Krebs on Security
AUGUST 15, 2024
A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed hundreds of millions of consumer records.
Data Breach Today
AUGUST 15, 2024
Many Customers Apparently Still Struggling to Reissue Certificates, Researchers Say Thousands of organizations appear to still be struggling to comply with a forced, mass revocation of thousands of digital certificates issued by DigiCert using a buggy verification mechanism. Researchers recently said 27% of the 83,267 revoked certificates have yet to be reissued by customers.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
AUGUST 15, 2024
A fix is coming, but data analytics giant Palantir says it’s ditching Android devices altogether because Google’s response to the vulnerability has been troubling.
Data Breach Today
AUGUST 15, 2024
Also: Azure Health Bot Vulnerabilities Expose Risks in Cloud-Based Chatbots This week, Microsoft released its August patch of 90 fixes, flaws were discovered in Azure Health Bot, Orion lost $60 million in a BEC scam, Schlatter Industries was hit by malware, Microsoft said it will discontinue Paint 3D in November and Russia restricted access to Signal.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
AUGUST 15, 2024
A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware operation, has been observed using a new EDR-killing utility that can terminate endpoint detection and response software on compromised systems. The researchers called the new tool EDRKillShifter.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Schneier on Security
AUGUST 15, 2024
From the Federal Register : After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+. These algorithms are part of three NIST standards that have been finalized: FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard FIPS 204: Module-Lattice-Base
Data Breach Today
AUGUST 15, 2024
Michigan AG and Lawmaker Want Michigan to Bolster Cyber Protections As McLaren Health Care continues to restore its IT systems in the wake of a ransomware attack last week, some Michigan government officials are warning consumers about potential cybercrimes and other concerns stemming from that and similar cyber incidents involving healthcare groups in the state.
IT Governance
AUGUST 15, 2024
Common challenges for SAQ A/e-commerce merchants and how to resolve them E-commerce merchants, by definition, accept card payments. So, they’re subject to the PCI DSS (Payment Card Industry Data Security Standard). This standard, currently at v4.0.1 (a limited revision to PCI DSS v4.0 ), contains 277 sub-requirements. However, you can reduce your scope to drastically lower the number of requirements you must meet, thereby significantly reducing your compliance burden.
Data Breach Today
AUGUST 15, 2024
Security Researchers Also Uncovered a New Suspected Russian Threat Group A Russian hacking group notorious for hack-and-leak operations is behind a recent campaign targeting Russian dissidents and rights groups across the United States and Europe. Researchers also uncovered what they say is a previously unidentified threat actor targeting similar communities.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Daymark
AUGUST 15, 2024
One of the most common cyberattack vectors is compromised credentials. Malicious actors with access to AI technologies have increased the sophistication and effectiveness of their attacks. The rise in phishing attacks and malicious actors gaining access to AI technologies to increase the success of the attacks, has resulted in sharp increases in credential theft.
Data Breach Today
AUGUST 15, 2024
Compendium Features Dozens of In-Depth Interviews With CEOs, CISOs and Researchers Welcome to Information Security Media Group's Infosecurity Europe 2024 Compendium featuring cybersecurity insights from industry's top researchers, CEOs, CISOs, government leaders and more. Inside this 30-page guide, you'll find links to dozens of videos created by ISMG.Studio.
Collaboration 2.0
AUGUST 15, 2024
Sennheiser's Accentum Plus headphones improve on last year's model with better noise-canceling tech and software features. Even better, they just saw a price drop.
Data Breach Today
AUGUST 15, 2024
Also: WazirX's Post-Hack Plan, Mango Markets Hacker's Plea for Dismissal This week, FTX settled with the CFTC, the Mango Markets hacker sought dismissal of charges, WazirX said it will reverse trades, Solana fixed a vulnerability, the SEC sued NovaTech and settled with Ideanomics, and researchers discovered a new way to steal crypto private keys.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
KnowBe4
AUGUST 15, 2024
Cross-Site Scripting (XSS) is alive and well, and used in attacks to obfuscate malicious links in phishing emails to redirect users to threat-actor controlled websites.
Data Breach Today
AUGUST 15, 2024
Deal to Unite DNS and SSL for Big Enterprises, Streamline Digital Trust Management The Vercara acquisition by DigiCert will combine DNS and SSL management into a single platform, driving automation and improving security for enterprises. The deal is expected to create a unified solution for certificate and domain validation while enhancing protection against cyberthreats.
KnowBe4
AUGUST 15, 2024
Threat actors continue to target job seekers with phony employment offers on job search platforms like Indeed, researchers at Bitdefender warn.
Data Breach Today
AUGUST 15, 2024
Assistant Professor Bramwell Brizendine on Process Injection, Advanced Mitigation Return-oriented programming continues to pose significant security challenges. Assistant Professor Bramwell Brizendine discusses how ROP exploits binary vulnerabilities for process injection and the advancements in tools designed to automate ROP chain generation.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
KnowBe4
AUGUST 15, 2024
The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics.
Data Breach Today
AUGUST 15, 2024
How to Responsibly Embrace AI's Potential to Strengthen Cybersecurity Defenses Verizon’s 2024 DBIR shows a gap between generative AI's perceived capabilities and its actual use in cyberattacks, citing skyrocketing gen AI "hype" and very low actual gen AI "mentions" alongside traditional attack types. But it's still essential for security leaders to focus on AI risks now.
KnowBe4
AUGUST 15, 2024
File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security.
Collaboration 2.0
AUGUST 15, 2024
The microcode update may only protect CPUs when Intel's own default power settings are selected.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Thales Cloud Protection & Licensing
AUGUST 15, 2024
Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations josh.pearson@t… Thu, 08/15/2024 - 17:28 As many organizations begin to embark on their journey toward Post-Quantum Cryptography (PQC) resilience, Thales can facilitate and perhaps accelerate these migrations with its rapidly expanding Thales PQC Partner Ecosystem. The PQC migration process will be a highly significant transformation in the public-key cryptography landscape to date, impacting billions of devices and
Collaboration 2.0
AUGUST 15, 2024
Malware is a constant threat to your safety and privacy, which means you need to protect your devices. We found the best antivirus software and apps that will help keep you safe and secure.
Information Matters
AUGUST 15, 2024
In a move that could reshape the digital marketing landscape, artificial intelligence company AISQ has unveiled what it claims is the world’s first fully automated end-to-end marketing system. The platform, Read more The post AI Startup Launches Fully Automated Marketing System, Challenging Traditional Approaches appeared first on Information Matters - AI in the UK.
Collaboration 2.0
AUGUST 15, 2024
VPN deals aren't always what they seem, with permanent countdown timers only displaying standard prices. So, we found the best deals online for cheap VPN services that provide speed and safety without breaking the bank.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
HID Global
AUGUST 15, 2024
HID and IFSEC Insider report on what organizations use to protect their digital and physical assets, what’s top of mind today and what’s driving their decisions.
Collaboration 2.0
AUGUST 15, 2024
Grammarly Authorship will attempt to detect whether AI, a human, or a combination of the two created content. Though it will be available to any user, the new tool is targeted to the education market in particular.
Jamf
AUGUST 15, 2024
Get insight into this year's Jamf Nation User Conference, including new JNUC additions, topics and highlights, and more.
Expert insights. Personalized for you.
342 
Let's personalize your content