Mon.Jul 29, 2024

article thumbnail

CrowdStrike Outage Could Cost Cyber Insurers $1.5 Billion

Data Breach Today

Most Claims Will Be Made Under 'Systems Failure' Coverage, Says Moody's Ratings The global IT outage triggered by a faulty CrowdStrike software update could lead to $400 million to $1.5 billion in payouts to cyber insurance policyholders, although the nonstandardized language used for such policies will make determining final losses a "lengthy process," analysts say.

Insurance 227
article thumbnail

Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085

Security Affairs

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on domain-joined ESXi hypervisors.” warned

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GitHub Network Fuels Malware Distribution Operation

Data Breach Today

Threat Actors Profit from GitHub's Inauthentic Accounts Network Hackers apparently stymied by improved network detection of malware are turning to fake GitHub repositories to host malicious links and archives embedded with viruses. A threat actor dubbed "Stargazer Goblin" is a step beyond hackers who merely use GitHub repositories to host malicious code.

Archiving 182
article thumbnail

Saboteurs Cut Internet Cables in Latest Disruption During Paris Olympics

WIRED Threat Level

Long-distance cables were severed across France in a move that disrupted internet connectivity.

Security 138
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Agencies Warn of North Korean Hacks on Nuclear Installations

Data Breach Today

Andariel Group Seeking Classified Technology to Power Pyongyang's Nuclear Program United States, British and South Korean government agencies blamed a North Korean espionage group for targeting their defense, aerospace and energy sectors to steal Western nuclear and military technologies to advance Kim Jong Un regime's military and nuclear ambitions.

Military 182

More Trending

article thumbnail

Tech Orgs Feel 'Abandoned' as UN Finalizes Cybercrime Treaty

Data Breach Today

Leading Cybersecurity, Technology Companies 'Gravely Concerned' Over Cyber Treaty Leading cybersecurity and technology firms in the West feel "abandoned" by the United States and Europe as talks for a United Nations cybercrime treaty near their end. Member nations resumed cybercrime treaty negotiations on Monday in New York.

article thumbnail

Acronis Cyber Infrastructure bug actively exploited in the wild

Security Affairs

Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked as CVE-2023-45249 (CVSS score of 9.8), in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. ACI is a comprehensive IT solution designed to provide cyber protection and data management.

article thumbnail

Change Healthcare Begins to Notify Millions Affected by Hack

Data Breach Today

IT Services Vendor Is Sending Individual Letters to Victims on a Rolling Basis Millions of Americans will soon receive a breach notification letter from Change Healthcare, which said on Monday that it has started the process of notifying victims of the massive cyberattack and data theft incident first detected more than five months ago.

IT 162
article thumbnail

QR Code Phishing is Still on the Rise

KnowBe4

Organizations need to be aware of the threat posed by QR code phishing (quishing), according to researchers at Trend Micro.

Phishing 121
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Learning From CrowdStrike's Outage: Insights From Snyk's CEO

Data Breach Today

Peter McKay on Improving Developer Practices, Integrating Security and Cutting Risk Snyk CEO Peter McKay discusses lessons from the recent CrowdStrike outage, emphasizing the importance of robust development practices, effective communication and the integration of quality and security in modern software development. He also highlights Snyk's role in advancing developer security.

article thumbnail

New Research in Detecting AI-Generated Videos

Schneier on Security

The latest in what will be a continuing arms race between creating and detecting videos: The new tool the research project is unleashing on deepfakes, called “MISLnet”, evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or images. These may include the addition or movement of pixels between frames, manipulation of the speed of the clip, or the removal of frames.

Paper 118
article thumbnail

European Central Bank Concludes Banking Cyber Stress Test

Data Breach Today

'Room for Improvement," Says ECB Supervisory Board Member The European banking sector is prepared at a high level for withering cyberattacks but there is "room for improvement" in its recovery capabilities, the European Central Bank said at the conclusion of a first-ever cyber stress test for banking.

IT 162
article thumbnail

Roger’s Hacking Stories

KnowBe4

In this post, I'll share two fascinating hacking stories I've experienced: one involving a sophisticated scam that targeted a major U.S. Fortune 500 conglomerate, and another detailing the implementation of honeypots by a renowned U.S. think tank that went wrong.

Honeypots 118
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Health Benefits Administrator Hack Affects 4.3 Million

Data Breach Today

Breach Was the Result of a Vendor's Compromised Credentials to Access SharePoint Health benefits administrator HealthEquity, which earlier this month reported to the U.S. Securities and Exchange Commission a hacking incident involving the compromised credentials of a vendor, has now told state regulators that the breach affected the information of 4.3 million individuals.

Access 162
article thumbnail

IoT: Internet of Threats?

KnowBe4

The Internet of Things (IoT) has slowly but surely weaved its way into our homes and places of work. From smart homes to industrial control systems, IoT has brought convenience and efficiency to our lives. However, with this increased connectivity we have increased our risk.

IoT 118
article thumbnail

Vulnerability Recap 7/29/24 – Multiple Old Security Flaws Reappear

eSecurity Planet

In the aftermath of CrowdStrike’s unique update failure that sparked a different type of security incident, standard vulnerability disclosures and patches proceed as usual. This week, we also saw some older issues return to light, including an Internet Explorer vulnerability first discovered in 2012. A Microsoft SmartScreen vulnerability from earlier this year resurfaced, and a Docker flaw from 2018 is still causing issues in a newer version of the software.

article thumbnail

Scammers Exploit Interest in Generative AI Tools

KnowBe4

Researchers at Palo Alto Networks’s Unit 42 are tracking phishing attacks exploiting interest in generative AI tools. The researchers observed spikes in suspicious domain registrations over the past year that correlated with current news.

Phishing 117
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

5 Bitwarden features that make it my favorite password manager

Collaboration 2.0

Bitwarden is the password manager I recommend to everyone. Here are five reasons why.

article thumbnail

The 2024 Olympics Offers Plenty of Opportunity For Online Scammers

KnowBe4

Fortinet’s Threat Intelligence Report covering the Paris Olympics provides some very detailed coverage of how threat actors are taking advantage of individuals and organizations who have their attention pointing directly toward Paris this summer.

Security 109
article thumbnail

Does your old PC need a speed boost? This thumb-sized accessory did the trick for me

Collaboration 2.0

If your system is sluggish, the PNY 1TB can work wonders. It handled my stress tests remarkably well, proving it's a worthy investment.

IT 98
article thumbnail

Nearly All Ransomware Attacks Now Include Exfiltration of Data…But Not All Are Notified

KnowBe4

Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

The tablet I recommend most for work travel is not an iPad or ThinkPad

Collaboration 2.0

Microsoft's first Copilot+ PC is off to a flying start, with the 11th-edition Surface Pro featuring a brilliant OLED screen, solid performance, and a flexible form factor.

98
article thumbnail

Transition to a Fully Digital Government: Forms

National Archives Records Express

A seaman rests on a bitt while completing paperwork aboard the dock landing ship USS MOUNT VERNON (LSD 39) NAID: 6433494 This blog post is the third in a series ( first post , second post ) focusing on specific areas agencies should consider in their transition to fully digital government. Many agencies capture information from their employees or the public through forms that they make available on their intranets or public websites.

article thumbnail

I replaced my Shokz with these bone conduction headphones for one vital reason

Collaboration 2.0

If you're looking for outstanding headphones for seriously sweaty exercising, the Mojawa Run Plus checks all the boxes.

98
article thumbnail

CILIP in the press – Summer 2024

CILIP

CILIP in the press – Summer 2024 This summer, CILIP’s public affairs and general election activities have been raising awareness about the value and significance of libraries in all sectors, and have placed libraries at the heart of the political conversation. CILIP’s work and messaging about the sector has featured in national news and magazines. In the last two months, CILIP has been featured in the Telegraph, the Times, the Guardian, the Bookseller, and the Big Issue.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Got a PC with a 13th or 14th gen Intel Core CPU? You need to read this

Collaboration 2.0

Intel is preparing a patch for a widespread instability issue that has been plaguing its Core 13th and 14th Gen processors. But if your PC is already crashing, I've got bad news for you.

IT 76
article thumbnail

The best Samsung phones of 2024: Expert tested and reviewed

Collaboration 2.0

I've tested every major Samsung phone release over the past year, and these models are most worthy of your consideration.

76
article thumbnail

The best Android phones of 2024: Expert tested and reviewed

Collaboration 2.0

We tested more than 30 of the best Android phones released in the past year and rounded up the most impressive ones, from flipping foldables to budget picks.

76