Tue.Oct 01, 2024

article thumbnail

Europe Begins Drafting AI Code of Practice

Data Breach Today

AI Act General Purpose AI Rules to be Enforced in 2025 The European Commission appointed a 13 member team to draft the general purpose artificial intelligence code of practice mandated by the AI Act. The commission on Monday announced four working groups that will oversee drafting of the rules.

article thumbnail

News agency AFP hit by cyberattack, client services impacted

Security Affairs

AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that impacted its IT systems and content delivery for partners. The media agency confirmed that the global news coverage remains unaffected, however some client services were impacted.

Passwords 134
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Third Party Zero-Day Bug Exploited in Rackspace Systems

Data Breach Today

Rackspace Scrambles to Patch Zero Day Dashboard Bug Rackspace confirmed that criminals exploited a zero day vulnerability in a ScienceLogic third-party application, forcing the cloud-hosting provider to take monitoring dashboards offline. ScienceLogic confirmed it issued a patch for the zero-day remote code execution vulnerability.

Cloud 190
article thumbnail

News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus

The Last Watchdog

Pittsburgh, PA, Oct. 1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform. Founded by a team of researchers from Carnegie Mellon, the company’s focus has evolved from research, development, and education to a product company centered arou

Security 113
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Jana Partners Increases Stake in Rapid7, Eyes Potential Sale

Data Breach Today

Activist Investor Pressures Cybersecurity Firm to Pursue Operational Changes, Sale Jana Partners has raised its stake in cybersecurity vendor Rapid7 to 13% and is pushing for the company to consider selling itself. The activist investor teamed up with Cannae Holdings and is engaged in discussions with Rapid7's management to explore operational improvements and board restructuring.

Sales 190

More Trending

article thumbnail

Dragos Boosts OT Defense with Network Perception Acquisition

Data Breach Today

Network Configuration Startup Adds Visualization Expertise to Dragos’ OT Platform Dragos' acquisition of Network Perception will enrich its real-time network monitoring with robust visualization and configuration analysis tools. This transaction aims to bolster the security of operational technology networks and support customers in building more defensible architectures.

Security 190
article thumbnail

UMC Health System diverted patients following a ransomware attack

Security Affairs

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack. “However, out of an abundance of caution, we will continue to temporarily divert incoming emergency and non-emergency patients via ambulance to

article thumbnail

Experts Warn CISA’s Threat Sharing is in a 'Death Spiral'

Data Breach Today

US Cyber Defense Agency’s Flagship Threat Sharing Initiative Facing Major Hurdles Experts told Information Security Media Group the Cybersecurity and Infrastructure Security Agency’s flagship threat sharing initiative faces major logistical hurdles and may need to be replaced with a more mature approach to automated threat analysis following a damning Inspector General report.

article thumbnail

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Cloud 125
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

LockBit and Evil Corp Targeted In Anti-Ransomware Crackdown

Data Breach Today

UK Police Say Evil Corp 'Right-Hand Man' Was Also a LockBit Affiliate Law enforcement from the United States, United Kingdom, France and Spain made a coordinated announcement Tuesday of further arrests, indictments, sanctions and server takedowns targeting the Russian cybercriminal underground including strikes against the LockBit ransomware-as-a-service operation.

article thumbnail

The Rise of Deepfake Scams: A Wake-Up Call After US Senator Becomes Latest Victim

KnowBe4

In an era where technology continues to blur the lines between reality and fiction, a recent incident involving U.S. Senator Ben Cardin serves as a stark reminder of the growing threat posed by deepfake scams.

111
111
article thumbnail

Will AI Middle Managers Be the Next Big Disruption?

Data Breach Today

Autonomous AI Is Transforming the Workforce. Here's What Managers Can Expect With its advanced - and evolving - capabilities, AI is integrated into most business processes and tasks, becoming nearly indispensable across industries. Its impact on the workforce is, thus, unsurprising and raises a familiar question: Can the technology take over jobs?

IT 183
article thumbnail

Vulnerability Recap 10/01/24 – NVIDIA, Ivanti & Newcomer Kia See Issues

eSecurity Planet

This week was relatively quiet regarding new vulnerabilities, but we’re seeing a few issues, like flaws in WhatsApp Gold and NVIDIA. Additionally, researchers published a report on a Kia dealer portal vulnerability that’s since been fixed but affected millions of vehicles. The flaw could have allowed RCE on vehicles, including unlocking the car, tracking its travel patterns, and causing it to honk.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Logpoint Strengthens SIEM by Acquiring Muninn AI-Powered NDR

Data Breach Today

Purchase Adds Advanced AI Network Detection to Logpoint's Threat Response Toolbox Logpoint acquires Muninn to integrate its AI-based NDR technology, enhancing threat detection and response capabilities in its SIEM platform. This move supports Logpoint's mission to defend OT and ICS systems against ransomware attacks by combining visibility from networks and applications.

article thumbnail

Threat Actors Behind MFA Bypass Service ‘OTP Agency’ Plead Guilty to Fraud

KnowBe4

The criminal prosecution of the threat actors behind the "OTP Agency" has highlighted an ingenious new tactic that cybercriminals can use to bypass multi-factor authentication.

article thumbnail

White House Pledges Major Deliverables at Ransomware Summit

Data Breach Today

International Counter Ransomware Initiative to Unveil New Efforts to Combat Threats The International Counter Ransomware Initiative is kicking off a four-day summit Monday in Washington that aims to coordinate the group’s 68 member nations around a series of global efforts designed to enhance information sharing and develop strategies to deter ransomware attacks.

article thumbnail

[Cybersecurity Awareness Month] Responding to Cyber Incidents the ‘Inside Man’ Way: Fiona's Approach

KnowBe4

In a world where cybersecurity incidents are no longer a matter of if they will happen, but when, having a solid incident response plan is a critical component of cyber resilience and business continuity.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Evil Corp Protected by High-Ranking FSB Official, Police Say

Data Breach Today

UK National Crime Agency Details Kremlin-Cybercrime Connection Russian intelligence agencies tasked the notorious Russian-speaking cybercrime syndicate Evil Corp with conducting cyberattacks and cyberespionage operations on behalf of the Russian government, British police said Tuesday. Evil Corp has stolen at least $100 million from victims.

article thumbnail

I tried a blood-pressure monitoring watch, and it was surprisingly accurate (when it worked)

Collaboration 2.0

Regular measurement is one way to accurately gauge your level of hypertension. Wrist-based blood pressure monitoring remains elusive, but YHE offers a method that appears better than the rest.

IT 98
article thumbnail

Practical Steps to Securing Your OT Environment

Data Breach Today

Operational Technology (OT) security requires specialized strategies beyond traditional IT approaches.

Security 163
article thumbnail

New Survey Shows 40% of Respondents Never Received Cybersecurity Training From Their Employer

KnowBe4

Yubico has published a survey of 20,000 people from 10 countries around the world, finding that 40% of respondents have never received cybersecurity training from their employer.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Hacking ChatGPT by Planting False Memories into Its Data

Schneier on Security

This vulnerability hacks a feature that allows ChatGPT to have long-term memory, where it uses information from past conversations to inform future conversations with that same user. A researcher found that he could use that feature to plant “false memories” into that context window that could subvert the model. A month later, the researcher submitted a new disclosure statement.

IT 93
article thumbnail

Above the storms: How satellite tech can be a lifesaver during natural disasters

Collaboration 2.0

Hurricane Helene's devastation highlights a need for more people to have easier access to satellite messaging. Here are your options right now.

Access 98
article thumbnail

7 Steps to Prepare for PCI DSS Audit Success

IT Governance

Organisations that process, transmit and/or store cardholder data or SAD (sensitive authentication data), or can affect their security, must comply with the PCI DSS (Payment Card Industry Data Security Standard). This is an international information security standard designed to: Enhance account data (cardholder data and SAD) security; and Facilitate the adoption of consistent data security measures globally.

article thumbnail

My favorite Garmin sports watch ever just got a new version, and it costs $200 less

Collaboration 2.0

The Enduro 2 was the battery champ a couple of years ago. The Enduro 3 now takes the title while launching for $200 less than its predecessor.

IT 97
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence

WIRED Threat Level

UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.

article thumbnail

Sick of ads on Android? Change these 5 settings for more privacy - fast

Collaboration 2.0

If you care about your phone privacy, consider tweaking these settings to prevent Android from targeting you with ads. Here's how.

Privacy 98
article thumbnail

OpenText Reimagines Information at Financial Services Summit in NYC 

OpenText Information Management

OpenText is presenting the Financial Services Summit 2024 , which taking place on Oct. 2 at 48 Wall Street, New York City. This exclusive in-person event focuses on harnessing AI to enhance trust and regulatory compliance in the financial services industry. At this world-class summit, attendees will gain insights into leveraging AI for enhanced customer interactions and seamless compliance from industry leaders.