October, 2024

article thumbnail

Secure Your World with Phishing Resistant Passkeys

Thales Cloud Protection & Licensing

Secure Your World with Phishing Resistant Passkeys madhav Thu, 10/10/2024 - 05:12 As we celebrate Cybersecurity Awareness Month 2024 with the theme "Secure Our World," exploring innovative technologies is crucial to help us achieve this goal. One such advancement that's revolutionizing online security and user authentication is passkeys. Passkeys represent a significant leap forward in creating a safer digital landscape, aligning perfectly with the mission to secure our world.

Phishing 133
article thumbnail

CISA Unveils 'Exceptionally Risky' Software Bad Practices

Data Breach Today

CISA and FBI Warn Software Providers to Avoid Risky Development Practices The Cybersecurity and Infrastructure Security Agency and the FBI released a joint advisory urging software providers to avoid risky practices like using memory-unsafe languages and other techniques that could jeopardize critical infrastructure and national security.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

Austin, TX, Oct. 10th, 2024, CyberNewswire — SpyCloud, the leader in Identity Threat Protection, announced that its SaaS Investigations solution has been enhanced with identity analytics that illuminate the scope of digital identities and accelerate successful outcomes of complex investigations from days or hours to minutes. SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by naviga

Risk 286
article thumbnail

Change Healthcare Breach Hits 100M Americans

Krebs on Security

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. A ransomware attack at Change Healthcare in the third week of February quickly spawned disruptions across the U.S. healthcare system that reverberated for months, thanks to the company’s c

Insurance 266
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The AIIM Certified Information Professional: Empowering Information Management Careers

AIIM

In today's AI-driven world, the ability to effectively manage information is more crucial than ever. At AIIM, we're committed to empowering professionals with the knowledge and skills they need to excel in the field of unstructured data management. Our Certified Information Professional (CIP) credential stands as a testament to this commitment, providing a comprehensive framework for understanding and implementing best practices in information management.

More Trending

article thumbnail

The Shitposting Cartoon Dogs Sending Trucks, Drones, and Weapons to Ukraine’s Front Lines

WIRED Threat Level

The North Atlantic Fella Organization, which started as a way to fight Kremlin propaganda, has raised millions of dollars to send vital equipment directly to soldiers fighting Russia.

Security 141
article thumbnail

Embargo Ransomware Disables Security Defenses

Data Breach Today

New Ransomware Group Deploys Rust-Based Tools in Attacks A recently constituted and apparently well-resourced ransomware player is developing and testing tools to disable security defenses, including a method that exploits a vulnerability in drivers. Embargo first surfaced in April amid an ongoing shakeup in the ransomware world.

article thumbnail

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

Passwordless Authentication without Secrets! divya Fri, 10/11/2024 - 08:54 As user expectations for secure and seamless access continue to grow, the 2024 Thales Consumer Digital Trust Index (DTI) research revealed that 65% of users feel frustrated with frequent password resets. This highlights an increasing demand for advanced authentication methods like passkeys and multi-factor authentication (MFA), which provide robust security for most use cases.

article thumbnail

How ChatGPT scanned 170k lines of code in seconds, saving me hours of work

Collaboration 2.0

Have a question that requires a lot of text or numerical analysis? Consider running it by ChatGPT or another popular model -- the answer might surprise you.

IT 142
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

American Water, one of the largest water utility providers in the United States, fell victim to a cyberattack that disrupted its billing systems, throwing light on the increasing vulnerability of critical infrastructure to such threats. While water services were not interrupted, the breach temporarily paused the company’s billing operations, causing customer concern.

article thumbnail

Samsung zero-day flaw actively exploited in the wild

Security Affairs

Google’s Threat Analysis Group (TAG) researchers warn of a Samsung zero-day vulnerability that is exploited in the wild. Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulnerability, tracked as CVE-2024-44068 (CVSS score of 8.1), which is exploited in the wild. The vulnerability is a use-after-free issue, attackers could exploit the flaw to escalate privileges on a vulnerable Android device.

Security 144
article thumbnail

Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices

WIRED Threat Level

Sophos went so far as to plant surveillance “implants” on its own devices to catch the hackers at work—and in doing so, revealed a glimpse into China's R&D pipeline of intrusion techniques.

IT 133
article thumbnail

European Police Make Headway Against Darknet Drug Markets

Data Breach Today

Nordic Authorities Takedown Sipulitie, Dutch Police Arrest Alleged Bohemia Admins October has been a good month for European police agencies shutting down dark web marketplaces, with Dutch, Finnish and Swedish police announcing server seizures and suspect arrests. It's been more than a decade since Ross "Dread Pirate Roberts" Ulbricht initiated an era of online criminal bazaars.

Marketing 311
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

A Window into Your Photos: Revealing How Sideloaded Apps Can Secretly Monitor Your Images

Jamf

In the ever-evolving realm of cybersecurity, staying ahead of malicious threats is essential. At Jamf, we are committed to proactively identifying and mitigating risks to iOS devices. Learn how in our latest post.

article thumbnail

AI scams have infiltrated the knitting and crochet world - why it matters for everyone

Collaboration 2.0

Using AI, scammers are creating frustrating - and expensive - problems for makers. Here's how to spot AI-generated patterns - and why anyone who relies on downloaded instructions should pay attention.

IT 128
article thumbnail

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

The reliance on virtual meetings has skyrocketed after the pandemic, making platforms like Google Meet and Zoom integral to our daily personal and professional communication. However, this surge in usage has also opened the door to a growing array of cybersecurity threats. One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users.

Phishing 122
article thumbnail

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server platform. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. vCenter Server is a critical component in VMware virtualization and cloud computing software suite.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Millions of People Are Using Abusive AI ‘Nudify’ Bots on Telegram

WIRED Threat Level

Bots that “remove clothes” from images have run rampant on the messaging app, allowing people to create nonconsensual deepfake images even as lawmakers and tech companies try to crack down.

article thumbnail

Meta Hit Again With Targeted Advertising Limits In Europe

Data Breach Today

European Court of Justice Says Meta May Not Indefinitely Retain User Data Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertising "without distinction as to type of data," the European Court of Justice said Friday.

IT 312
article thumbnail

Law Enforcement Deanonymizes Tor Users

Schneier on Security

The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay. Tor has written about this. Hacker News thread.

IT 115
article thumbnail

Ray-Ban Meta vs. GoPro: I took my smart glasses fly fishing and it was surprisingly relaxing

Collaboration 2.0

Fishing is one of my favorite ways to decompress and take in the beauty of the world around me. Meta's Ray-Ban smart glasses helped me capture that without diminishing the experience at all - unlike some other gadgets I've tried.

IT 126
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

KnowBe4's Cybersecurity Experts Shine at Barnes & Noble in New York City

KnowBe4

New York City's iconic Barnes & Noble on 5th Avenue recently featured the newly released books of two of KnowBe4's leading cybersecurity experts: Chief Human Risk Management Officer Perry Carpenter and Data-Driven Defense Evangelist Roger A. Grimes.

article thumbnail

A crime ring compromised Italian state databases reselling stolen info

Security Affairs

Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police are also investigating dozens of other individuals, including the son of Luxottica founder Leonardo Maria Del Vecchio.

article thumbnail

How Large Language Models Are Reshaping the Cybersecurity Landscape

Elie

This talk examine current real-world examples of AI-driven attacks and explore which defensive AI capabilities are available today.

article thumbnail

Internet Archive Data Breach Exposes 31 Million Accounts

Data Breach Today

Nonprofit Digital Archive Also Suffers Denial-of-Service Attacks, Defacement The nonprofit Internet Archive has been hit by hackers, who stole usernames and for 31 million accounts, including email addresses and bcrypt-hashed passwords. In recent days, the digital archive has also suffered defacement and repeat denial-of-service attacks.

Archiving 306
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Series wrap – The rise of the threat hunter

OpenText Information Management

As we reach the conclusion of the Threat Hunters blog series, it’s clear that the role of these cybersecurity specialists has never been more important. Over the past several weeks, we’ve delved into the world of threat hunters—exploring their day-to-day activities, the challenges they face, and the unique skills that set them apart. This series has highlighted how threat hunters are at the frontline, proactively defending organizations against increasingly sophisticated and evolving cyber threa

article thumbnail

I converted a mini PC running Windows 11 into a Linux workstation, and it blew me away

Collaboration 2.0

If you're looking for a small form-factor PC that doesn't skimp on performance, the Herk Orion might be just what you need.

IT 140
article thumbnail

North Korean IT Worker Threat: 10 Critical Updates to Your Hiring Process

KnowBe4

KnowBe4 was asked what changes were made in the hiring process after the North Korean (DPRK) fake IT worker discovery. Here is the summary and we strongly suggest you talk this over with your own HR department and make these same changes or similar process updates. If you are new to this story, here is the original post.

IT 120