Data Breach Today
JULY 10, 2024
Nation-State Group APT40 Routinely Exploits Publicly Known Software Flaws The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The group exploits known software vulnerabilities to compromise networks.
Krebs on Security
JULY 10, 2024
The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions , a sprawling hosting provider that is a persistent source of cyberat
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 10, 2024
Mandatory Multifactor Authentication Among New Features Given to Administrators In the wake of multiple customers of Snowflake collectively losing terabytes of data to attackers, the cloud-based data warehousing platform has rolled out a swath of cybersecurity improvements, including allowing administrators to make multifactor authentication mandatory for all users.
WIRED Threat Level
JULY 10, 2024
Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
JULY 10, 2024
Monetary Authority Responds to Surge in Phishing Scams That Impersonate Banks The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 10, 2024
'Don't Panic,' Say Developers Security researchers identified an attack method against a commonly used network authentication protocol that dates back to the dial-up internet and relies on an obsolete hashing function. Researchers say "a well-resourced attacker" could make it practical.
Security Affairs
JULY 10, 2024
VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.
Data Breach Today
JULY 10, 2024
Cryptocurrency Exchange Platform 'Willfully Flouted US Anti-Money Laundering Laws' The once-leading cryptocurrency exchange platform known as BitMEX pleaded guilty Wednesday to willfully violating the Bank Secrecy Act and anti-money laundering laws to effectively serve as a money laundering vehicle from 2015 to 2020, according to the U.S. Department of Justice.
eSecurity Planet
JULY 10, 2024
Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
JULY 10, 2024
Remote Access Trojan 'Poco RAT' Targets Mining, Manufacturing Sectors, Says Report A new report published by Cofense Intelligence identifies a malware called "Poco RAT" that is actively targeting mining and manufacturing sectors across Latin America through a simple remote access Trojan that could be capable of delivering additional malware for ransomware or data harvesting.
Schneier on Security
JULY 10, 2024
New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or shared secrets.
Security Affairs
JULY 10, 2024
A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts openssh versions 8.7p1 and 8.8p1.
Collaboration 2.0
JULY 10, 2024
Long available for Android users, a Google Maps navigation perk is rolling out to iPhone users globally. Now, your speedometer and the current speed limit will appear in miles or kilometers depending on the region.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
JULY 10, 2024
IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the vulnerability to access sensitive information.
KnowBe4
JULY 10, 2024
Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has been targeting the technology sector in order to launch supply chain attacks.
Security Affairs
JULY 10, 2024
Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope , TEMP.Jumper , Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, Red Ladon, TA423 , and Leviathan ) and its capability t
Collaboration 2.0
JULY 10, 2024
With the new Galaxy Z Flip 6 launching, you may wonder if the new model is worth the upgrade and how it stacks up to the previous version. We'll help you compare.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Security Affairs
JULY 10, 2024
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?
Collaboration 2.0
JULY 10, 2024
If you're concerned about your privacy, you should regularly clear your Google search cache on Android. Here's how to do this manually and set up auto-delete.
KnowBe4
JULY 10, 2024
Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment Card Industry (PCI QSA) auditor years ago, it has been a while since I looked into this.
Collaboration 2.0
JULY 10, 2024
Samsung's subscription-free smart ring is here, but you'll need to get your ring sized to fit before you can use it. Here's how to preorder and get the right size.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
WIRED Threat Level
JULY 10, 2024
Google is bringing the password-killing “passkey” tech to its Advanced Protection Program users more than a year after rolling them out broadly.
Collaboration 2.0
JULY 10, 2024
Samsung just unveiled its subscription-free Galaxy Ring, and the Ultrahuman Ring Air is a competitive subscription-free option. Which should you buy?
Thales Cloud Protection & Licensing
JULY 10, 2024
Thales Joins IBM Consulting to Accelerate PQC Readiness josh.pearson@t… Thu, 07/11/2024 - 07:01 With the US National Institute of Standards and Technology (NIST) post-quantum cryptographic standard expected to be published this summer, companies need to start navigating the migration to quantum-safe cryptography. The most sustainable and effective way to make cryptosystems resilient for the quantum era is to establish cryptographic agility, or crypto-agility for short.
Collaboration 2.0
JULY 10, 2024
Samsung's next smart ring might be more interactive and include display screens to show health information and notifications.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
HID Global
JULY 10, 2024
Learn how facial recognition in healthcare simplifies patient check-ins and enhances efficiency. Explore the benefits of facial recognition in the medical field.
Collaboration 2.0
JULY 10, 2024
Do a more polished design and fancy AI features justify a price bump on the most expensive phone on the market? I found out.
Data Protection Report
JULY 10, 2024
On June 18, 2024, the California Attorney General and Los Angeles City Attorney filed a complaint and stipulated final judgment (including a $500,000 settlement) with Tilting Point Media LLC (“Defendant” or “Tilting Point”), resolving allegations that the video game developer and publisher violated the federal Children’s Online Privacy Protection Act (“COPPA”), the California Consumer Privacy Act (“CCPA”), and the California consumer protection law.
Expert insights. Personalized for you.
298 
Let's personalize your content