Wed.Jun 07, 2023

article thumbnail

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

The Last Watchdog

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

Cloud 188
article thumbnail

Suspected Nation-State Actors Target US Aerospace Industry

Data Breach Today

PowerDrop Malware Simple But Sophisticated Suspected nation-state hackers are using that malware researchers say straddles between the line between off-the-shelf and advanced tactics in order to target the U.S. aerospace industry. Researchers from Adlumin in May found the malware on a defense contractor's network.

162
162
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults

Dark Reading

Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.

114
114
article thumbnail

Cybersecurity Challenges and Opportunities With AI Chatbots

Data Breach Today

'Preparedness Pays,' European AI and Cybersecurity Experts Say at ENISA Conference At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.

article thumbnail

5 Ways You Can Win Faster with Gen AI in Sales

Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.

article thumbnail

Minecraft Malware Spreading Through Mods, Plug-ins

Dark Reading

A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.

101
101

More Trending

article thumbnail

+60,000 Android apps spotted hiding adware for past six months

Security Affairs

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile Security. “Upon analysis, the campaign is designed to aggressively push adware to

article thumbnail

Hospital Worker Sentenced for HIPAA Crimes in ID Theft Scam

Data Breach Today

Former Employee Gets 4.5 Years in Federal Prison and Is Ordered to Repay Patients A former employee of an Arizona hospital has been sentenced to federal prison and ordered to pay restitution to victims after pleading guilty to criminal HIPAA violations and his participation in an identity theft scam that compromised the data of nearly 500 patients.

147
147
article thumbnail

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Security Affairs

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build an optimized, highly

article thumbnail

Shedding New Light on Software Visibility in the Age of SBOM

Data Breach Today

Center for Internet Security CISO on 'Transitional' State of Software Supply Chain With the federal government's software bill of materials regulations looming, many organizations are not ready to respond, warned CISO Sean Atkinson of the Center for Internet Security. He provided tips for ensuring transparency in the software supply chain and preparing for SBOM regulations.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware?

Security Affairs

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked as CVE-2022-22706 , that affects the Arm Mali GPU.

article thumbnail

Dragos Lays Off 9% of Workers as OT Security Spending Slows

Data Breach Today

50 Staffers Axed as Dragos Sees Longer Sales Cycles and Smaller Initial Deployments Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target. Dragos revealed plans to reduce its staff by 9% to ensure the company can stay independent through an IPO or Series E round.

Sales 147
article thumbnail

New PowerDrop malware targets U.S. aerospace defense industry

Security Affairs

A previously unknown threat actor has been observed targeting the U.S. aerospace defense sector with a new PowerShell malware dubbed PowerDrop. Researchers from the Adlumin Threat Research discovered a new malicious PowerShell script, dubbed PowerDrop, that was employed in attacks aimed at organizations in the U.S. aerospace sector. The PowerShell-based malware uses advanced techniques to evade detection, including deception, encoding, and encryption.

article thumbnail

Clop Ransomware Gang Asserts It Hacked MOVEit Instances

Data Breach Today

Russian-Speaking Extortion Operation Says It Will Start Listing Victims on June 14 The Clop ransomware-as-a-service gang said it's the actor behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot [ sic ] of your data as part of exceptional exploit," the gang's dark web leak site says.

article thumbnail

10 Ways to Leverage Buyer Signals and Drive Revenue

In today’s ultra-competitive markets, it’s no longer enough to wait for buyers to show obvious signs of interest. Instead, sales teams must be proactive, identifying and acting on nuanced buyer behaviors — often before prospects are fully ready to make a purchase. In this eBook from ZoomInfo & Sell Better, learn 10 actionable ways to use these buyer signals to transform your sales strategy and close deals faster.

article thumbnail

5 enhancements from WWDC to help Apple win the enterprise and change the future of work

Jamf

Apple’s Worldwide Developer Conference (WWDC) shows how Apple is leveraging its five major platforms to advance Apple's adoption in the enterprise. Here are the ways Apple is pushing each platform forward to continue winning in the workplace.

IT 98
article thumbnail

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Security Affairs

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads.

article thumbnail

AI Will Save Security – And Eliminate Jobs

eSecurity Planet

AI has been the subject of a lot of hype in recent months, but one place where the hype is justified is cybersecurity. AI will completely remake the cybersecurity landscape — and create a lot of disruption in the process. To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs.

article thumbnail

Email Retention Policies Could Change in Spokane County via Government Technology

IG Guru

Officials in Spokane County, Wash., are considering changes to email retention policies as a means of saving money on storage costs. The county pays about $52,000 a year to save well over 10 terabytes of emails.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Case for a Federal Cyber-Insurance Backstop

Dark Reading

By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack.

article thumbnail

How Attorneys Are Harming Cybersecurity Incident Response

Schneier on Security

New paper: “ Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys “: Abstract: Incident Response (IR) allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of these goals, technical practitioners are increasingly influenced by stakeholders like cyber insurers and lawyers.

article thumbnail

Microsoft Fined $20M For Xbox Child Data Collection

Dark Reading

The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.

article thumbnail

Smishing Campaign Expands to the Middle East

KnowBe4

A Chinese-speaking phishing gang has expanded its targeting from the Asia-Pacific region to the Middle East, researchers at Group-IB have found. The gang, which the researchers call “PostalFurious,” impersonated a toll operator and a postal service in the Middle East.

article thumbnail

Signal-Based Selling: How to Leverage 4 Key Buying Signals

As prospects define their problem, search for solutions, and even change jobs, they are generating high-value signals that the best go-to-market teams can leverage to close more deals. This is where signal-based selling comes into play. ZoomInfo CEO Henry Schuck recently broke down specific ways to put four key buying signals into action with the experts from 30 Minutes to President’s Club.

article thumbnail

The Bizarre Reality of Getting Online in North Korea

WIRED Threat Level

New testimony from defectors reveals pervasive surveillance and monitoring of limited internet connections. For millions of others, the internet simply doesn't exist.

Privacy 82
article thumbnail

Verizon: Email Reigns Supreme as Initial Attack Vector for Ransomware Attacks

KnowBe4

My analysis of this year’s newly-released Verizon Data Breach Investigations Report begins with ransomware findings that point back to users as a big problem.

article thumbnail

Cl0p Claims the MOVEit Attack; Here's How the Gang Did It

Dark Reading

A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit.

IT 82
article thumbnail

The Bold Plan to Create Cyber 311 Hotlines

WIRED Threat Level

UT-Austin will join a growing movement to launch cybersecurity clinics for cities and small businesses that often fall through the cracks.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Cisco Touts New AI-Based Security, SSE Features

Dark Reading

Cisco laid out its plans for artificial intelligence (AI) and a vision for unified cloud security during Cisco Live 2023.

article thumbnail

Clients can strengthen defenses for their data with IBM Storage Defender, now generally available

IBM Big Data Hub

We are excited to inform our clients and partners that IBM Storage Defender , part of our IBM Storage for Data Resilience portfolio, is now generally available. Enterprise clients worldwide continue to grapple with a threat landscape that is constantly evolving. Bad actors are moving faster than ever and are causing more lasting damage to data. According to an IBM report , cyberattacks like ransomware that used to take months to fully deploy can now take as little as four days.

article thumbnail

Cyber Essentialism & 'Doing Less With Less'

Dark Reading

Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy.