Krebs on Security

JULY 31, 2024

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-frie

Phishing 283

Phishing Authentication IT Access 283

Data Breach Today

JULY 31, 2024

Hackers Exploited ProxyShell Vulnerability to Compromise Commission Systems The British data regulator reprimanded the U.K.'s Electoral Commission for its failure to prevent a 2021 hack attack that resulted in the exposure of millions of voter records. Hackers breached the Electoral Commission's networks after exploiting the ProxyShell vulnerability.

IT 223

IT 223

Data Matters

JULY 31, 2024

On July 23, 2024, the competition authorities of the EU, the UK, and the U.S. issued a joint statement on competition in generative artificial intelligence (AI) foundation models and AI products (Joint Statement). Since the emergence of generative AI, each of the authorities has been individually ramping up its work in order to understand better the potential risks to competition that AI may pose.

Artificial Intelligence 173

Artificial Intelligence Privacy Risk IT 173

Data Breach Today

JULY 31, 2024

Hackers Accessed the University’s Storage Platform for Over 9 Months Australia's Western Sydney University said hackers exploited its Microsoft Office 365 environment to steal up to 580 terabytes of data. Breached data includes names, birthdates, health information, government identification documents, bank account information and superannuation details.

Data breaches 173

Data breaches Information governance Government Access 173

Advertiser: ZoomInfo

Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.

Sales

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts. The Cleafy TIR team discovered the previously undetected malware at the end of May 2024.

Authentication 143

Authentication Financial Services Communications Access 143

Security Affairs

JULY 31, 2024

Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The IT giant released iOS 17.6 and iPadOS 17.6 to address dozens of security vulnerabilities, including authentication and policy bypasses, information disclosure and denial-of-service (DoS) issues, and bugs that can lead to memory leaks and unexpected a

Authentication 140

Authentication Access Security IT 140

Data Breach Today

JULY 31, 2024

OneBlood Is Urging Hundreds of Hospitals to Activate Shortage Protocols A Florida-based blood donation center is urging hundreds of hospitals in the southeastern U.S. to activate critical blood shortage protocols as the nonprofit organization deals with a ransomware attack that's disrupting its blood collection, inventory and related processes.

Ransomware 162

Ransomware IT 162

Security Affairs

JULY 31, 2024

OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and blood products to over 300 hospitals and medical facilities across the U.S. Southeast. The organization collects, tests, and distributes blood to ensure a steady supply for needy patients.

Ransomware 138

Ransomware Data breaches Communications Access 138

Data Breach Today

JULY 31, 2024

Tech Giant Blames DDoS Defense Implementation Error for Failing to Mitigate Attack Microsoft blamed a widespread Azure cloud computing platform service outage, including Microsoft 365 problems, on its failure to stop a distributed denial-of-service attack after "an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.

Cloud 147

Cloud IT 147

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT. ESET researchers detected nine notable phishing campaigns during May 2024 in Poland, Romania, and Italy.

Phishing 138

Phishing Archiving Information Security IT 138

Troy Hunt

JULY 31, 2024

TL;DR — Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service. How many attempted scams do you get each day? I woke up to yet another "redeem your points" SMS this morning, I'll probably receive a phone call from "my bank" today (edit: I was close, it was "Amazon Prime" &

Passwords 130

Passwords Data breaches IT Security 130

Data Breach Today

JULY 31, 2024

Kash Shaikh Seeks International Expansion, Opportunistic M&A Amid Tectonic Shifts Securonix tapped the ex-leader of Virtana as its next chief executive to capitalize on upheaval in the SIEM market with international expansion and opportunistic M&A. The company tasked Kash Shaikh with expanding in Europe and Asia-Pacific by prioritizing countries or regions where demand is high.

Marketing 130

Marketing IT 130

The Last Watchdog

JULY 31, 2024

Web browser security certainly hasn’t been lacking over the past 25 years. Related: Island valued at $3.5 billion Advancements have included everything from sandboxing and web applications firewalls (WAFs,) early on, to secure web gateways (SWGs) and Virtual Desktop Infrastructure (VDIs,) more recently. Yet profound browser exposures persist — and this has led to the arrival of enterprise browsers , which will be in the spotlight as Black Hat USA 2024 gets underway next week in Las Vegas.

Authentication 130

Authentication Cloud Security Access 130

Advertiser: ZoomInfo

In today’s ultra-competitive markets, it’s no longer enough to wait for buyers to show obvious signs of interest. Instead, sales teams must be proactive, identifying and acting on nuanced buyer behaviors — often before prospects are fully ready to make a purchase. In this eBook from ZoomInfo & Sell Better, learn 10 actionable ways to use these buyer signals to transform your sales strategy and close deals faster.

Sales

Data Breach Today

JULY 31, 2024

Citing 'Critical Infrastructure' Problems, Certificate Authority Offers 3-Day Delay DigiCert said it will temporarily pause - on request - for up to three days the forced revocation of some digital certificates it issued that failed to comply with strict validation rules. The CA/Browser Forum requires any certificate with validation problems to be revoked within 24 hours.

IT 130

IT 130

KnowBe4

JULY 31, 2024

New data shows targeted attacks are resulting in surges in breach victim counts that already amount to more than double the victim count from attacks.

Data breaches 121

Data breaches Security awareness Phishing Ransomware 121

Data Breach Today

JULY 31, 2024

Federal AI Security Tools Require Substantial Training, Offer Minimal Improvements The U.S. Cybersecurity and Infrastructure Security Agency found in a new pilot that federally available artificial intelligence cybersecurity tools require substantial training and resources but are only providing government agencies with "negligible" improvements in risk detection.

Artificial Intelligence 130

Artificial Intelligence Security Cybersecurity Risk 130

Schneier on Security

JULY 31, 2024

Cloudflare reports on the state of applications security. It claims that 6.8% of Internet traffic is malicious. And that CVEs are exploited as quickly as 22 minutes after proof-of-concepts are published. News articles.

Security 120

Security IT 120

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

JULY 31, 2024

GigaOm COO Howard Holton on How Operational Failures Can Cripple Businesses Howard Holton, COO of GigaOm, explores the nuances of the recent Windows outages due to a faulty CrowdStrike update and its implications for critical infrastructure and corporate trust. He discusses the importance of conducting accurate classification and proper incident management.

IT 130

IT 130

KnowBe4

JULY 31, 2024

Researchers at Bitdefender have found that half of all travel-themed spam emails contain scams.

Phishing 109

Phishing Security 109

Data Breach Today

JULY 31, 2024

How to Guide, Inspire and Support Your Team Without Having a Formal Leadership Role While formal leadership is crucial, the influence of informal leaders within a team can also be effective. There are multiple ways you can step up to informally inspire team collaboration. It's a good way to contribute to your own career growth and to the overall success of the organization.

Cybersecurity 100

Cybersecurity IT 100

KnowBe4

JULY 31, 2024

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares security awareness training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.

Security awareness 108

Security awareness Security Marketing 108

Advertiser: ZoomInfo

As prospects define their problem, search for solutions, and even change jobs, they are generating high-value signals that the best go-to-market teams can leverage to close more deals. This is where signal-based selling comes into play. ZoomInfo CEO Henry Schuck recently broke down specific ways to put four key buying signals into action with the experts from 30 Minutes to President’s Club.

B2B

eSecurity Planet

JULY 31, 2024

Endpoint protection solutions safeguard network endpoints against cyberthreats using a selection of management tools, including endpoint detection and response (EDR), endpoint protection platform (EPP), and antivirus (AV). AV software blocks malware, EPP passively prevents threats, and EDR actively mitigates network attacks. When threats circumvent EPP’s preventative procedures, EDR is frequently paired with EPP to control the damage.

Data collection 99

Data collection Security Cybersecurity Cloud 99

Collaboration 2.0

JULY 31, 2024

The Lorex 2K video doorbell is the company's flagship security system. I tested it to see if it was worth the money.

Security 98

Security IT 98

WIRED Threat Level

JULY 31, 2024

OpenAI’s newest model is “a data hoover on steroids,” says one expert—but there are still ways to use it while minimizing risk to your private data.

Risk 91

Risk IT Privacy Security 91

Collaboration 2.0

JULY 31, 2024

Audio-Technica's new AT-LP70X series of turntables is aimed at those new to vinyl, but without sacrificing audio quality.

IT 98

IT 98

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

National Archives Records Express

JULY 31, 2024

We are requesting comments on a draft NARA Bulletin: Metadata Guidance for the Transfer of Classified Electronic Records Please send comments or questions to rmstandards@nara.gov by August 16, 2024. This bulletin provides guidance on security classification metadata that must accompany transfers of permanent classified electronic records to the U.S.

Metadata 90

Metadata Archiving Access Security 90

Collaboration 2.0

JULY 31, 2024

What's better than a clean install? How about a clean installation that includes all required drivers and utility programs? Here's how to locate a recovery image that will help you reinstall Windows 10, Windows 11, or even Linux on your Dell, HP, Lenovo, or Microsoft Surface PC.

98

98

Thales Cloud Protection & Licensing

JULY 31, 2024

Stay Safe Online: 5 Essential Tips for World Wide Web Day josh.pearson@t… Thu, 08/01/2024 - 07:00 World Wide Web Day is celebrated each year on the first of August, marking the day the Internet was first made available to the public in 1991. The day provides an opportunity to reflect on the web's impact on our lives and to celebrate the creativity and genius of Sir Tim Berners-Lee and the many others who have contributed to its development.

Passwords 62

Passwords Authentication Phishing Communications 62