The Last Watchdog
JUNE 12, 2023
Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. Privacy controls allow you to say who or what can access a database of customer data or employee data.
IBM Big Data Hub
JUNE 15, 2023
There’s no debate that the volume and variety of data is exploding and that the associated costs are rising rapidly. The proliferation of data silos also inhibits the unification and enrichment of data which is essential to unlocking the new insights. Moreover, increased regulatory requirements make it harder for enterprises to democratize data access and scale the adoption of analytics and artificial intelligence (AI).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JUNE 15, 2023
A new version of the infamous browser extension is spreading through files on websites offering pirated wares, and leverages unique persistence mechanisms.
Data Breach Today
JUNE 13, 2023
Akamai: Rapid Digitalization, Flawed Code Led to 14 Billion Attacks in Past Year Hackers hit the e-commerce industry with 14 billion attacks in 15 months, pushing it to the top of the list of targets for web application and API exploits. A new Akamai report blames digitalization and the wide range of vulnerabilities hackers can exploit in web applications.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
The Last Watchdog
JUNE 12, 2023
The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. Related: SolarWinds-style supply chain attacks on the rise Clop operatives went live last week with an unusual ultimatum — written in broken English and posted in a Dark Web forum — giving the victimized organizations a June 14 th deadline to make direct contact with them under threat of having sensitive stol
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
JUNE 15, 2023
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Under a new order from the Cybersecurity and Infrastructure Security Agency (CISA), federal agencies will have 14 days to respond to any reports from CISA
Data Breach Today
JUNE 16, 2023
Gamaredon Spreads Custom Backdoor Through Thumb Drives A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
Security Affairs
JUNE 16, 2023
British multinational oil and gas company Shell has confirmed that it has suffered a ransomware attack conducted by the Clop group. Oil and Gas giant Shell has confirmed that it is one of the victims of the recent large-scale ransomware campaign conducted by the Clop gang exploiting a MOVEit zero-day vulnerability Threat actors are actively exploiting the zero-day vulnerability, tracked as CVE-2023-34362 , to steal data from organizations worldwide.
WIRED Threat Level
JUNE 15, 2023
The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Krebs on Security
JUNE 13, 2023
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.
Data Breach Today
JUNE 12, 2023
Debt Collection Software Firm Intellihartx Says Nearly 490,000 Affected by Breach A company that makes patient debt collection software is the latest healthcare sector entity to report a hacking breach related to a flaw in Fortra's GoAnywhere secure file transfer software. To date, the GoAnywhere vulnerability has affected the health information of 4.4 million individuals.
Security Affairs
JUNE 16, 2023
Progress Software addressed a third vulnerability impacting its MOVEit Transfer application that could lead to privilege escalation and information disclosure. Progress Software disclosed a new SQL injection vulnerability impacting its MOVEit Transfer application, it is the third issue fixed by the company after: CVE-2023-35036 (June 9, 2023) CVE-2023-34362 (May 31, 2023) “Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential un
WIRED Threat Level
JUNE 13, 2023
Fresh claims from a former US intelligence officer about an “intact” alien craft may get traction on Capitol Hill, where some lawmakers want to believe.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Last Watchdog
JUNE 16, 2023
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations. Related: Supply-chain hack ultimatum The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services.
Data Breach Today
JUNE 15, 2023
Targets Include Southeast Asian Foreign Ministry, Foreign Trade Offices in Taiwan Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant. Hackers used a zero-day vulnerability in Barracuda Networks Email Security Gateway appliances.
Security Affairs
JUNE 16, 2023
An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico. MalwareHunterTeam researchers first shared the hash for a GravityRAT sample via a tweet.
WIRED Threat Level
JUNE 10, 2023
Documents WIRED obtained detail new prison-monitoring technology that keeps tabs on inmates' location, heartbeats, and more.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Schneier on Security
JUNE 12, 2023
New research suggests that AIs can produce perfectly secure steganographic images: Abstract: Steganography is the practice of encoding secret information into innocuous content in such a manner that an adversarial third party would not realize that there is hidden meaning. While this problem has classically been studied in security literature, recent advances in generative models have led to a shared interest among security and machine learning researchers in developing scalable steganography te
Data Breach Today
JUNE 16, 2023
New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
Security Affairs
JUNE 16, 2023
DoJ charged a Russian national with conspiring to carry out LockBit ransomware attacks against U.S. and foreign businesses. The Justice Department announced charges against the Russian national Ruslan Magomedovich Astamirov (20) for his role in numerous LockBit ransomware attacks against systems in the United States, Asia, Europe, and Africa. The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members
WIRED Threat Level
JUNE 16, 2023
The ransomware gang Clop exploited a vulnerability in a file transfer service. The flaw is now patched, but the damage is still coming into focus.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Dark Reading
JUNE 16, 2023
This new role safeguarding cloud deployments requires an exceedingly rare set of technical and soft skills.
Data Breach Today
JUNE 14, 2023
SharePoint, Multicasting and Exchange Figure Prominently This Month Microsoft's June dump of monthly patches for the first time in months doesn't include a fix for an actively exploited zero day in a slew of fixes for 69 vulnerabilities spread across the computing giant's portfolio of products. Among them: SharePoint, Exchange and serves that enable multicasting.
Security Affairs
JUNE 15, 2023
The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. The advisory was published by Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Ana
WIRED Threat Level
JUNE 12, 2023
Personal information, including ID documents and phone numbers, have been released on Telegram.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
JUNE 16, 2023
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
Data Breach Today
JUNE 13, 2023
Online Music Streamer Will Appeal Decision From Swedish Data Protection Authority Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.
Security Affairs
JUNE 15, 2023
Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the target networks for three months.
Expert insights. Personalized for you.
202 
Let's personalize your content