Wed.Aug 21, 2024

article thumbnail

Black Hat Fireside Chat: User feedback, AI-infused email security are both required to deter phishing

The Last Watchdog

I recently learned all about the state-of-the art of phishing attacks – the hard way. Related: GenAI-powered attacks change the game An email arrived from the head of a PR firm whom I’ve known for 20 years asking me to click on a link to check out a proposal. Foolishly, I did so all too quickly. Within a few minutes, many of my contacts, and even strangers, were receiving a similar malicious email from me.

Phishing 289
article thumbnail

Ransomware Gangs Are in Decline But Still Make Lots of Noise

Data Breach Today

RedSense's Bohuslavskiy and Smith on How Attacks on Healthcare Show Desperation RedSense’s Yelisey Bohuslavskiy and Marley Smith believe ransomware is declining but caution that it still poses a significant threat. While attackers recycle old methods, they're taking desperate measures to target vulnerable groups such as cancer centers and to stoke fears in the marketplace.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning

Security Affairs

A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdoor in millions of RFID cards manufactured by the Chinese chip manufacturer Shanghai Fudan Microelectronics. The experts announced the discovery of a hardware backdoor and successfully cracked its key allowing the instantaneous cloning of RFID smart cards. “In this paper, we present several attacks

article thumbnail

How to Account for Disinformation Risks in Election Security

Data Breach Today

CISO Lester Godsey on Building Custom Frameworks to Combat Election-Related Threats Maricopa County CISO Lester Godsey highlights the growing threat of misinformation and its impact on election security. He explains how his team is integrating cybersecurity frameworks to address both digital and physical risks, focusing on disinformation campaigns and election integrity.

Risk 272
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

North Korea-linked APT used a new RAT called MoonPeak

Security Affairs

North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure used by the North Korea-linked APT group tracked as UAT-5394, which experts suspect is linked to the Kimsuky APT group. The infrastructure includes staging, C2 servers, and machines used by the group to test their implants.

Phishing 133

More Trending

article thumbnail

Pro-Russia group Vermin targets Ukraine with a new malware family

Security Affairs

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware. Vermin is a pro-Russian hacker group, also tracked as UAC-0020 , that operates under the control of the law enforcement agencies of the temporarily occupied Luhansk.

Phishing 126
article thumbnail

How Cybercrime Fuels Human Trafficking and Gambling Scams

Data Breach Today

Infoblox Researchers on Links Between Human Trafficking, Cybercrime and Gambling Illegal gambling operations depend on trafficked individuals to perform cybercriminal activities. Threat researchers at Infoblox explain how cybercriminals use trafficked people for operations such as pig-butchering scams and leverage European sports sponsorships to boost illegal gambling websites.

264
264
article thumbnail

Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio

Security Affairs

Researchers have disclosed a critical security vulnerability in Microsoft’s Copilot Studio that could lead to the exposure of sensitive information. Researchers disclosed a critical security vulnerability, tracked as CVE-2024-38206 (CVSS score: 8.5), impacting Microsoft’s Copilot Studio. An attacker can exploit the vulnerability to access sensitive information.

Metadata 122
article thumbnail

Ransomware Again on Track to Achieve Record-Breaking Profits

Data Breach Today

Does That Mean Improved Defenses and Law Enforcement Disruptions Are Failing? Ransomware groups' collective profits are on track to achieve another record-breaking year, even though fewer victims overall appear to be paying a ransom, experts warn. One expert says the success comes down to a handful of high-profile attacks.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

How to Use LastPass: Complete Guide for Beginners

eSecurity Planet

Navigating the complexities of password management can be challenging, especially if you’re new to it. LastPass, a leading password manager, offers a robust solution for securely storing and managing your organization’s digital assets. There are many types of network security , so understanding how to use LastPass is essential to managing personal accounts or securing an entire team.

Passwords 112
article thumbnail

The Strategic Need for Employee Training and Education

Data Breach Today

Why the Benefits Far Outweigh the Risks Today's workforce is increasingly insisting on having employer-provided education and development opportunities. Learn why offering employees opportunities for education and development is both a retention strategy and a key component of a successful business strategy.

Education 233
article thumbnail

The US Government Wants You—Yes, You—to Hunt Down Generative AI Flaws

WIRED Threat Level

The AI ethics nonprofit Humane Intelligence and the US National Institute of Standards and Technology are launching a series of contests to get more people probing for problems in generative AI systems.

article thumbnail

Are the New FAA Cyber Requirements for Future Planes Enough?

Data Breach Today

Federal Aviation Administration Seeks Public Input on New Cyber Rules for Airplanes The U.S. Federal Aviation Administration is seeking public comment on a proposed rule that aims to further elevate and streamline cyber regulations for future airplanes and aircraft equipment. The rule isn't intended to have a substantive effect on airliner cybersecurity standards.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Story of an Undercover CIA Agent who Penetrated Al Qaeda

Schneier on Security

Rolling Stone has a long investigative story (non-paywalled version here ) about a CIA agent who spent years posing as an Islamic radical. Unrelated, but also in the “real life spies” file: a fake Sudanese diving resort run by Mossad.

101
101
article thumbnail

Researchers Thrust a Virtual Stick Into the Bike Spokes

Data Breach Today

Wireless Gear Shifting System Is Vulnerable to Replay Attacks Imagine cruising down a bike path and having the gears suddenly shift without warning. Security researchers say cybercriminals could take advantage of new wireless controlled bicycle gear systems to make that happen - and cause crashes and injuries.

Security 209
article thumbnail

How to clear the cache on your iPhone (and why you should)

Collaboration 2.0

Cache and cookies can clog your browser and slow your iPhone's performance, but there's a simple way to bring your device back up to speed. Try this today and see the difference.

98
article thumbnail

An In Depth Look at AI & the Evolving Cyber Threat Landscape

Data Breach Today

In the fast-changing world of cyber warfare, staying ahead of threats is essential.

264
264
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

KnowBe4

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.

article thumbnail

Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to Sports

WIRED Threat Level

Protesters took to Citi Field Wednesday to raise awareness of the facial recognition systems that have become common at major league sporting venues.

Privacy 109
article thumbnail

Threat Actors Abuse URL Rewriting to Mask Phishing Links

KnowBe4

Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point.

Phishing 102
article thumbnail

YouTube rolls out customizable NFL multiview, but there is a catch

Collaboration 2.0

You'll soon be able to build a two-, three-, or four-game display to catch multiple NFL games at once, but the option isn't open to everyone.

98
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

KnowBe4

Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.

article thumbnail

How to use ChatGPT: Everything to know about using GPT-4o and GPT-4o mini

Collaboration 2.0

Want to use the most popular AI chatbot available? We'll walk you through how to get started with ChatGPT and how to get the most out of it.

IT 98
article thumbnail

Cybersecurity in 2024: Reflecting on the Past, Preparing for the Future

KnowBe4

As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year.

article thumbnail

This Pixel 9 Pro XL vs. iPhone 15 Pro camera shootout has a clear winner - and one big surprise

Collaboration 2.0

The Pixel 9 Pro XL winning against the iPhone 15 Pro in most instances wasn't a surprise but there's one big miss on the new Google phone.

98
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Wellington Management sets the bar for collaborative partnerships in data governance

Collibra

Many people talk about partnerships in the business world, but a true, symbiotic relationship between customers and vendors is exceedingly rare. That’s what makes our work at Collibra different. We deliver data intelligence to some of the world’s most innovative companies, firmly aligning our development priorities with our customers’ goals. Our resources — from pre-built integrations to out-of-the-box privacy solutions — are continuously evolving to meet the emergent needs of the organizations

article thumbnail

Ring just launched a new Battery Doorbell with better features for the same price

Collaboration 2.0

The new Ring Battery Doorbell replaces the older $100 battery-powered Ring Video Doorbell and packs more features for the same price.

98
article thumbnail

Fresha Secures $31 Million in Venture Debt from J.P. Morgan for AI and Robotics Push

Information Matters

Fresha, a leading marketplace platform for beauty and wellness services, has secured a $31 million venture debt facility from J.P. Morgan. The company plans to use the funds to expand Read more The post Fresha Secures $31 Million in Venture Debt from J.P. Morgan for AI and Robotics Push appeared first on Information Matters - AI in the UK.