Mon.Jun 17, 2024

article thumbnail

Spanish Police Bust Alleged Leader of Scattered Spider

Data Breach Today

US International Arrest Warrant Accuses Suspect of Cryptocurrency-Theft Campaigns Spanish National Police have arrested a 22-year-old British national based on an International Arrest Warrant from the U.S. that accuses him of stealing bitcoins worth $27 million. Reports suggest the suspect is a key member of the Scattered Spider cybercrime group that hacked MGM and Clorox.

310
310
article thumbnail

Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers

WIRED Threat Level

CCTV cameras and AI are being combined to monitor crowds, detect bike thefts, and spot trespassers.

Privacy 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CISA Conducts First-Ever AI Security Incident Response Drill

Data Breach Today

US Cyber Defense Agency Developing AI Security Incident Collaboration Playbook The Cybersecurity and Infrastructure Security Agency is hosting a series of tabletop exercises through its flagship public-private collaborative while developing a new playbook for both sectors to better respond to emerging cybersecurity risks associated with artificial intelligence.

article thumbnail

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

WIRED Threat Level

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.

Cloud 143
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

HHS on Guard: Prioritizing Patient Data Security

Data Breach Today

CISO and Acting Deputy CIO La Monte Yarborough on Building a Culture of Security The U.S. Department of Health and Human Services is actively enhancing its cybersecurity measures to protect sensitive health data. CISO and Acting Deputy CIO La Monte Yarborough outlined the measures HHS is taking to protect sensitive data and critical infrastructure amid rising threats.

Security 278

More Trending

article thumbnail

NHS Ransomware Hack: 1,500 Medical Appointments Rescheduled

Data Breach Today

Hospitals Says Restoring the Affected IT Systems Will Take Weeks The ransomware attack on a key U.K. National Health Service IT vendor has forced two London hospitals to reschedule around 1,500 medical appointments including critical cancer treatments and organ transplant surgeries. The disruption is now in its third week.

article thumbnail

Online job offers, the reshipping and money mule scams

Security Affairs

Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid schemes in which profits are generated through the recruitment of new participants, rather than through actual service, sometimes even causing significant financial losses.

Marketing 139
article thumbnail

Getting a Firmer Grip on AI Privacy Concerns in Healthcare

Data Breach Today

Artificial intelligence technologies offer tremendous promise in healthcare, but it's crucial for organizations to carefully assess the complex data privacy concerns involved with different types of AI products and deployments, said Karen Habercoss, chief privacy officer at UChicago Medicine.

Privacy 274
article thumbnail

Empire Market owners charged with operating $430M dark web marketplace

Security Affairs

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka “Dopenugget”) and Raheim Hamilton (aka “Sydney” and “Zero Angel”), have been charged in federal court in Chicago for operating the dark web marketplace “ Empire Market ” from 2018 to 2020.

Marketing 136
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Police Dismantle Asian Crime Ring Behind $25M Android Fraud

Data Breach Today

Hackers Used Dozens of Servers to Distribute Malicious Android Apps Law enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.

Phishing 269
article thumbnail

Spanish police arrested an alleged member of the Scattered Spider group

Security Affairs

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ). The man was arrested in Palma de Mallorca while attempting to fly to Italy, during the arrest, police confiscated a laptop and a mobile phone.

article thumbnail

Australian Regulators Detail Medibank Hack: VPN Lacked MFA

Data Breach Today

Court Filing: Threat Actor Stole Admin Credentials From IT Service Desk Contractor Medibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.

Insurance 173
article thumbnail

Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for Outlook

KnowBe4

Increasing phishing attacks are a constant threat to organizations, making it crucial for users to report suspicious emails.

Phishing 128
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Hackers Plead Guilty After Breaching Law Enforcement Portal

Data Breach Today

Justice Says Sagar Steven Singh and Nicholas Ceraolo Doxed and Threatened Victims Hackers Sagar Steven Singh and Nicholas Ceraolo pleaded guilty Monday in federal court to conspiring to commit computer intrusion and aggravated identity theft after illegally accessing a nonpublic law enforcement database, according to the Justice Department.

Access 162
article thumbnail

Phishing Campaign Abuses Windows Search to Distribute Malware

KnowBe4

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to launch Windows Explorer and trick users into installing the malware.

Phishing 128
article thumbnail

Sleepy Pickle: Researchers Find a New Way to Poison ML

Data Breach Today

Hackers Can Use the Attack Method to Manipulate ML Model Output and Steal Data Researchers have found a new way of poisoning machine learning models that could allow hackers to steal data and manipulate the artificial intelligence unit's output. Using the Sleepy Pickle attack method, hackers can inject malicious code into the serialization process, said Trail of Bits.

article thumbnail

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

KnowBe4

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in Colorado.

Phishing 124
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Using LLMs to Exploit Vulnerabilities

Schneier on Security

Interesting research: “ Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems.

article thumbnail

LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

Security Affairs

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the personal information of more than 200,000 was compromised after a data breach that occurred between February 19 and February 20, 2024. Threat actors obtained the log-in credentials of 53 Public Health employees through a phishing campaign. “Between February 19, 2024, and February 20, 2024, the Los An

article thumbnail

Libraries and the fight against truth decay

CILIP

Libraries and the fight against truth decay Truth decay is the diminishing role of facts and analysis in public life, it is a phenomenon that erodes civil discourse, causes political paralysis, and leads to general uncertainty around what is and is not. Stijn Hoorens, Director, RAND Europe will join CILIP Conference 2024 as keynote speaker with a talk on truth decay that will shed light on how libraries can help to counter it.

article thumbnail

How Much Does it Cost to Use Cloud Storage? 

Record Nations

Today’s businesses rely on technology to simplify their operations and increase efficiency. Cloud storage is an essential component of the technological advances businesses use daily. In fact, recent statistics show that 60% of all corporate data is now stored in the cloud with numbers projected to increase. Businesses choose cloud storage because of its.

Cloud 88
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

How to send large file attachments in Gmail - up to 10GB

Collaboration 2.0

Ever run up against Gmail's 25MB file size limitation? Here's an easy way to get around it. (This tip works with other email clients, too!

IT 76
article thumbnail

Guide to Achieving ISO27001:2022 Compliance

Thales Cloud Protection & Licensing

Guide to Achieving ISO27001:2022 Compliance glenn.hamilton… Tue, 06/18/2024 - 06:01 ISO/IEC 27001:2022 , the latest edition of the internationally recognized standard for information security management systems (ISMS), introduces several significant updates and revisions to address the evolving security challenges that worldwide organizations face. One of the most significant changes in the standard is the overhaul of Annex A, which now aligns closely with the updates introduced in ISO/IEC 2700

article thumbnail

Disaster Preparedness during the 2024 Atlantic Hurricane Season

National Archives Records Express

The 2024 Atlantic hurricane season began June 1st and runs through November 30th. NOAA has forecast a range of 17 to 25 total named storms (winds of 39 mph or higher). Of those, 8 to 13 could become hurricanes (winds of 74 mph or higher), including 4 to 7 major hurricanes (category 3, 4 or 5; with winds of 111 mph or higher). NOAA has a 70% confidence in these ranges.

article thumbnail

Reltio 2024.2: Empowering enterprises to unify their data

Reltio

The need for real-time, trusted, unified data has never been greater. The biggest challenge facing enterprises is effectively harnessing the vast amounts of information at their disposal. Those who can swiftly overcome the hurdles of data management can gain a significant competitive edge, enabling them to make informed decisions, innovate faster, and deliver superior customer experiences in an increasingly crowded marketplace.

MDM 52
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Essentials of enterprise identity management

Jamf

Explore the essentials of enterprise identity management in our in-depth post. Discover how to enhance security and streamline operations in your business.

article thumbnail

Cloud for government: A look at 4 agency transformations

OpenText Information Management

Government agencies are making strides on their cloud migration journey, but there is still progress to be made. At OpenText, we are well-situated to help public sector agencies move to the cloud. Our Cloud for Government solution has been listed on the FedRAMP marketplace as fully authorized, providing a low-risk, highly secure content management cloud option for the public sector.

Cloud 64