Data Breach Today

JANUARY 31, 2024

Company Starts Patch Rollout for Flaws Exploited by Likely Chinese Intelligence Op Corporate VPN maker Ivanti on Wednesday began a belated patch rollout for zero-day flaws that many cybersecurity firms say paved the way for an espionage hacking operation likely conducted by China. Ivanti also disclosed two more zero-days and told customers that hackers are exploiting one of them.

Cybersecurity 296

Cybersecurity 296

Security Affairs

JANUARY 31, 2024

Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. On October 27th, the Cybernews research team discovered a misconfigured web server with backups and development code references allegedly belonging to the fintech company

Metadata 140

Metadata Passwords Risk Cybersecurity 140

Data Breach Today

JANUARY 31, 2024

FBI and CISA Detail Operation to Prevent Chinese Attacks on Critical Infrastructure The FBI launched a court-authorized sting operation against a Chinese hacking group known as Volt Typhoon, partnering with the Cybersecurity and Infrastructure Security Agency and a cohort of U.S. cyber agencies to prevent a major attack on the nation’s critical infrastructure sectors.

Cybersecurity 286

Cybersecurity Security 286

Security Affairs

JANUARY 31, 2024

Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited in the wild. Ivanti is warning of two new high-severity vulnerabilities in its Connect Secure and Policy Secure solutions respectively tracked as CVE-2024-21888 (CVSS score: 8.8) and CVE-2024-21893 (CVSS score: 8.2). The software company also warned that one of these two vulnerabilities is under active exploitation in the wild.

Authentication 134

Authentication Security Cybersecurity Access 134

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

JANUARY 31, 2024

Not a Good Look: Hijacked @SECgov Social Media Account Spews Bitcoin Rumors Social media accounts - especially those tied to government agencies, big-name companies and high-profile individuals - continue to be a top target for takeover by fraudsters and scammers, especially when it comes to X, formerly known as Twitter. What's the best way to keep these accounts secure?

Government 291

Government Security IT 291

Data Breach Today

JANUARY 31, 2024

Private Equity-Owned Firm Lets 280 People Go, Moves Jobs to Argentina and Ireland Silicon Valley email security firm Proofpoint is laying off 280 positions two months into the tenure of Sumit Dhawan as its chief executive officer. A company spokesperson said Proofpoint anticipates moving half the eliminated positions to overseas units in Argentina and Ireland by midyear.

Security 270

Security IT 270

The Last Watchdog

JANUARY 31, 2024

San Francisco, Calif., Jan. 31, 2024 – Reken, an AI & cybersecurity company, today announced the close of its $10M oversubscribed seed round, led by Greycroft and FPV Ventures. Other investors in the round include Firebolt Ventures, Fika Ventures, Omega Venture Partners, Homebrew, and JAZZ Venture Partners. The funding will be used for core research and development to build new AI technology and products to protect against generative AI threats, such as deepfake social engineering and autono

Artificial Intelligence 100

Artificial Intelligence Education Cybersecurity Analytics 100

Data Breach Today

JANUARY 31, 2024

The Water and Wastewater Sector Faces Growing Cybersecurity Risks, Officials Warn Leaders from the U.S. water sector testified to the House subcommittee on environment, manufacturing and critical materials that entities across the country face funding and resource disparities as the increasingly vulnerable industry faces emerging threats from domestic and foreign cyber actors.

Manufacturing 266

Manufacturing Cybersecurity Risk 266

Security Affairs

JANUARY 31, 2024

Crooks stole around $112 million worth of Ripple XRP from the crypto wallet of Ripple’s co-founder Chris Larsen. This week, crooks stole around $112 million worth of the Ripple-focused cryptocurrency XRP from a crypto wallet belonging to the Ripple’s co-founder and executive chairman Chris Larsen. Larsen pointed out that the hackers compromised his personal XRP accounts, while the @Ripple was not impacted.

Access 136

Access Security IT Information Security 136

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

JANUARY 31, 2024

Information-Sharing Groups Call Reporting Requirements 'Too Costly, Overreaching' Multiple Information Sharing and Analysis Centers decried a proposed incident reporting measure for vendors selling to the U.S. federal government as being costly and ineffective. The proposal will affect three of every four contracts in which the government is a contracting party.

Government 251

Government 251

Security Affairs

JANUARY 31, 2024

German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to. The police in Saxony, Germany, have seized 50,000 Bitcoin (more than $2.1 billion at the current exchange rate) from the former operator of the now-defunct piracy site movie2k. “This is the most extensive security of Bitcoins by law enforcement authorities in the Federal Republic of Germany to date.” reads the press release published by the German police.

IT 128

IT Security Information Security 128

Data Breach Today

JANUARY 31, 2024

Getting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.

Cybersecurity 255

Cybersecurity Government IT 255

Security Affairs

JANUARY 31, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apple improper authentication bug, tracked as CVE-2022-48618 , to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability can allow an attacker with arbitrary read and write capability to bypass Pointer Authentication.

Authentication 132

Authentication IT Cybersecurity Risk 132

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

JANUARY 31, 2024

Also: Safeguarding AI Vulnerabilities From Cyber Adversaries In the latest "Proof of Concept," Sam Curry of Zscaler and Heather West of Venable assess how vulnerable AI models are to potential attacks, offer practical measures to bolster the resilience of AI models and discuss how to address bias in training data and model predictions.

238

238

KnowBe4

JANUARY 31, 2024

The US Federal Bureau of Investigation (FBI) has issued an alert warning that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to pick up the items for safekeeping.

Security 115

Security 115

Data Breach Today

JANUARY 31, 2024

Getting the health sector to vastly improve its state of cybersecurity will take much more than the recent issuance of new federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.

Cybersecurity 219

Cybersecurity Government IT 219

Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. The rules put control of that data back in the hands of ordinary Americans, while at the same time undermining the data broker economy and increasing customer choice and competition.

Financial Services 109

Financial Services Privacy Personal data Marketing 109

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

JANUARY 31, 2024

For nearly two years, police have been tracking down the culprit behind a wave of hoax threats. A digital trail took them to the door of a 17-year-old in California.

Security 110

Security 110

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways.

Authentication 125

Authentication Military Security Communications 125

KnowBe4

JANUARY 31, 2024

New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and smallest organizations worldwide.

Ransomware 111

Ransomware Security 111

IBM Big Data Hub

JANUARY 31, 2024

Sourcing isn’t just a concern for procurement teams. With rising consumer and stakeholder expectations around ethical and responsible supply chains, who supplies your organization’s goods and services is also a C-suite consideration. The sourcing process sits within supply chain management and is used for identifying, vetting and selecting the best suppliers.

Marketing 91

Marketing Manufacturing Artificial Intelligence Sales 91

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Cloud

Thales Cloud Protection & Licensing

JANUARY 31, 2024

ESG Research Unearths Critical Insights for Future-Proofing Encryption and Key Management madhav Thu, 02/01/2024 - 05:14 Encryption and key management are critical defenses against data breaches and cyber threats in the evolving digital landscape. A comprehensive study by ESG Research, commissioned by Thales, sheds light on emerging trends, operational challenges, and strategic advancements in this vital field.

Encryption 83

Encryption Cloud Compliance Data breaches 83

IBM Big Data Hub

JANUARY 31, 2024

The distinction between “internal” and “external” networks has always been somewhat false. Clients are accustomed to thinking about firewalls as the barrier between network elements we expose to the internet and back-end systems that are only accessible to insiders. Yet as the delivery mechanisms for applications, websites and content become more decentralized, that barrier is becoming more permeable.

Risk 90

Risk IT Access Security 90

KnowBe4

JANUARY 31, 2024

Linking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are not engaged.

Compliance 89

Compliance 89

WIRED Threat Level

JANUARY 31, 2024

Plus: Google fixes dozens of Android bugs, Microsoft rolls out nearly 50 patches, Mozilla squashes 15 Firefox flaws, and more.

Security 90

Security 90

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

IG Guru

JANUARY 31, 2024

Check out the article here. The post Inside a Global Phone Spy Tool Monitoring Billions via 404 media first appeared on IG GURU.

Risk 81

Risk Information Security Security 81

John Battelle's Searchblog

JANUARY 31, 2024

Reading Ben Thompson’s coverage of Google’s earnings call this week, one thing jumps out, and simply can’t be ignored: Google CEO Sundar Pichai was asked a simple question, and, as Thompson points out, Pichai dodged it completely. A Merril analyst asked this question : “Just wondering if you see any changes in query volumes, positive or negative, since you’ve seen the year evolve and more Search innovative experiences.” Here’s Pichai’s answer: 

Cloud 64

Cloud IT Access Artificial Intelligence 64

OpenText Information Management

JANUARY 31, 2024

At Manutan Group, we equip businesses and communities with the products and services they require to succeed. Headquartered in France, our group has three divisions, serving companies, local authorities, and tradespeople, employing 2,100 people across 26 subsidiaries. For more than 50 years, we’ve stayed one step ahead of market trends to shape a compelling product … The post Manutan Group combines digital services with the human touch to delight customers appeared first on OpenText Blogs.

Marketing 64

Marketing Customer Experience Communications Retail 64