Wed.Sep 11, 2024

article thumbnail

French Cyber Agency Warns of APT28 Hacks Against Think Tanks

Data Breach Today

Report: North Korean, Russian, Chinese, Iranian Actors Are Targeting Research Orgs Russian state hackers are targeting think tanks studying strategic interests and the defense sector, warned the French cyber agency. A hacking group that officially is Unit 26165 of the Russian Main Intelligence Directorate appears to be Russia's most prolific targeter of think tanks.

189
189
article thumbnail

News alert: Criminal IP partners with IPLocation.io to deliver new tech to mitigate IP address evasion

The Last Watchdog

Torrance, Calif., Sept. 11, 2024, CyberNewsWire — Criminal IP , a distinguished leader in Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, announced that it has successfully integrated its IP address-related risk detection data with IPLocation.io, one of the most visited IP analysis and lookup tools on the internet. Through the integration, IPLocation.io , a prominent IP address geolocation tracker platform with a substantial user base, now offers more detailed insights

Risk 162
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Hellman & Friedman Wants to Unload Checkmarx for $2.5B

Data Breach Today

More Competition, Ownership Turnover Among Peers Create an Appealing Time to Sell Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.

Sales 182
article thumbnail

Adobe Patch Tuesday security updates fixed multiple critical issues in the company’s products

Security Affairs

Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multiple vulnerabilities in its products, including critical flaws that could allow attackers to execute arbitrary code on Windows and macOS systems. The most severe vulnerabilities are two critical memory corruption flaws in Acrobat and PDF Reader, tracked as CVE-2024-41869 (CVSS score of 7.8) and CVE-2024-45

Security 143
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Election Experts Still Demanding More Federal Cyber Support

Data Breach Today

State Officials, Security Experts Warn of Increased Cyberthreats Ahead of Vote Election security experts told Information Security Media Group the United States continues to lack adequate federal funding and resources to support state and local election information technology security efforts amid heightened global tensions and an ever-expanding threat landscape.

More Trending

article thumbnail

NoName Apparently Allies With RansomHub Operation

Data Breach Today

NoName Specializes in Long-Tail Exploits Up-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.

article thumbnail

RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR

Security Affairs

Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool to disable endpoint detection and response (EDR) systems, Malwarebytes ThreatDown Managed Detection and Response (MDR) team observed. TDSSKiller a legitimate tool developed by the cybersecurity firm Kaspersky to remove rootkits, the software could also disable EDR solutions through a command line script

article thumbnail

Mental Health Records Database Found Exposed on Web

Data Breach Today

Cyber Researcher Reported Findings to Virtual Care Provider; Data Now Secured An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.

Security 182
article thumbnail

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is a comprehensive solution designed to help organizations manage and secure their endpoint devices across various platforms, including Windows, macOS, Chrome OS, and IoT systems.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Geopolitical Tensions Fuel Growth in Cross-Border Fraud

Data Breach Today

ACAMS' Shilpa Arora on Global Financial Vulnerabilities and Regulatory Challenges Geopolitical tensions have heightened cross-border fraud, with criminals exploiting technological advances and regulatory gaps between countries. Shilpa Arora, head of anti-financial crime products at ACAMS, discusses ways banks can tackle cross-border fraud schemes.

173
173
article thumbnail

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for September 2024 addressed 79 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; Dynamics Business Central; SQL Server; Windows Hyper-V; Mark of the Web (MOTW); and the Remote Desktop Licensing Service.

Security 136
article thumbnail

Bashing Windows Bugs, Take 2: Microsoft Restores Nixed Fixes

Data Breach Today

A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Microsoft has issued a slew of software updates to patch numerous flaws, including three zero-day vulnerabilities that are already being exploited via in-the-wild attacks. Another fix addresses a prior update that inadvertently reintroduced vulnerable components to Windows 10.

173
173
article thumbnail

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs

Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in Washington state, suffered a cyber attack that caused a significant disruption of its activities. Highline Public Schools (HPS) is a public school district in King County, headquartered in Burien, Washington, it serves more than 18,000 students.

IT 132
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

ColorTokens Strengthens Zero Trust With PureID Acquisition

Data Breach Today

PureID Passwordless Authentication Tool Will Boost ColorTokens Microsegmentation ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.

article thumbnail

Legal Firms Increasingly Targeted by Phishing Attacks, Ransomware

KnowBe4

Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an organization’s networks.

Phishing 126
article thumbnail

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is a comprehensive solution designed to help organizations manage and secure their endpoint devices across various platforms, including Windows, macOS, Chrome OS, and IoT systems.

article thumbnail

Forget the Talent Gap – It’s an Experience Gap

KnowBe4

South Africa’s cybersecurity workforce shortage mirrors global trends, but also faces local factors like underinvestment in basic education, underserved communities, digital literacy gaps and challenges with data access.

Education 124
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Evaluating the Effectiveness of Reward Modeling of Generative AI Systems

Schneier on Security

New research evaluating the effectiveness of reward modeling during Reinforcement Learning from Human Feedback (RLHF): “ SEAL: Systematic Error Analysis for Value ALignment.” The paper introduces quantitative metrics for evaluating the effectiveness of modeling and aligning human values: Abstract : Reinforcement Learning from Human Feedback (RLHF) aims to align language models (LMs) with human values by training reward models (RMs) on binary preferences and using these RMs to fine-tu

Paper 111
article thumbnail

News alert: Opus Security’s new ‘Advanced Multi-Layered Prioritization Engine’ elevates VM

The Last Watchdog

Palo Alto, Calif., Sept.11, 2024, CyberNewsWire — Opus Security , the leader in unified cloud-native remediation, today announced the launch of its Advanced Multi-Layered Prioritization Engine , designed to revolutionize how organizations manage, prioritize and remediate security vulnerabilities. Leveraging AI-driven intelligence, deep contextual data and automated decision-making capabilities, this innovative engine helps organizations prioritize the most critical vulnerabilities, enhanci

Risk 100
article thumbnail

This change to Android notifications might not be popular with everyone

Collaboration 2.0

Google might change how you access notifications and Quick Settings in a way that could be divisive.

Access 98
article thumbnail

Lessons on international transfers to the US to organisations caught by the GDPR

Data Protection Report

The Dutch data protection authority, the Autoriteit Persoonsgegevens (AP) announced a fine of €290 million on Uber Technologies Inc. (UTI) and Uber B.V.,(UBV) (together Uber) with press releases in Dutch and English. The fine relates to the transfer of drivers’ personal data to the US. Uber has announced that it will appeal the fine. In 2024, with the EU-US Data Privacy Framework (DPF) in place, regulatory focus appears to have shifted from international transfers to other topics, such as artifi

GDPR 92
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Apple Watch Series 10 vs. Apple Watch Series 9: Should you upgrade to the latest model?

Collaboration 2.0

The Apple Watch Series 10 has fresh features and a fresher design, but is it worth your money? Here's how it compares to last year's model.

IT 98
article thumbnail

Losses From Investment Scams have Increased Six-Fold Since 2021

KnowBe4

The Better Business Bureau (BBB) has observed a six-fold increase in losses from investment scams over the past three years. The BBB has received more than 4,000 reports of investment scams since 2020, with the median reported loss rising from $1,000 in 2021 to almost $6,000 in 2024.

article thumbnail

Buy 3 months of Xbox Game Pass Ultimate for $36 right now

Collaboration 2.0

Try or gift Xbox Game Pass for three months for 28% off and play over 100 games including Starfield, Forza Motorsport, and Football Manager 2024 on your Xbox, PC, or mobile device.

98
article thumbnail

OpenText Named a Leader in the IDC MarketScape for Intelligent Content Services

OpenText Information Management

Every organization must be prepared for the next era of productivity in which knowledge work is fueled by automation and AI. But while you may be feeling pressured to get started and secure some quick wins to drive growth and differentiation, the best GenAI experiences must be built on top of quality data and a great enterprise content management strategy to realize GenAI’s full potential and value.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Sony unveils PlayStation 5 Pro: Best features, pricing, release date, and everything else to know

Collaboration 2.0

Sony's new console sports a more powerful graphics card and a Super Resolution feature to improve visual fidelity greatly. Here's what else we know for now.

98
article thumbnail

The Importance of IAM in Critical Infrastructure

Thales Cloud Protection & Licensing

The Importance of IAM in Critical Infrastructure madhav Thu, 09/12/2024 - 06:23 Over the past year, the world's critical infrastructure (CI) - including energy, healthcare, finance, communications, manufacturing, and transport - has suffered a constant barrage of attacks. The 2024 Thales Data Threat Report, Critical Infrastructure Edition , revealed that almost 93% of CI respondents reported increased attacks.

article thumbnail

The AirPods Pro 3 may be your new fitness coach with a built-in heart rate sensor

Collaboration 2.0

A leak reveals that future Apple earbuds may help you keep better track of your health; however, the pair won't be out for a while.

98