Troy Hunt
OCTOBER 4, 2023
Imagine you wanted to buy some s**t on the internet. Not the metaphorical kind in terms of "I bought some random s**t online", but literal s**t. Turds. Faeces. The kind of thing you never would have thought possible to buy online until. Shitexpress came along. Here's a service that enables you to send an actual piece of smelly s**t to "An irritating colleague.
Data Breach Today
OCTOBER 3, 2023
McLaren Health Care Ransomware Incident Among Latest Alleged Alphv/BlackCat Attacks Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
OCTOBER 2, 2023
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners to phishing and other social engineering attacks.
The Last Watchdog
OCTOBER 4, 2023
Something simply must be done to slow, and ultimately reverse, attack surface expansion. Related: What Cisco’s buyout of Splunk really signals We’re in the midst of driving towards a dramatically scaled-up and increasingly connected digital ecosystem. Companies are obsessed with leveraging cloud-hosted IT infrastructure and the speedy software development and deployment that goes along with that.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Thales Cloud Protection & Licensing
OCTOBER 2, 2023
Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. As we are well and truly in the digital-first age, the need for robust cybersecurity measures is glaringly evident. Though significant, the early days' threats vastly differed from today's sophisticated cyberattacks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
SEPTEMBER 30, 2023
Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.
The Last Watchdog
OCTOBER 5, 2023
Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information from Google and dozens of privacy-breaching websites. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.
WIRED Threat Level
OCTOBER 6, 2023
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.
Data Breach Today
OCTOBER 6, 2023
ISACA's Jon Brandt Discusses Threat Trends, Hiring Challenges, New Opportunities What kinds of training do security professionals need? The biggest skills gaps are soft skills (55%), cloud computing (47%), security controls (35%), coding skills (30%) and software development (30%), according ISACA's State of Cybersecurity 2023 survey of more than 2,000 security leaders globally.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
OCTOBER 5, 2023
TechCrunch reported that a working zero-day exploit for the popular WhatsApp can be paid millions of dollars. The research of zero-day exploits for popular applications such as WhatsApp is even more complex due to the security mechanisms implemented by the developers of the mobile OSs and the app. TechCrunch reported that a zero-day exploits for popular applications like WhatsApp “are now worth millions of dollars” TechCrunch obtained leaked documents that demonstrate that, as of 202
The Last Watchdog
OCTOBER 2, 2023
Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades. Related: MSFT CEO calls for regulating facial recognition tech Tesla’s visionary insights from 1900 hinted at the potential, and today, we bask in the glow of interconnected networks supporting our digital lives.
WIRED Threat Level
OCTOBER 4, 2023
Elon Musk’s brain-chip startup conducted years of tests at UC Davis, a public university. A WIRED investigation reveals how Neuralink and the university keep the grisly images of test subjects hidden.
Data Breach Today
OCTOBER 5, 2023
2020 Ransomware Incident Affected 13,000 Customers, Millions of Individuals Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
OCTOBER 5, 2023
NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politically motivated threat actor called SiegedSec has breached its systems and leaked unclassified documents online. “NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites,” reads a statement issued by s NATO official to media outlets.
The Last Watchdog
OCTOBER 5, 2023
Worcester, Mass., Oct. 5, 2023 – Today, the Healey-Driscoll Administration kicked off Cybersecurity Month in Massachusetts with the announcement of $1,136,911 in funding to develop a new cybersecurity training center at MassBay Community College and support the existing center at Bridgewater State University. The grants are part of the state’s SOC/Range Initiative, a program managed by MassTech’s MassCyberCenter that aims to help build a diverse generation of cybersecurity professionals thro
Dark Reading
OCTOBER 4, 2023
The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space.
Data Breach Today
OCTOBER 4, 2023
Nation-State Attacks on Defense Manufacturers Rising Since November 2022 South Korean national intelligence has sounded alarms about North Korean hackers targeting the country's shipbuilding industry to steal naval military secrets. The agency said the hacks are part of North Korean leader Kim Jong Un's strategy to build larger, more advanced warships.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
OCTOBER 1, 2023
Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.
eSecurity Planet
OCTOBER 6, 2023
Despite all the advances in cybersecurity, email remains the starting point for the vast majority of cyberattacks, as phishing, malware and social engineering remain effective attack techniques. That makes email security software a worthwhile investment for organizations of all sizes. We analyzed the market for email security tools and software to arrive at this list of 7 top email security solutions, including their standout features, limitations and ideal use cases, followed by issues prospect
Dark Reading
OCTOBER 6, 2023
The information leaked in the breach involves personally identifiable information as well as genetic ancestry data, potential relatives, and geolocations.
Data Breach Today
OCTOBER 6, 2023
Micro Focus Falls From Leaders Ranking as Static App Testing Vendors Embrace Gen AI Veracode, Synopsys and Checkmarx remain atop Forrester's static application security testing list, while Micro Focus fell from the leaderboard after the OpenText buy. Firms have gone beyond evaluating the security of code itself and now assess the safety of the infrastructure the code is running on.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
OCTOBER 4, 2023
Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employees and their family members about a data breach that exposed their personal information. Sony notified about 6,800 individuals, it confirmed that the security breach was the result of the exploitation of the zero-day vulnerability CVE-2023-34362 in the MOVEit Transfer platform.
Schneier on Security
OCTOBER 3, 2023
Turns out pumps at gas stations are controlled via Bluetooth, and that the connections are insecure. No details in the article, but it seems that it’s easy to take control of the pump and have it dispense gas without requiring payment. It’s a complicated crime to monetize, though. You need to sell access to the gas pump to others.
Dark Reading
OCTOBER 2, 2023
Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.
Data Breach Today
OCTOBER 5, 2023
Critical Privilege Escalation Bug Helps Create Admin Accounts Hackers have weaponized a zero-day in a popular workspace collaboration tool to create administrator accounts and gain unrestricted access to their on-premises instances of the software, Atlassian's Confluence Data Center and Server products, which serves millions of daily active users.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
OCTOBER 3, 2023
Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups that have also targeted Italian entities and businesses, are back in the news; they are LockBit 3.0 Black and BlackCat/AlphV , which had already been reported by the media in the first decade of last July.
The Last Watchdog
OCTOBER 5, 2023
Tel Aviv, Israel, Oct. 5, 2023 — Kovrr , the leading global provider of cyber risk quantification (CRQ) solutions, announces the release of its new Fortune 1000 Cyber Risk Report, shedding light on the complex and ever-evolving cyber risk landscape across various industry sectors and the respective financial repercussions companies may consequently face. “This financial awareness is especially crucial when searching for potentially material incidents and justifying cybersecurity in
Dark Reading
OCTOBER 5, 2023
A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.
Expert insights. Personalized for you.
131 
Let's personalize your content