The Last Watchdog

FEBRUARY 11, 2024

Every industry is dealing with a myriad of cyber threats in 2024. It seems every day we hear of another breach, another scam, another attack on anything from a small business to a critical aspect of our nation’s infrastructure. Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance office

Risk 234

Risk IT Financial Services Cybersecurity 234

Data Breach Today

FEBRUARY 13, 2024

CyberEd.io's Steve King on How Gen AI Will Disrupt and Transform Careers Generative AI is both the villain in the tale of job displacement and the hero ushering in a new era of enhanced job roles and opportunities. Steve King of CyberEd.io discusses how gen AI will make your career an uncertain journey that demands lifelong learning, skepticism, humor and adaptability.

308

308

Data Breach Today

FEBRUARY 12, 2024

Steve Lenderman on the Shift From Synthetic Identity to Synthetic Entity Fraud Synthetic IDs remain a problem not because of a lack of data but because of failure to identify the right data and establish correlations, said Steve Lenderman, co-chair of the Industry Working Groups for the International Association of Financial Crimes Investigators.

277

277

Krebs on Security

FEBRUARY 14, 2024

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser

Education 351

Education Data breaches Government Security 351

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

AIIM

FEBRUARY 13, 2024

Why do workshops work so well in adult learning? Read on to see how we are incorporating workshops at AIIM24 and how you can use workshops as a powerful tool for adult learning.

181

181

Data Breach Today

FEBRUARY 13, 2024

InfoSys McCamish Says Incident Involved BoA's Deferred Compensation Plan Customers Bank of America is notifying more than 57,000 customers that their information, including Social Security numbers, was potentially compromised in a hacking incident last November at Atlanta, Georgia-based insurance software firm InfoSys McCamish. BoA says none of its systems were affected.

Insurance 317

Insurance Security IT 317

Krebs on Security

FEBRUARY 13, 2024

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412 , a “security feature bypass” in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits.

Phishing 264

Phishing Authentication Security IT 264

WIRED Threat Level

FEBRUARY 16, 2024

A surprise disclosure of a national security threat by the House Intelligence chair was part of an effort to block legislation that aimed to limit cops and spies from buying Americans' private data.

Security 145

Security Privacy 145

Security Affairs

FEBRUARY 16, 2024

U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a threat actor gained access to an unnamed state government organization’s network environment via an administrator account belonging to a former employee.

Government 145

Government Authentication Cybersecurity Data breaches 145

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

FEBRUARY 12, 2024

Attackers Downloaded Files Containing Financial, Security and User Information A still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.

Phishing 310

Phishing Security 310

Elie

FEBRUARY 16, 2024

This research study presented at NeurIPS 2024 introduces RETVec, a robust and multilingual text vectorizer that provides efficiency and resilience against typos and adversarial attacks for neural-based text processing.

137

137

WIRED Threat Level

FEBRUARY 14, 2024

Romantic chatbots collect huge amounts of data, provide vague information about how they use it, use weak password protections, and aren’t transparent, new research from Mozilla says.

Privacy 144

Privacy Passwords IT Security 144

Security Affairs

FEBRUARY 14, 2024

Researchers reported that attackers can exploit the ‘command-not-found’ utility to trick users into installing rogue packages on Ubuntu systems. Cybersecurity researchers from cloud security firm Aqua discovered that it is possible to abuse, the popular utility ‘called ‘command-not-found’ that can lead to deceptive recommendations of malicious packages. “Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’

Cloud 144

Cloud Cybersecurity IT Security 144

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

FEBRUARY 13, 2024

ACt Will Require Developers to Allows A Copyright Holder Opt Out Two key European Parliament committees accepted a political compromise set to govern how trading bloc countries develop and deploy artificial intelligence. The regulation is set to become the globe's first comprehensive AI regulation.

Artificial Intelligence 295

Artificial Intelligence Government 295

KnowBe4

FEBRUARY 14, 2024

Analysis of this newly-spotted service makes it clear that the newest entrant into the Ransomware-as-a-Service (RaaS) space has taken note of where predecessors are lacking and launched a better product.

Ransomware 132

Ransomware IT Security 132

WIRED Threat Level

FEBRUARY 11, 2024

Two researchers have improved a well-known technique for lattice basis reduction, opening up new avenues for practical experiments in cryptography and mathematics.

Security 141

Security 141

Security Affairs

FEBRUARY 12, 2024

Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We’ve all used public Wi-Fi: it’s convenient, saves our data, and speeds up browsing. But while we enjoy its benefits, hackers do too. Here, we’ll explore how cybercriminals exploit public Wi-Fi to access your private data and possibly steal your identity.

Encryption 144

Encryption Passwords Phishing Authentication 144

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

FEBRUARY 15, 2024

Outdated Software, Exploited Flaws, Security Loopholes Expose Ivanti's Devices Supply chain security firm Eclypsium found corporate VPN maker Ivanti's Pulse Secure devices - which underwent much emergency patching amid a likely Chinese espionage zero-day hacking campaign - operate on an 11-year old version of Linux and use many obsolete software packages.

Security 292

Security 292

KnowBe4

FEBRUARY 15, 2024

A phishing campaign is attempting to trick users into downloading remote monitoring and management (RMM) software like AnyDesk, Atera, and Splashtop, according to researchers at Malwarebytes.

Phishing 124

Phishing Security 124

WIRED Threat Level

FEBRUARY 12, 2024

Top congressional lawmakers are meeting in private to discuss the future of a widely unpopular surveillance program, worrying members devoted to reforming Section 702.

Privacy 138

Privacy Security 138

Security Affairs

FEBRUARY 10, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS Out-of-Bound write vulnerability, tracked as CVE-2024-21762 , to its Known Exploited Vulnerabilities (KEV) catalog. This week Fortinet warned that the recently discovered critical remote code execution vulnerability in FortiOS SSL VPN, tracked as CVE-2024-21762 (CVSS score

IT 144

IT Cybersecurity Risk Security 144

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

FEBRUARY 14, 2024

Researchers See Waning Mystique, Use of Ghost Groups, Breach Tricks, Trauma of War While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.

Ransomware 291

Ransomware 291

KnowBe4

FEBRUARY 14, 2024

Valentine's Day. A time where love is in the air, florists work overtime, and restaurant tables are as scarce as a truthful politician. But as we're busy swiping right in hopes of finding that special someone, cybercriminals are swiping left.on your security. Heartbreak hits differently when it's your bank account that's been ghosted.

Security 124

Security IT Security awareness 124

WIRED Threat Level

FEBRUARY 12, 2024

Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.

Privacy 137

Privacy Security 137

Security Affairs

FEBRUARY 14, 2024

Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adobe addressed over 30 vulnerabilities across various products, including critical issues. The software maker warned of critical flaws in popular products such as Adobe Acrobat and Reader, Adobe Commerce and Magento Open Source, Substance 3D Painter, and FrameMaker.

Authentication 143

Authentication Security Ransomware 143

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

FEBRUARY 12, 2024

Company Will Use Investment to Expand Services, says CEO Dave Gerry Bugcrowd received a $102 million venture capital investment to fuel strategic growth, the company announced Monday. "Our customers are outgunned and outmatched. They need to tap into all this creativity that exists within the hacker community," said company CEO Dave Gerry.

289

289

Schneier on Security

FEBRUARY 12, 2024

Matt Burgess tries to only use passkeys. The results are mixed.

Passwords 123

Passwords 123

WIRED Threat Level

FEBRUARY 16, 2024

The prototype satellites hitched a ride on a Falcon 9 rocket.

Military 125

Military Security 125