Thu.Oct 03, 2024

article thumbnail

US, Microsoft Seize Domains Used in Russian Spear-Phishing

Data Breach Today

FSB Hackers Stripped of 107 Domains Used to Steal Credentials The U.S. Department of Justice and Microsoft seized more than 100 websites allegedly used by a Russian intelligence cyberespionage operation with a fondness for spear phishing. Targets include the national security apparatus and journalists, think tanks, and non-governmental organizations.

Phishing 304
article thumbnail

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

The Last Watchdog

Singapore, Oct. 3, 2024, CyberNewswire — At DEF CON 32, the SquareX research team delivered a hard-hitting presentation titled Sneaky Extensions: The MV3 Escape Artists where they shared their findings on how malicious browser extensions are bypassing Google’s latest standard for building chrome extensions: Manifest V3 (MV3)’s security features, putting millions of users and businesses at risk.

Risk 243
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Breach Roundup: AI 'Nudify' Sites Serve Malware

Data Breach Today

Also: Prison Sentences for BEC Scammers and a West African Cybercrime Crackdown This week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?

Insurance 302
article thumbnail

News alert: Doppler fortifies ‘secrets management’ with Change Requests auditable approval feature

The Last Watchdog

San Francisco, Calif., Oct. 3, 2024, CyberNewswire — Doppler , the leading platform in secrets management, today announces the launch of Change Requests , a new feature providing engineering teams with a secure, auditable approval process for managing and controlling secret changes across environments. Designed to enhance security, compliance, and team collaboration, Change Requests gives organizations the tools to mitigate the potential risks from misconfigurations or unauthorized changes

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Global Cybersecurity Agencies Release OT Security Guidelines

Data Breach Today

Principles to Ensure Critical Infrastructure's Operational Technology Security Don't pull data from an operational technology network: OT networks should push data out. Segment critical OT networks. Don't introduce cybersecurity systems into an OT network unless administrators can guarantee they won't hinder a restart after a complete loss of electricity.

More Trending

article thumbnail

CISA Preparing to Assess Federal Zero Trust Progress

Data Breach Today

US Cyber Defense Agency Plans to Review Updated Implementation Plans in November A top official from the U.S. Cybersecurity and Infrastructure Security Agency said Thursday the agency is planning to review updated federal implementation plans and ensure agencies are aligning with zero trust security objectives and addressing any funding gaps or technical challenges.

article thumbnail

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Security Affairs

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102 (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months.

CMS 136
article thumbnail

600,000 Prison Inmates to Share in $6.49M Breach Settlement

Data Breach Today

CorrectCare to Settle Lawsuit After 'Inadvertently' Exposing PHI on Web for Months A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.

285
285
article thumbnail

Dutch police breached by a state actor

Security Affairs

The Dutch government blames a “state actor” for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state actor for the recent data breach that exposed officers’ contact details, the justice minister told lawmakers. The incident took place on September 26, 2024, and the police have reported the security breach to the Data Protection Authority.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

ENISA 2024: Ransomware and AI Are Posing New Cyberthreats

Data Breach Today

ENISA's Ifigeneia Lella Shares Highlights of 2024 Threat Landscape Report While the number of ransomware attacks stayed about the same in the past year, cybercriminals are using more effective tactics such as weaponizing breach disclosure deadlines to extract higher ransoms, according to ENISA's 2024 Threat Landscape report.

article thumbnail

Insights from Information Leaders: Balancing Value, Compliance, and Innovation

AIIM

At a recent industry panel, Bill Murphy, Chief Executive Officer of RedZone Technologies, moderated a discussion featuring three distinguished information management experts: Reggie Henry, CAE, Chief Information & Performance Excellence Officer, American Society of Association Executives (ASAE) Candace McCabe, CIP, Sr. Solution Architect - Governance, Risk, and Compliance, Walmart Mark Patrick, CIP, Records Officer, US Department of Defense The panel was part of the AIIM Information and Data

article thumbnail

Cryptohack Roundup: Guilty Plea in $37M Theft Case

Data Breach Today

Also: $3.8 Million Onyx Hack, Conviction in a Crypto ATM Case This week, a guilty plea for $37M stolen, a $3.8M Onyx hack, a first conviction for illegal crypto ATM operations, Zort owner fraud, WazirX's post-hack liability, U.S. congressmen ask for Binance exec's release, a U.S. court denied Tornado Cash exec's motion and a SEC-Mango Markets settlement.

Marketing 183
article thumbnail

A Window into Your Photos: Revealing How Sideloaded Apps Can Secretly Monitor Your Images

Jamf

In the ever-evolving realm of cybersecurity, staying ahead of malicious threats is essential. At Jamf, we are committed to proactively identifying and mitigating risks to iOS devices. Learn how in our latest post.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Quantum Breakthroughs Drive New Encryption Strategies

Data Breach Today

Kawin Boonyapredee on Why Organizations Should Take Post-Quantum Threats Seriously Quantum computing has been evolving for decades and holds immense promise. Companies have invested billions of dollars in this technology, which will eventually solve complex business problems. But for now the use cases are limited, said Kawin Boonyapredee, chief strategy officer at Applied Quantum.

article thumbnail

Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps

Security Affairs

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion packets per second (Pps). Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 Tbps, that is the highest ever publicly disclosed. “Cloudflare’s defenses mitigated over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with m

article thumbnail

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

KnowBe4

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl describes three separate BEC attacks launched by this threat actor.

120
120
article thumbnail

Security Risks of Outsourcing to the Cloud: Who’s Responsible?

IT Governance

Cloud computing is a key tool for organisations, offering a wealth of opportunity to extend IT capabilities and take advantage of innovations. As more organisations move to remote or hybrid working, Cloud services are more valuable than ever. However, innovation comes with risk. In this blog Security challenges of the Cloud Legal and contractual requirements Who’s responsible for what?

Cloud 103
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

New VPN Credential Attack Goes to Great Lengths to Obtain Access

KnowBe4

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network.

Access 111
article thumbnail

This Windows-Android hybrid disrupted how I use my laptop in the best way

Collaboration 2.0

The fifth-gen Lenovo ThinkBook Plus is a laptop/tablet hybrid that runs on both Windows 11 and Android 13, resulting in a unique user experience that changed the way I use both.

98
article thumbnail

Don’t Put Real Answers Into Your Password Reset Questions

KnowBe4

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset questions with real answers!

Passwords 101
article thumbnail

One of the best Android Auto wireless adapters just got a useful (and premium) update

Collaboration 2.0

The AAWireless TWO is now smarter and more customizable - but only for Android users. Here's how to get notified when the dongle goes on sale later this month.

Sales 98
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Weird Zimbra Vulnerability

Schneier on Security

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware.

article thumbnail

Buy a Microsoft Office Pro and Windows 11 Pro bundle for 87% off right now

Collaboration 2.0

This lifetime license bundle deal gives you access to the entire Microsoft Office Pro 2021 suite and Windows 11 Pro for just $53 for a limited time.

Access 98
article thumbnail

OpenText World 2024: What’s in it for you?

OpenText Information Management

Whether you’re a business leader or a technical user, OpenText World 2024 is the conference for you. Mav, our AI-generated friend, and his colleagues are excited to guide you through the world of information management in Las Vegas November 18-21. To help you explore the concept that reimagining information can change the way you work, we’ve got inspiring keynotes , dozens of breakout sessions, pre-conference training, certification opportunities, networking events, and much more.

IT 80
article thumbnail

October Prime Day bundle: Buy a Samsung Galaxy S24 FE and get a $100 Amazon gift card

Collaboration 2.0

Amazon is offering a $100 gift card when you buy the Samsung Galaxy S24 FE AI smartphone ahead of their Big Deal Days sale event on October 8 and 9.

Sales 98
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Baptist Hospitals of Southeast Texas makes more time for patient care by moving fax services to the cloud 

OpenText Information Management

At Baptist Hospitals of Southeast Texas (BHSET) , our teams of physicians, nurses, and non-clinical staff are constantly working to deliver high-quality care. We provide a wide range of out- and in-patient services, as well as emergency medical care facilities and specialist treatment centers for cancer and behavioral health. We’re always looking for ways to improve our services and reach a wider community across Southeast Texas.

Cloud 64
article thumbnail

5 free Safari extensions I rely on for better security, privacy, and productivity online

Collaboration 2.0

If Safari is your go-to browser for MacOS, there are extensions you can add to improve the overall experience. Here are my top five.

Privacy 98
article thumbnail

AdTech Game-Changers: How Advanced Analytics Are Reshaping Digital Advertising  

OpenText Information Management

In today’s digital advertising world, AdTech companies are facing greater challenges than ever before. With billions of daily interactions, from ad impressions and clicks to user behaviors across multiple platforms, the data generated in this space is overwhelming. For companies managing programmatic ad buying and personalized targeting, the stakes are high—every millisecond counts, and every missed insight can lead to lost revenue.