Data Breach Today
JULY 25, 2024
Also: Russian DDoS Hacktivists; Verizon Settles With US FTC and Windows 10 This week, ICANN warned of phishing, BreachForums data was leaked, police arrested alleged pro-Russian hackers, the U.K shut down a DDoS booter site, the EU gave Meta a deadline, Russia decried U.S. sanctions, Verizon settled on breaches, and Windows 10 security support will end in October 2025.
Security Affairs
JULY 25, 2024
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score of 10.0), in certain versions of Docker Engine can allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. “An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the Aut
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 25, 2024
Also: WazirX Updates; Fractal ID Breach Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Tornado Cash saw an uptick in use, updates on the WazirX exploit were released, Fractal ID and LI.FI published breach postmortems, and the U.S. moved to recover pig-butchering losses.
Schneier on Security
JULY 25, 2024
I am the Chief of Security Architecture at Inrupt, Inc. , the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture. Details are here , but basically a digital wallet is a repository for personal data and documents. Right now, there are hundreds of different wallets, but no standard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
JULY 25, 2024
$5.4 Billion in Losses Estimated for 500 Largest Public US Firms - Except Microsoft Expect the healthcare and banking sectors to record the greatest direct losses in the U.S. as a result of the global disruptions caused by a faulty CrowdStrike software update crashing Windows systems, an underwriting agency reported, forecasting Fortune 500 direct losses of $5.4 billion.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 25, 2024
Hackers Spread Malicious Recovery Files and Certificates Friday's global computer outage caused by an update gone wrong from cybersecurity firm CrowdStrike continues to bring out hucksters seeking to capitalize on the incident. Hackers began milking it almost immediately, and self-proclaimed hacktivist group USDoD appears to be the latest.
Security Affairs
JULY 25, 2024
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray expressed growing concerns over the potential for a coordinated foreign terrorist attack in the United States. During his testimony to the House Oversight Committee, Mr.
Data Breach Today
JULY 25, 2024
United States Charges North Korean Hacker for Attacks on Hospitals and Healthcare The U.S. is offering a $10 million reward for information leading to the arrest of suspected North Korean hacker Rim Jong Hyok after authorities indicted him for involvement in the regime's Andariel hacking group. Hyok is charged with conspiracy to commit computer hacking and money laundering.
WIRED Threat Level
JULY 25, 2024
A controversial new surveillance system in Paris foreshadows a future where there are too many CCTV cameras for humans to physically watch.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
JULY 25, 2024
NHS Blood and Transplant Urges Hospitals to Restrict the Use of O-Negative Blood The U.K. National Health Service is urging hospitals across the country to limit the use of rare O-negative type blood after a ransomware attack on a British laboratory service provider crippled blood donations across the country. National blood stocks are at "unprecedentedly low levels.
Security Affairs
JULY 25, 2024
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes.
Data Breach Today
JULY 25, 2024
Simplifying your transition to a hybrid cloud environment while ensuring data security and app integration When you move to a hybrid cloud environment consideration must be given to how data is secured and synchronized during and after the transfer.
KnowBe4
JULY 25, 2024
Frequently Asked Questions About KnowBe4's Fake IT Worker Blog July 23, 2024, I wrote a blog post about how KnowBe4 inadvertently hired a skillful North Korean IT worker who used the stolen identity of a US citizen. He participated in several rounds of video interviews and circumvented background check processes commonly used. The intent was to share an organizational learning moment, so you can make sure this does not happen to you.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Data Breach Today
JULY 25, 2024
Bank Execs at Senate Hearing Defend Zelle Reimbursements, Payment Fraud Programs During a hearing Tuesday, U.S. Sen. Richard Blumenthal, D-Conn., revealed that Bank of America, JPMorgan Chase and Wells Fargo only reimbursed 38% of unauthorized Zelle transactions - leaving consumers on the hook for $100 million in fraud losses. The banks disputed the committee's findings.
Collaboration 2.0
JULY 25, 2024
Enabling Private DNS Mode on Android means your searches and other DNS queries are encrypted and safe from prying eyes. Here's everything else you need to know.
Data Breach Today
JULY 25, 2024
Company Seeks to Expand Globally and Grow Its US Public Sector Presence A supply chain security firm led by an ex-Google Cloud engineer closed a Series C round to assist AI workloads and expand its open-source software catalog. Chainguard raised $140 million just eight months after completing a $61 million Series B funding round, tripling its valuation to $1.12 billion.
Collaboration 2.0
JULY 25, 2024
I love my Amazon Echo Show, but I find some of its behaviors distracting, triggering, presumptuous, and just plain pushy. Fortunately, there are easy fixes.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Data Breach Today
JULY 25, 2024
Sam Curry and Heather West on Authentication, AI Labelling and Adaptive Security As deepfakes evolve, they pose significant cybersecurity risks and require adaptable security measures. In this episode of "Proof of Concept," Sam Curry of Zscaler and Heather West of Venable discuss strategies for using advanced security tactics to outpace deepfake threats.
Collaboration 2.0
JULY 25, 2024
The Arrowmax SES ultra mini power screwdriver kit combines high-quality hardware with customizable settings, and its one of the first I've seen with its own display.
Data Breach Today
JULY 25, 2024
State-Sponsored Hacking Group Andariel Tied to Active and Sophisticated Campaigns A North Korean hacking group notorious for carrying out large-scale cyberattacks against government institutions and critical infrastructure, and developing ransomware, is expanding operations to target the healthcare, energy and financial sectors, warn threat intelligence researchers at Mandiant.
IT Governance
JULY 25, 2024
All organisations that transmit, process or store payment card data, or affect its security, must meet the requirements of the PCI DSS (Payment Card Industry Data Security Standard). The currently applicable version of the PCI DSS is v4.0.1 , a limited revision to PCI DSS v4.0. The PCI DSS consists of a standardised, industry-wide set of requirements and processes for: Policies; Procedures; Software design; Security management; Network architecture; and Critical protective measures.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Data Breach Today
JULY 25, 2024
Litigation Alleges Vendor Took 2 Years to Discover Data Theft After Hack Software vendor MCG Health has agreed to pay $8.8 million to settle a consolidated proposed federal class action lawsuit involving a 2020 hacking incident. The suit claims the company took two years to identify and report a data theft that affected about 1.1 million people.
KnowBe4
JULY 25, 2024
Check out the July updates in Compliance Plus so you can stay on top of featured compliance training content.
Collaboration 2.0
JULY 25, 2024
The new Apple Maps website helps you find businesses, view guides to hot spots, and get walking or driving directions, if you're using a supported browser.
The Last Watchdog
JULY 25, 2024
Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. Related: Microsoft blames outage on EU A flawed update to CrowdStrike’s Falcon security software caused millions of computers running Microsoft Windows to display the infamous blue screen of death.
Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage
Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.
Collaboration 2.0
JULY 25, 2024
We rounded up the best MP3 players from Sony, Fiio, and more that can sync with services like Spotify to let you listen to your music without a phone.
Schneier on Security
JULY 25, 2024
Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows computers, and the cost will surely be in the billions of dollars easily matching the most costly previous cyberattacks, such as NotPetya.
Collaboration 2.0
JULY 25, 2024
We tested the best iPad Air cases from brands like Logitech, Apple, and more -- so you can protect your device while keeping it stylish and functional.
Expert insights. Personalized for you.
291 
Let's personalize your content