Fri.Aug 30, 2024

article thumbnail

Verkada Agrees to $2.95M Civil Penalty After Hacks

Data Breach Today

Cloud-Based Security Camera Firm Pledges Better Security Ion US FTC Settlement A California security camera company agreed to pay a $2.95 million civil penalty and implement a security program after hackers in 2021 accessed video from 150,000 internet-connected security cameras, including from devices placed inside psychiatric hospitals and women's health clinics.

Cloud 195
article thumbnail

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Security Affairs

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote attackers to execute arbitrary code on vulnerable Confluence installs.

Mining 141
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Dell Is Once Again Eyeing the Sale of MSSP Secureworks

Data Breach Today

Growth, Profitability and Stock Price Woes Have Dell Primed to Cash Out Its Chips Majority owner Dell is exploring a possible sale of Atlanta-based cybersecurity services vendor Secureworks, tapping investment bankers at Morgan Stanley and Piper Sandler to gauge takeover interest from potential acquirers, which include private equity firms, Reuters reported Thursday.

Sales 182
article thumbnail

Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw

Security Affairs

Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra released patches for two vulnerabilities in FileCatalyst Workflow. Once of the vulnerabilities is a critical issue, tracked as CVE-2024-6633 (CVSS score of 9.8) described as Insecure Default in FileCatalyst Workflow Setup.

Access 136
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

CISA and HHS Would Team Up in Health Sector Under House Bill

Data Breach Today

Bill Is Similar to Senate Proposals, But Will Congress Take Action Before Election? A bipartisan House bill aims to bolster cybersecurity in the healthcare sector by requiring stronger collaboration between CISA and the Department of Health and Human Services. The bill is a companion to nearly identical bipartisan legislation introduced in the Senate in July.

More Trending

article thumbnail

US Body to Assess OpenAI and Anthropic Models Before Release

Data Breach Today

The AI Safety Institute Will Evaluate Safety and Suggest Improvements AI companies OpenAI and Anthropic made a deal with a U.S. federal body to provide early access to major models for safety evaluations. The agreements are "are an important milestone as we work to help responsibly steward the future of AI," said U.S. AI Safety Institute Director Elizabeth Kelly.

Access 182
article thumbnail

Your KnowBe4 Fresh Content Updates from August 2024

KnowBe4

Check out the 29 new pieces of training content added in August, alongside the always fresh content update highlights, events and new features.

article thumbnail

RansomHub Hits Powered by Ex-Affiliates of LockBit, BlackCat

Data Breach Today

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in February Beware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

article thumbnail

Nearly Half of Mid-Market and Enterprise Organizations Have Experienced Four or More Ransomware Attacks in the Last Year

KnowBe4

New data exposes the reality of ransomware attacks today, including their frequency, impact, ransom payment – and the involvement of human error.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Indictment of Telegram CEO Threatens End-to-End Encryption

Data Breach Today

Telegram Messages Hard to Encrypt But CEO Faces Charges for Noncompliant Cryptology The arrest and indictment of Telegram CEO Pavel Durov is sparking concerns about the viability of encrypted communications in France. The Paris Prosecutor's Office indicted Durov, the 39-year-old Russian-born owner of Telegram on Wednesday, after arresting him Saturday night.

article thumbnail

Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

KnowBe4

Researchers at Netskope last month observed a 2000-fold increase in traffic to phishing pages delivered through Microsoft Sway.

Phishing 115
article thumbnail

ISMG Editors: CrowdStrike Competitors Analyze Outage, Impact

Data Breach Today

Also: UN Convention Against Cybercrime Efforts; Serving SMBs' Cybersecurity Needs In the latest weekly update, Information Security Media Group editors discussed how CrowdStrike's competitors are responding to its outage, why security vendors want to serve the unique needs of SMB organizations and the status of U.N. efforts to develop a treaty designed to combat cybercrime.

article thumbnail

U.S. Experiences 52% Increase in the Number of Ransomware Attacks in One Year

KnowBe4

New analysis of current ransomware attacks shows a massive focus on U.S. organizations, with growth spread across nearly every industry.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Wyze is testing a new AI feature that lets you search your video footage by keyword

Collaboration 2.0

Wyze's AI Video Search can help you scour hours of recordings much faster. Here's how to try it out.

IT 97
article thumbnail

U.S. FTC’s New Rule on Fake and AI-Generated Reviews and Social Media Bots

Data Matters

On August 14, 2024, the United States Federal Trade Commission (FTC) announced a final rule that prohibits fake and artificial intelligence-generated consumer reviews, consumer testimonials, and celebrity testimonials, along with other types of unfair or deceptive practices involving reviews and testimonials. This new rule is the latest development in the FTC’s increased rulemaking efforts and increased focus on AI, and will take effect on October 21, 2024.

article thumbnail

These 3 rumored iPhone 16 features should have you excited to upgrade

Collaboration 2.0

Apple's iPhone 16 is sizing up to be a huge launch thanks to a design change, better performance, and the long-awaited Siri upgrade.

97
article thumbnail

CILIP writes to Libraries Minister

CILIP

CILIP writes to Libraries Minister CILIP has written to Sir Chris Bryant, detailing how CILIP can support the new government’s key missions. Chief Executive Louis Coiffait-Gunn reached out to the MP after he was announced as heading up responsibility for public libraries. Sir Chris holds a dual role in Government, as Minister of State at the Department for Science, Innovation and Technology and the Department for Culture, Media and Sport.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Still have a Windows 10 PC? You have 5 options before support ends next year

Collaboration 2.0

Microsoft will officially end support for its most popular operating system in a little over a year. Here's what you should do with your Windows 10 PCs before that day arrives.

IT 76
article thumbnail

Ensuring SIEM data sovereignty: the case for on-prem OpenText ArcSight SIEM

OpenText Information Management

Given the critical nature of cybersecurity for industry sectors such as defense, healthcare, finance, and government, ensuring SIEM data sovereignty has never been more crucial. These organizations must balance the advantages of cloud-based SIEMs with the need for strict internal security controls. The urgency intensifies when existing on-prem SIEM solutions approach end-of-life due to vendor acquisition, threatening the continuity of their customized, heavily invested cybersecurity infrastructu

article thumbnail

AI development and agile don't mix well, study shows

Collaboration 2.0

Technical specialists must communicate regularly and openly with business peers to avoid AI failures.

article thumbnail

Data Archiving Best Practices

Record Nations

Data archiving is the method of shifting important, but inactive data to a low-cost storage location. The practice reduces storage costs while safely retaining old data for reference, analysis, or regulatory compliance. Archiving is designed for long-term data preservation. Archival features may vary based on your needs and provider. Storage solutions may incorporate data compression, Data Archiving Best Practices The post Data Archiving Best Practices appeared first on Record Nations.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

4 reasons I'm not upgrading to an iPhone 16 Pro from my iPhone 14

Collaboration 2.0

The iPhone 16 promises AI and a shiny new display, among other features, but is it worth the upgrade? Here's what could convince me to upgrade from my iPhone 14 Pro Max.

IT 75
article thumbnail

Navigating the AI/ML Talent Shortage

Adapture

As a leading IT solutions provider, Adapture understands the critical role that artificial intelligence (AI) and machine learning (ML) play in driving innovation and efficiency across industries of all types. However, the rapid growth in AI/ML applications has led to a significant talent shortage, posing challenges for businesses looking to leverage these technologies.

article thumbnail

6 reasons why iOS 18 makes the iPhone 16 a must-upgrade for me

Collaboration 2.0

iOS 18 is forcing me to upgrade my iPhone 12 Pro Max. Here's why.

75
article thumbnail

Bypassing the Gate: A closer look into Gatekeeper flaws on macOS

Jamf

Jamf Threat Labs discovered a Gatekeeper vulnerability in macOS that may lead to the execution of an unsigned and unnotarized application without displaying appropriate security prompts to the user. Read on to learn more about our findings.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

7 things I never do with a new Linux installation (and why)

Collaboration 2.0

Linux is a powerful and user-friendly operating system that allows you to do far more than you can with Windows. There are, however, some things you should never do.

75
article thumbnail

Friday Squid Blogging: Economic Fallout from Falklands Halting Squid Fishing

Schneier on Security

Details. Blog moderation policy.

101
101
article thumbnail

This Android phone has thermal vision superpowers - and I keep finding uses for it

Collaboration 2.0

The Blackview BL9000 Pro is a rugged Android with an impressive battery life, but its handful of niche features make it stand out from the crowd.

IT 75