Data Breach Today
JULY 10, 2024
Nation-State Group APT40 Routinely Exploits Publicly Known Software Flaws The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The group exploits known software vulnerabilities to compromise networks.
Krebs on Security
JULY 10, 2024
The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions , a sprawling hosting provider that is a persistent source of cyberat
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 10, 2024
Mandatory Multifactor Authentication Among New Features Given to Administrators In the wake of multiple customers of Snowflake collectively losing terabytes of data to attackers, the cloud-based data warehousing platform has rolled out a swath of cybersecurity improvements, including allowing administrators to make multifactor authentication mandatory for all users.
WIRED Threat Level
JULY 10, 2024
Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
JULY 10, 2024
'Don't Panic,' Say Developers Security researchers identified an attack method against a commonly used network authentication protocol that dates back to the dial-up internet and relies on an obsolete hashing function. Researchers say "a well-resourced attacker" could make it practical.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 10, 2024
Monetary Authority Responds to Surge in Phishing Scams That Impersonate Banks The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Security Affairs
JULY 10, 2024
VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.
Data Breach Today
JULY 10, 2024
Cryptocurrency Exchange Platform 'Willfully Flouted US Anti-Money Laundering Laws' The once-leading cryptocurrency exchange platform known as BitMEX pleaded guilty Wednesday to willfully violating the Bank Secrecy Act and anti-money laundering laws to effectively serve as a money laundering vehicle from 2015 to 2020, according to the U.S. Department of Justice.
Security Affairs
JULY 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability CVE-2024-38080 Microsoft Windows Hyper-V Privilege Esc
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
JULY 10, 2024
Remote Access Trojan 'Poco RAT' Targets Mining, Manufacturing Sectors, Says Report A new report published by Cofense Intelligence identifies a malware called "Poco RAT" that is actively targeting mining and manufacturing sectors across Latin America through a simple remote access Trojan that could be capable of delivering additional malware for ransomware or data harvesting.
eSecurity Planet
JULY 10, 2024
Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed.
Security Affairs
JULY 10, 2024
A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts openssh versions 8.7p1 and 8.8p1.
KnowBe4
JULY 10, 2024
Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has been targeting the technology sector in order to launch supply chain attacks.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Security Affairs
JULY 10, 2024
IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the vulnerability to access sensitive information.
Collaboration 2.0
JULY 10, 2024
Long available for Android users, a Google Maps navigation perk is rolling out to iPhone users globally. Now, your speedometer and the current speed limit will appear in miles or kilometers depending on the region.
Security Affairs
JULY 10, 2024
Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope , TEMP.Jumper , Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, Red Ladon, TA423 , and Leviathan ) and its capability t
Collaboration 2.0
JULY 10, 2024
If you're concerned about your privacy, you should regularly clear your Google search cache on Android. Here's how to do this manually and set up auto-delete.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Security Affairs
JULY 10, 2024
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?
KnowBe4
JULY 10, 2024
Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment Card Industry (PCI QSA) auditor years ago, it has been a while since I looked into this.
Collaboration 2.0
JULY 10, 2024
With the new Galaxy Z Flip 6 launching, you may wonder if the new model is worth the upgrade and how it stacks up to the previous version. We'll help you compare.
WIRED Threat Level
JULY 10, 2024
Google is bringing the password-killing “passkey” tech to its Advanced Protection Program users more than a year after rolling them out broadly.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Collaboration 2.0
JULY 10, 2024
Samsung just unveiled its subscription-free Galaxy Ring, and the Ultrahuman Ring Air is a competitive subscription-free option. Which should you buy?
Thales Cloud Protection & Licensing
JULY 10, 2024
Thales Joins IBM Consulting to Accelerate PQC Readiness josh.pearson@t… Thu, 07/11/2024 - 07:01 With the US National Institute of Standards and Technology (NIST) post-quantum cryptographic standard expected to be published this summer, companies need to start navigating the migration to quantum-safe cryptography. The most sustainable and effective way to make cryptosystems resilient for the quantum era is to establish cryptographic agility, or crypto-agility for short.
Collaboration 2.0
JULY 10, 2024
Samsung's subscription-free smart ring is here, but you'll need to get your ring sized to fit before you can use it. Here's how to preorder and get the right size.
HID Global
JULY 10, 2024
Learn how facial recognition in healthcare simplifies patient check-ins and enhances efficiency. Explore the benefits of facial recognition in the medical field.
Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage
Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.
Collaboration 2.0
JULY 10, 2024
Samsung's next smart ring might be more interactive and include display screens to show health information and notifications.
Data Protection Report
JULY 10, 2024
On June 18, 2024, the California Attorney General and Los Angeles City Attorney filed a complaint and stipulated final judgment (including a $500,000 settlement) with Tilting Point Media LLC (“Defendant” or “Tilting Point”), resolving allegations that the video game developer and publisher violated the federal Children’s Online Privacy Protection Act (“COPPA”), the California Consumer Privacy Act (“CCPA”), and the California consumer protection law.
Collaboration 2.0
JULY 10, 2024
If you've been flipping out for a new foldable, here are the key differences between the market's two best options.
Expert insights. Personalized for you.
298 
Let's personalize your content