. I have mixed feelings about the bill. There’s a lot to like about it, and I want governments to regulate in this space. But, for now, it’s all EU. (Related, the Council of Europe treaty on AI is ready for signature. It’ll be legally binding when signed, and it’s a big deal.

article thumbnail

Raspberry Pi gets AI vision superpowers

Collaboration 2.0

Raspberry Pi's new AI camera is specifically designed from the ground up for AI applications.

98
article thumbnail

Supply chain visibility: 3 reasons tech investments fail to deliver ROI  

OpenText Information Management

Supply chain visibility is a key focus area for many organizations. Therefore, it’s no wonder that visibility, monitoring, analytics, and forecasting tools continue to be at the top of the list when it comes to supply chain technology investments. Despite companies understanding the importance of visibility and investing in tools to improve it, the results have not been great.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The budget Android tablet I recommend has a display that looks double the price

Collaboration 2.0

Blackview's Mega 1 is an 11.5-inch Android 13 tablet with a brilliant 120Hz display and 24GB of RAM at a surprisingly miniscule price point.

98
article thumbnail

KuppingerCole Names Thales a Leader in the Passwordless Authentication Market

Thales Cloud Protection & Licensing

KuppingerCole Names Thales a Leader in the Passwordless Authentication Market madhav Thu, 10/03/2024 - 06:26 The KuppingerCole Leadership Compass for Enterprises has recognized Thales OneWelcome as an Overall, Innovation, Product, and Market Leader in the Passwordless Authentication market. Analysts praise the platform for offering a versatile set of features designed to facilitate passwordless experiences for all user groups.

article thumbnail

How to add AI superpowers to your Raspberry Pi

Collaboration 2.0

The Raspberry Pi AI kit is affordable and straightforward to install - if you can find one.

94