Data Breach Today
SEPTEMBER 24, 2021
The Ad, Now Deleted, Lured Users to a Phishing Website to Harvest Credentials Chinese security researcher Zhi has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.
Krebs on Security
SEPTEMBER 15, 2021
TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned. While many companies have been laying off or furloughing workers in response to the Coronavirus pandemic, TTEC has been massively hiring.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
SEPTEMBER 8, 2021
In the previous discussion, China’s 14th Five-Year Plan was summarized to capture relevant aspects of dual circulation, the Digital Silk Road (DSR), and the Belt Road Initiative (BRI) that aim to advance China as an economic, technological, and foreign policy powerhouse. Both of those initiatives are well-funded, thoughtful, and strategic in their attempts to spread influence and widespread dependency on Chinese products.
Security Affairs
SEPTEMBER 23, 2021
Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of the flaws was exploited by threat actors to infect the device with the NSO Pegasus spyware.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
WIRED Threat Level
SEPTEMBER 3, 2021
A sustained backlash against a new system to look for child sexual abuse materials on user devices has led the company to hit pause.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 17, 2021
Many Files Crypto-Locked Before July 13 Unlockable via Free Bitdefender Decryptor Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.
Krebs on Security
SEPTEMBER 8, 2021
Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.
The Last Watchdog
SEPTEMBER 20, 2021
An array of promising security trends is in motion. New frameworks, like SASE , CWPP and CSPM , seek to weave security more robustly into the highly dynamic, intensely complex architecture of modern business networks. Related: 5 Top SIEM myths. And a slew of new application security technologies designed specifically to infuse security deeply into specific software components – as new coding is being developed and even after it gets deployed and begins running in live use.
Security Affairs
SEPTEMBER 9, 2021
The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked as M?ris. The Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an internet shutdown.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
WIRED Threat Level
SEPTEMBER 17, 2021
The hacktivist collective targeted the domain registrar Epik for providing services to clients including the Texas GOP, Parler, and 8chan.
AIIM
SEPTEMBER 7, 2021
What is Information Governance, and Why is it Important? There are many benefits to constructing an Information Governance program plan. Generally, regulatory compliance or litigation activities are at the top of the list and often spur the creation of the IG program itself, but that's just the start of the list of IG benefits. In addition, a well-designed IG program can provide cost savings from better IT and information storage utilization, business agility, analytics, collaboration, and profi
Data Breach Today
SEPTEMBER 30, 2021
Microsoft Sparred with SecureWorks Over Impact But Relents Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
Krebs on Security
SEPTEMBER 28, 2021
The new $30 AirTag tracking device from Apple has a feature that allows anyone who finds one of these tiny location beacons to scan it with a mobile phone and discover its owner’s phone number if the AirTag has been set to lost mode. But according to new research, this same feature can be abused to redirect the Good Samaritan to an iCloud phishing page — or to any other malicious website.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Last Watchdog
SEPTEMBER 13, 2021
Surfshark wants to help individual citizens take very direct control of their online privacy and security. Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. Related: Turning humans into malware detectors. This development is part and parcel of rising the trend of VPN providers hustling to deliver innovative “DIY security” services into the hands of individual consumers.
Security Affairs
SEPTEMBER 25, 2021
The customer care and call center provider GSS has suffered a ransomware attack that crippled its systems and impacted its Spanish-speaking customers. GSS customer care and call center provider has suffered a ransomware attack that crippled its system and paralyzed call centers serving its Spanish-speaking customers. GSS is the Spanish and Latin America division of Covisian, a European giant of customer care and call center providers.
WIRED Threat Level
SEPTEMBER 28, 2021
From Afghanistan to cyberattacks, Frank Herbert’s novel anticipated and shaped warfare as we know it.
Security Affairs
SEPTEMBER 19, 2021
The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. Last week the Israeli cybersecurity firm Kape Technologies has acquired the industry’s leading virtual private networks ExpressVPN, as part of a $936 million deal. Kape announced that the acquisition will more than double its overall customer base, from almost 3 million customers to more than 6 million.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
SEPTEMBER 5, 2021
The Irish Data Protection Commission has fined WhatsApp €225 million over data sharing transparency for European Union users’ data with Facebook. The Irish Data Protection Commission has fined WhatsApp €225 million for the lack of transparency on how it shares European Union users’ data with Facebook companies. The instant messaging company violated the actual General Data Protection Regulation (GDPR). “The Data Protection Commission (DPC) has today announced a conclusion to a
Security Affairs
SEPTEMBER 21, 2021
Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version.
Security Affairs
SEPTEMBER 29, 2021
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be fixed. The security researcher Jose Rodriguez ( @VBarraquito ) discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be addressed by Apple. A threat actor with physical access to a vulnerable device can access Notes via Siri/Voice Over.
Security Affairs
SEPTEMBER 20, 2021
Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
SEPTEMBER 12, 2021
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but changing the malware internals and its capabilities making it a fully undetectable (FUD) weapon.
Security Affairs
SEPTEMBER 6, 2021
A Russian man accused of being a member of the infamous TrickBot gang was arrested while trying to leave South Korea. A Russian man accused of being a member of the TrickBot gang was arrested last week at the Seoul international airport. The man has remained stuck in the Asian country since February 2020 due to the COVID-19 lockdown imposed by the local government and the cancelation of international travel.
Data Breach Today
SEPTEMBER 1, 2021
Large Illinois Group Practice Says PHI Exposed After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest mulispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.
Data Breach Today
SEPTEMBER 3, 2021
Ongoing Attacks Disrupt Voip Unlimited and Voipfone Services Voip Unlimited and Voipfone, two Voice over Internet Protocol-based telecom companies in the U.K., report being victims of ongoing distributed denial-of-service attacks that have disrupted services.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
SEPTEMBER 26, 2021
Last month, the Port of Houston, one of the major US ports, was hit by a cyber attack allegedly orchestrated by a nation-state actor. One of the major US ports, the Port of Houston, revealed that it was hit by a cyber attack in August that had no impact on its systems. “The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August.
Security Affairs
SEPTEMBER 29, 2021
The U.S. CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions. Multiple attacks against private organizations and government entities, especially during the pandemic, were carried out by threat actors by exploiting vulnerabilities in popular VPN
Security Affairs
SEPTEMBER 4, 2021
FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The messages used weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript backdoor, in an attack aimed at a US point-of-sale (PoS) service provider.
Expert insights. Personalized for you.
345 
Let's personalize your content