Wed.Nov 22, 2023

article thumbnail

Election Integrity Fears in Europe Provoke Joint Exercise

Data Breach Today

Cybersecurity and Deepfakes Are Major Concerns European electoral and cybersecurity authorities on Tuesday held a joint exercise assessing plans to hold an incident-free election, weeks after trading bloc cybersecurity agency ENISA said the election is at risk from deepfake images and videos.

article thumbnail

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

Honeypots 135
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Australia Unveils AU$587M Strategy to Defeat Cybercrime

Data Breach Today

Australia Envisions Cybersecurity Leadership in the Pacific With New Strategy The Australian government says it will mandate ransomware reporting by businesses, boost law enforcement capacity and fund startups with innovative cybersecurity solutions under a strategy unveiled Monday. "We cannot continue as we have," said Cyber Security and Home Affairs Minister Clare O'Neil.

article thumbnail

10 cybersecurity questions for elected officials

CGI

Founded in 1976, CGI is among the largest IT and business consulting services firms in the world. We are insights-driven and outcomes-based to help accelerate returns on your investments.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Founder Sam Altman Back as OpenAI CEO Under Revamped Board

Data Breach Today

Ex-Salesforce CEO Taylor to Chair Initial 3-Member Board; Altman, Brockman Kept Off The nonprofit behind ChatGPT reinstated co-founder Sam Altman as its chief executive following a tumultuous 106 hours that saw OpenAI burn through two interim CEOs. Most of the board members responsible for firing Altman Friday gave up their director positions to get him back.

IT 267

More Trending

article thumbnail

CISA Urges Patching as Hackers Exploit 'Looney Tunables' Bug

Data Breach Today

Kinsing Threat Actor Observed Targeting Vulnerable Cloud Environments With New Flaw The Cybersecurity and Infrastructure Security Agency is requiring federal agencies to patch Linux devices on their networks and urging private sector organizations to do the same after security researchers observed threat actors exploiting a new vulnerability on many major Linux distributions.

Cloud 255
article thumbnail

SiegedSec hacktivist group hacked Idaho National Laboratory (INL)

Security Affairs

The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data. SiegedSec hacktivists group claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data. SiegedSec is a threat actor that last year carried out multiple attacks against U.S. organizations, especially U.S. municipalities.

article thumbnail

Phishing Attacks Expected to More Than Double During the Black Friday and Cyber Monday Shopping Week

KnowBe4

Another day, another warning about holiday scams! Lookout Inc., a data-centric cloud security company, is warning employees and businesses that phishing attacks are expected to more than double this week , based on historical data. With more corporate data residing in the cloud and a massive amount of employees still working remotely, mobile has become the endpoint of choice for the modern workforce.

Phishing 118
article thumbnail

Citrix provides additional measures to address Citrix Bleed

Security Affairs

Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability. Citrix is providing additional measures to admins who are patching their NetScaler appliances against the CVE-2023-4966 ‘ Citrix Bleed ‘ vulnerability. The company is urging admins to drop all active user sessions and terminate all persistent ones. “If you are using any of the affected builds listed in the security bulletin , you should upg

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Apple to Add Manual Authentication to iMessage

Schneier on Security

Signal has had the ability to manually authenticate another account for years. iMessage is getting it : The feature is called Contact Key Verification, and it does just what its name says: it lets you add a manual verification step in an iMessage conversation to confirm that the other person is who their device says they are. (SMS conversations lack any reliable method for verification­—sorry, green-bubble friends.

article thumbnail

Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack

Dark Reading

The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.

Cloud 117
article thumbnail

Visa Warns of Increased Phishing Scams During Holiday Season

KnowBe4

Visa Payment Fraud Disruption (PFD) expects phishing attacks to increase between November 2023 and January 2024. Findings in its Holiday Edition Threats Report outline the popular fraud tactics predicted this holiday season.

Phishing 109
article thumbnail

What Is Cloud Configuration Management? Complete Guide

eSecurity Planet

Cloud configuration management runs and regulates cloud configuration settings, parameters, and policies to streamline cloud services and assure security. This includes maintaining changes in virtual machines, storage resources, networks, and applications. Configuration management guarantees that enterprises maintain security and compliance while streamlining operations via automation and centralized control of their whole infrastructure environment.

Cloud 104
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

KnowBe4

A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber weaknesses.

Retail 102
article thumbnail

3 Ways to Stop Unauthorized Code From Running in Your Network

Dark Reading

As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code.

article thumbnail

Digital Skimming Increases by 50%, Just in Time for the Holiday Season

KnowBe4

Security researchers identify growth in the use of an ongoing cyberskimming campaign that involves compromising legitimate website checkout code.

Security 106
article thumbnail

Fake Browser Updates Targeting Mac Systems With Infostealer

Dark Reading

A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.

IT 106
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

What Is Cloud Security? Everything You Need to Know

eSecurity Planet

Cloud security protects your critical information from unwanted access and potential threats through sophisticated procedures. It’s critical in protecting your precious data while it travels to and sits in a remote storage location. Prioritizing cloud security helps guarantee that you have a safe, reliable resource for your data in today’s linked world.

Cloud 92
article thumbnail

Researchers Undermine 'Windows Hello' on Lenovo, Dell, Surface Pro PCs

Dark Reading

Biometric security on PCs isn't quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with.

article thumbnail

Thanksgiving Ode to Spotlight AI

Hanzo Learning Center

Recently, the team at Hanzo announced Spotlight AI , the first automated relevance assessment engine for eDiscovery. We’re delighted by its reception. Hanzo even won an award. As Thanksgiving approaches, we extend our warmest wishes to everyone celebrating this special occasion. May your day be filled with joy, surrounded by family and friends. In the spirit of gratitude and innovation, we present to you an "Ode to Spotlight AI.

IT 67
article thumbnail

Idaho National Nuclear Lab Targeted in Major Data Breach

Dark Reading

The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

The top 5 insights into post-pandemic digital supply chains

OpenText Information Management

As vital engines of the world economy, supply chains profoundly impact our daily lives as consumers. They are also an area of business operations full of intriguing contrasts and innovation. On the one hand, the fundamental problems that supply chain professionals are battling have changed little over time. The profession is still about managing and … The post The top 5 insights into post-pandemic digital supply chains appeared first on OpenText Blogs.

article thumbnail

The Persian Gulf's March to the Cloud Presents Global Opportunities

Dark Reading

Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027.

Cloud 97
article thumbnail

Winning the cloud game: Phoning the right friend to answer the cloud optimization question

IBM Big Data Hub

Cloud optimization is essential as organizations look to accelerate business outcomes and unlock the value of their data. At its core, cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application. But cloud optimization is also a lifecycle process that balances performance, compliance and cost to achieve efficiency.

Cloud 69
article thumbnail

Web Shells Gain Sophistication for Stealth, Persistence

Dark Reading

A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal.

110
110
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Predictions for the financial services industry in 2024

OpenText Information Management

The word ‘rollercoaster’ best sums up 2023. We’ve experienced economic, geopolitical, technological, and societal challenges over recent months with the ongoing cost-of-living crisis, high interest rates, inflation, global conflicts, catastrophic weather events, the rise in artificial intelligence such as ChatGPT, to name only a few. All of these elements have put pressure on the financial … The post Predictions for the financial services industry in 2024 appeared first on OpenText Blogs.

article thumbnail

Qatar Cyber Agency Runs National Cyber Drills

Dark Reading

Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes.

article thumbnail

In an FTC First, Proposed Order Requires Global Tel*Link Corp. to Notify Users and Facilities of Future Breaches

Hunton Privacy

On November 16, 2023, the Federal Trade Commission released a proposed order in connection with a complaint filed in August of 2020 against Global Tel*Link Corp. (“GTL”) and its subsidiaries, Telmate and TouchPay, which offers communication and payment services for incarcerated individuals. The complaint centered around a security breach where a technician for a vendor of GTL placed unencrypted, personally identifiable information in a test environment to test a new search and storage software.