Data Breach Today
JULY 14, 2022
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Krebs on Security
JULY 21, 2022
U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “ pig butchering ,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JULY 29, 2022
The first half of the year saw more than 11,800 reported security vulnerabilities, but figuring out which ones to patch first remains a thankless job for IT teams.
The Last Watchdog
JULY 5, 2022
Gathering intelligence has always been a key tool for organisational decision making – understanding the external operating environment is the ‘101’ for business. How can you grasp the challenges and opportunities for your company without a deep understanding of all the contributing factors that make the company tick? Related: We’re in the golden age of cyber espionage.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Imperial Violet
JULY 3, 2022
The presentations are out now ( Google I/O , WWDC ): we're making a push to take WebAuthn to the masses. WebAuthn has been working reasonably well for enterprises and technically adept users. But we were not going to see broad adoption while the model was that you had to purchase a pair of security keys, be sure to register the backup on every site, yet also keep it in a fire safe.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 15, 2022
Small and Mid-Size Businesses Targeted Globally But So Far Extortion Attempts Have Failed Microsoft security researches say they're tracking a hacking group originating from North Korea that may be a side project of an established threat actor. So far the group, which likes the moniker "H0lyGh0st," appears not to have collected any ransom.
Krebs on Security
JULY 10, 2022
Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim’s personal information and a different email
Schneier on Security
JULY 18, 2022
Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties. Mozilla introduced support for URL stripping in Firefox 102 , which it launched in June 2022. Firefox removes tracking parameters from web addresses automatically, but only in private browsing mode or when the browser’s Tracking Protection feature is set to strict.
The Last Watchdog
JULY 14, 2022
Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. Related: Deploying human sensors. Phishing comes with a simple premise – lure someone to interact with a malicious link, file, or credentials-input, disguised as a legitimate email or website.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
eSecurity Planet
JULY 11, 2022
Intezer Labs security researchers have identified a sophisticated new malware that targets Linux devices. Dubbed OrBit , the malware can gain persistence quickly, evade detection and hide its presence in network activity by manipulating logs. The module hooks functions called in shared libraries, which is pretty common for malware, but it also implements “advanced evasion techniques” and “remote capabilities over SSH.”.
Security Affairs
JULY 23, 2022
The U.S. DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. The U.S. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. “The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom paymen
Data Breach Today
JULY 14, 2022
Attackers Targeted More Than 10,000 Organizations Since Last September Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server. Attackers stole online session cookies, allowing them to defeat MFA and access inboxes. From there, they emailed corporate vendors to obtain financial data.
Krebs on Security
JULY 29, 2022
The 911 service as it existed until July 28, 2022. 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy so
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Dark Reading
JULY 14, 2022
Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says.
The Last Watchdog
JULY 1, 2022
The pandemic-driven remote working brought about unforeseen challenges that the pre-pandemic corporate world would have never imagined. From transitioning to a work-from-home as a ‘perk’ to a ‘necessity’, the organizations had to realign their operations and do it fast, to keep the ships afloat. Related: Deploying human sensors. Now that the dust seems to have settled on the novelty of remote working, there’s no doubt that remote working- whether organizations like it or not is here to say
eSecurity Planet
JULY 12, 2022
The first signs of the ransomware attack at data storage vendor Spectra Logic were reports from a number of IT staffers about little things going wrong at the beginning of the day. Matters steadily worsened within a very short time and signs of a breach became apparent. Screens then started to display a ransom demand, which said files had been encrypted by the NetWalker ransomware virus.
Security Affairs
JULY 17, 2022
Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was hacked, the threat actors compromised its official website and stole 314 NFTs. According to the experts from blockchain security firm CertiK, this is one of the biggest NFT hacks on record. The analysis of the experts revealed that the threat actors planted a malicious JavaScript code to premint.xyz.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
JULY 13, 2022
Free Searching on Stolen Data and Higher Ransom Demands Among Latest Innovations Seeking maximum profits, ransomware groups continually refine the tactics they use to bypass defenses, infect victims and pressure them into paying. Unfortunately, a reported increase in ransomware attacks and ransom amounts getting paid to criminals suggests these efforts largely remain successful.
Krebs on Security
JULY 27, 2022
It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true motivation for the attack. But a recent review of Ashley Madison mentions across Russian cybercrime forums and far-right websites in the months leading up to the hack revealed s
KnowBe4
JULY 19, 2022
The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years.
The Last Watchdog
JULY 11, 2022
It is astounding that billions of online accounts have been breached over the past 18 years and that US consumer accounts are by far the most compromised. Related: VPNs vs ZTNA. Now comes hard metrics quantifying the scope of this phenomenon. It’s in findings of a deep dive data analytics study led by Surfshark , a supplier of VPN services aimed at the consumer and SMB markets.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Dark Reading
JULY 18, 2022
Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says.
Security Affairs
JULY 15, 2022
Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. The Holy Ghost ransomware gang has been active since June 2021 and it conducted ransomware attacks against small businesses in multiple countries.
Data Breach Today
JULY 29, 2022
Customers of 'Robin Banks' Platform Have Netted $500,000 Fifty bucks gets cybercriminals access to a phishing-as-a-service platform for campaigns impersonating major brands in the United States and other English-speaking countries. Researchers from IronNet say the prices offered on "Robin Banks" are substantially less than comparable service providers.
Krebs on Security
JULY 12, 2022
Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
KnowBe4
JULY 12, 2022
A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.
The Last Watchdog
JULY 25, 2022
Cyber-attacks continue to make headlines, and wreak havoc for organizations, with no sign of abating. Having spiked during the COVID-19 pandemic, threats such as malware, ransomware, and DDoS attacks continue to accelerate. Related: Apple tools abuse widespread. A10’s security research team recorded a significant spike in the number of potential DDoS weapons available for exploitation in 2021 and early 2022.
Dark Reading
JULY 26, 2022
Machine learning should be considered an extension of — not a replacement for — existing security methods, systems, and teams.
Expert insights. Personalized for you.
347 
Let's personalize your content