Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing 200

Phishing Passwords Insurance Data breaches 200

Data Breach Today

AUGUST 17, 2023

Nation-States Running Information Operations Embrace AI-Generated Images and Video Hackers wielding generative artificial intelligence tools have yet to pose a serious cybersecurity risk, say researchers at Google's threat intelligence group Mandiant, as they sound the alarm instead about a rise in information operations featuring AI-generated fake images and video.

Artificial Intelligence 245

Artificial Intelligence Cybersecurity Risk 245

The Last Watchdog

AUGUST 13, 2023

LAS VEGAS – Just when we appeared to be on the verge of materially shrinking the attack surface, along comes an unpredictable, potentially explosive wild card: generative AI. Related: Can ‘CNAPP’ do it all? Unsurprisingly, generative AI was in the spotlight at Black Hat USA 2023 , which returned to its full pre-Covid grandeur here last week.

Security 246

Security Cloud Artificial Intelligence Cybersecurity 246

Weissman's World

AUGUST 14, 2023

Q: “Aioli? What’s aioli?” A: “It’s just mayonnaise.” Q: “What’s information governance?” A: That’s the topic of today’s edition of Speaking Of! Join me and Elizabeth Weeks of the Alberta School Employee Benefit Plan as we discuss the need to know our audiences and communicate in their terms. Just as restaurateurs do when telling uninitiated… Read More » IG Needs a Makeover (or, It’s Just Mayonnaise) The post IG Needs a Makeover (or, It’s Just Mayonnaise) appeared first on

Information governance 156

Information governance Communications Government IT 156

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

AUGUST 14, 2023

John Clifton Davies , a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch , and Diligere[.]co.uk , a scam due diligence company that Equity-Invest insists all investment partners use.

Cloud 171

Cloud IT 171

The Last Watchdog

AUGUST 15, 2023

Social media giants have long held too much power over our digital identities. Related: Google, Facebook promote third-party snooping Today, no one is immune to these giants’ vicious cycle of collecting personal data, selling it to advertisers, and manipulating users with data metrics. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users.

Privacy 188

Privacy Personal data Encryption Blockchain 188

AIIM

AUGUST 15, 2023

"With great power comes great responsibility" is an adage that Stan Lee’s Spider-Man popularized in popular comics, films, and other media. In Information Management today, there is great power in systems that leverage Artificial Intelligence for quickly making decisions and processing massive volumes of information. As information managers, we have a responsibility to understand that these systems have a potential for bias and how to identify and mitigate risks associated with producing reliabl

Artificial Intelligence 104

Artificial Intelligence Risk 104

Security Affairs

AUGUST 18, 2023

A flaw impacting the file archiver utility for Windows WinRAR can allow the execution of commands on a computer by opening an archive. WinRAR is a popular file compression and archival utility for Windows operating systems. The utility is affected by a now-fixed high-severity vulnerability, tracked as CVE-2023-40477 (CVSS score 7.8), that can allow remote execution of arbitrary code on a computer by opening a crafted RAR archive.

Archiving 98

Archiving Access Security Information Security 98

Data Breach Today

AUGUST 18, 2023

Kaspersky Falls From Leaderboard as Deliberate Decision Made to Nix Russian Firms Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence providers have expanded into adjacent use cases such as brand protection and vulnerability management.

246

246

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Jamf

AUGUST 18, 2023

Is your Small or Medium-sized Business (SMB) protected against cyber threats? Safeguard your organization's sensitive data and assets with Jamf Now. Read now and enhance your SMB's cybersecurity posture.

Security 98

Security Cybersecurity 98

Dark Reading

AUGUST 17, 2023

Users report losing access to their accounts, with some being pressured into paying a ransom to get back in or else face permanent account deletion.

Access 98

Access 98

Security Affairs

AUGUST 18, 2023

#OpFukushima: The famous collective Anonymous has launched cyberattacks against Japan nuclear websites over Fukushima water plan. The hacker collective Anonymous has launched cyberattacks against nuclear power-linked groups in Japan as part of an operation called #OpFukushima. The campaign was launched to protest against the Government’s plan to release the treated radioactive water from the Fukushima nuclear plant into the sea.

Government 98

Government Security IT Information Security 98

Data Breach Today

AUGUST 16, 2023

Constabularies of Norfolk and Suffolk Alert Follows FOIA Breach in Northern Ireland England's Norfolk and Suffolk constabularies report that they accidentally exposed information on victims and witnesses in response to freedom of information requests just one week after police in Northern Ireland accidentally exposed information on all police officers and staff via an FOI request.

FOIA 246

FOIA Data breaches 246

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Jamf

AUGUST 17, 2023

Jamf Threat Labs developed a post-exploit persistence technique on iOS 16 that falsely shows a functional Airplane Mode. In reality, after successful device exploit the attacker plants an artifical Airplane Mode that edits the UI to display Airplane Mode icons and cuts internet connection to all apps except the attacker application. This enables the attacker to maintain access to the device even when the user believes it is offline.

Access 98

Access IT 98

KnowBe4

AUGUST 16, 2023

New reports show many LinkedIn users have reported several complaints about accounts being taken over by bad actors.

Cybersecurity 98

Cybersecurity 98

Security Affairs

AUGUST 18, 2023

A massive social engineering campaign is targeting users of the Zimbra Collaboration email server to steal their login credentials. ESET researchers uncovered a mass-spreading phishing campaign targeting users of the Zimbra Collaboration email server since April 2023. Zimbra Collaboration is an open-core collaborative software platform. The campaign is still ongoing and is targeting a wide range of small and medium businesses and governmental entities.

Phishing 98

Phishing Passwords IT Security 98

Data Breach Today

AUGUST 15, 2023

Rapattoni-Hosted Multiple Listing Services Can't Add or Update Property Information Property listings nationwide are being disrupted due to an apparent ransomware attack against California-based Rapattoni, which hosts Multiple Listing Services used by real estate brokers to list, market and sell properties. Rapattoni said it's not clear when its systems might be back online.

Ransomware 246

Ransomware Marketing IT 246

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

OpenText Information Management

AUGUST 16, 2023

In our discussions with customers and countless surveys, cybersecurity and sensitive data protection are always top-ranking issues. IT now has available some of the most advanced cybersecurity innovations in its arsenal than ever before, with excellent authentication and real-time threat detection. While these tools are critical to secure IT infrastructure, many organizations still struggle with … The post 5 steps to strengthen critical information protection appeared first on OpenText Blo

Cybersecurity 98

Cybersecurity Authentication Security IT 98

KnowBe4

AUGUST 16, 2023

New analysis of the second quarter of this year makes it clear that individuals and organizations alike are at an increasing risk of web- and email-based scams.

Risk 98

Risk IT Cybersecurity 98

Security Affairs

AUGUST 18, 2023

An international law enforcement operation across 25 African countries has led to the arrest of 14 cybercriminals. A coordinated law enforcement operation conducted by INTERPOL and AFRIPOL across 25 African countries has led to the arrest of 14 suspected cybercriminals and the identification of 20,674 suspicious cyber networks. The operation demonstrates the surge in cybercriminal activities in the region.

Sales 98

Sales Phishing Security IT 98

Data Breach Today

AUGUST 18, 2023

Also: Highlights from BlackHat 2023; Latest Cybersecurity M&A Activity In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.

Cybersecurity 246

Cybersecurity Privacy 246

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Information Governance Perspectives

AUGUST 16, 2023

The following excerpt is from an inspiring new memoir, The Bastard of Beverly Hills, from JIA Publishing Group, available on Amazon , Barnes & Noble and wherever fine books are sold. Mr. Hale was menacing—a carbon copy of boxer Muhammad Ali, with beefy forearms, scarred knuckles, and a perfectly cut Afro. Even his chubby cheeks looked mean. He sat the entire lecture, staring at us like plebs.

IT 98

IT Education 98

KnowBe4

AUGUST 15, 2023

Get the resources you need to help keep your users safe from malicious social engineering attacks during this year's Cybersecurity Awareness Month with our free resource kit.

Cybersecurity 98

Cybersecurity 98

Security Affairs

AUGUST 17, 2023

Researchers discovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems. AT&T Alien Labs researchers uncovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems. The experts identified a company that is charging for proxy service on traffic that goes through infected machines.

IT 98

IT Security Information Security 98

Data Breach Today

AUGUST 15, 2023

153,000 Individuals Affected in Hack, Including Client Linked to an Earlier Breach A global law firm that handles data breach litigation is faced with defending itself against a proposed class action lawsuit filed in the aftermath of its own data breach. The lawsuit stems from a March hacking incident at San Francisco-based Orrick, Herrington & Sutcliffe.

Data breaches 246

Data breaches IT 246

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Collibra

AUGUST 17, 2023

Created in 2019, the concept of the data mesh is one of the most-discussed topics in data management. As more and more zettabytes of data are created every year, organizations everywhere are seeking better ways to accelerate turning data into better decisions, better products, and ultimately better organizations. Over the last year, together with Accenture, we’ve created a number of helpful data mesh assets, and we wanted to pull them together to help you quickly get to what you need.

Government 98

Government Analytics IT 98

KnowBe4

AUGUST 15, 2023

The Knight ransomware -as-a-service offering (formerly known as “Cyclops”) is using phony TripAdvisor complaints to deliver its malware, BleepingComputer reports.

Ransomware 98

Ransomware IT 98

Security Affairs

AUGUST 17, 2023

Russia-linked APT29 used the Zulip Chat App in attacks aimed at ministries of foreign affairs of NATO-aligned countries EclecticIQ researchers uncovered an ongoing spear-phishing campaign conducted by Russia-linked threat actors targeting Ministries of Foreign Affairs of NATO-aligned countries. The experts detected two PDF files masqueraded as coming from the German embassy and that contained two diplomatic invitation lures.

Phishing 98

Phishing Manufacturing Government Authentication 98