Sat.Jul 14, 2018 - Fri.Jul 20, 2018

article thumbnail

Why Artificial Intelligence Is Not a Silver Bullet for Cybersecurity

Dark Reading

Like any technology, AI and machine learning have limitations. Three are detection, power, and people.

article thumbnail

Bank Hackers Exploit Outdated Router to Steal $1 Million

Data Breach Today

PIR Bank Robbed by Russia's MoneyTaker Gang, Investigators Say Hackers stole at least $920,000 from Russia's PIR Bank after they successfully compromised an outdated, unsupported Cisco router at a bank branch office and used it to tunnel into the bank's local network, reports incident response firm Group-IB.

IT 198
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Facial Recognition Backlash: Technology Giants Scramble

Data Breach Today

'We Refuse to be Complicit,' Silicon Valley Employees Tell Bosses Silicon Valley employees are increasingly calling on executives to restrict the use of facial recognition technology, mobilized in part by the U.S. government's previous policy of separating children from parents at the border. Experts say facial recognition regulations are needed - and quickly.

article thumbnail

How Google's Safe Browsing Helped Build a More Secure Web

WIRED Threat Level

You may not have heard of Safe Browsing, but it's made the web more secure for over a decade. Here's its story, from the people who built it.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Human Resources Firm ComplyRight Breached

Krebs on Security

Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information -- including names, addresses, phone numbers, email addresses and Social Security numbers -- from tax forms submitted by the company's thousands of clients on behalf of employees. Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information -- including

Cloud 33

More Trending

article thumbnail

FBI: Global Business Email Compromise Losses Hit $12.5 Billion

Data Breach Today

'CEO Fraud' Remains Alive, Well and Underreported Known losses due to business email compromise have exceeded $12.5 billion worldwide, the FBI's Internet Complaint Center reports, adding that fraudsters are increasingly targeting the U.S. real estate sector with such scams.

150
150
article thumbnail

Ukraine Blocks a Russian Hack, a Silk Road Arrest, and More Security News This Week

WIRED Threat Level

Drone plans for sale, a Silk Road arrest, and more security news this week.

Sales 104
article thumbnail

‘LuminosityLink RAT’ Author Pleads Guilty

Krebs on Security

A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called “ LuminosityLink ,” a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide. The LuminosityLink Remote Access Tool (RAT) was sold for $40 to thousands of customers, who used the tool to gain unauthorized access to tens of thousands of computers worldwide.

Marketing 158
article thumbnail

Defeating the iPhone Restricted Mode

Schneier on Security

Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift , which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson in this: security is hard. Apple Computer has one of the best security teams on the planet.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Timehop Reveals Additional Data Compromised by Hacker

Data Breach Today

Exposed Data Includes Victims' Birth Date, Gender, Country Code and IP Address Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.

IT 145
article thumbnail

Oracle Sets All-Time Record with July Critical Patch Update

Threatpost

July's critical patch update addresses 334 security vulnerabilities (including 61 rated critical) covering a vast swathe of the Oracle enterprise portfolio.

article thumbnail

CIP Exam Now Available in Online Proctored Format

AIIM

I am pleased to announce that we have introduced another exam option for CIP candidates. To recap, there are now three ways you can take the CIP exam: At any Kryterion exam center world-wide. At an AIIM-taught CIP prep course. Online proctored via Kryterion. Online proctoring has been available for years, but has sometimes suffered from confusion with online certificate programs and the perception that "it's just an online exam.

Access 82
article thumbnail

New Report on Chinese Intelligence Cyber-Operations

Schneier on Security

The company ProtectWise just published a long report linking a bunch of Chinese cyber-operations over the past few years. The always interesting gruqq has some interesting commentary on the group and its tactics. Lots of detailed information in the report, but I admit that I have never heard of ProtectWise or its research team 401TRG. Independent corroboration of this information would be helpful.

IT 89
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Greece Will Send Russian Cybercrime Suspect to France

Data Breach Today

US Accuses Alexander Vinnik of $4 Billion in Bitcoin Money Laundering A Greek court has ruled that Russian national Alexander Vinnik will be sent to France to face cybercrime charges. The U.S. has accused Vinnik of laundering $4 billion in bitcoins via the BTC-e exchange, which it said also handled stolen Mt. Gox and Silk Road bitcoins.

IT 140
article thumbnail

Cisco fixes critical and high severity flaws in Policy Suite and SD-WAN products

Security Affairs

Cisco has found over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products. The tech giant has reported customers four critical vulnerabilities affecting the Policy Suite. The flaws tracked as CVE-2018-0374 , CVE-2018-0375 , CVE-2018-0376, and CVE-2018-0377 have been discovered during internal testing.

article thumbnail

[Podcast] What to Expect at The AIIM Conference

AIIM

Last week, we opened up registration for The AIIM Conference 2019 - our annual conference that brings together over 600 information professionals from around the world for 3 days of learning, networking, and fun. If you've never been to one of our conferences or haven't been in a few years, you may be wondering what to expect. Sure, we could try and write up something up and do our best to describe it, but we have a better idea - hear it directly from last year's attendees, keynote speakers, and

article thumbnail

Meet Jonathan Albright, The Digital Sleuth Exposing Fake News

WIRED Threat Level

Buried in media scholar Jonathan Albright's research was proof of a massive political misinformation campaign. Now he's taking on the the world's biggest platforms before it's too late.

IT 80
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

LabCorp. Cyberattack Impacts Testing Processes

Data Breach Today

Expert: Latest Attack on Healthcare Sector - Growing Target Medical laboratory testing firm LabCorp. is investigating a weekend cyberattack on its IT network, which was resulted in the company taking certain processes offline. The attack is just the latest cyber assault on the healthcare sector.

IT 133
article thumbnail

Anarchy botmaster builds a botnet of 18,000 Huawei routers in a few hours

Security Affairs

The popular Anarchy botmaster builds a botnet of 18,000 Huawei routers in a few hours, and it is also planning to target vulnerable Realtek routers. NewSky Security first reported the born a new huge botnet, in just one day the botmaster compromised more than 18,000 Huawei routers. NewSky security researcher Ankit Anubhav announced that the botnet had already infected 18,000 routers.

IoT 76
article thumbnail

There is no social license for My Health Record. Australians should reject it | Julia Powles

The Guardian Data Protection

The Australian Digital Health Agency’s bullish approach to My Health Record shows it learned no lessons from the UK’s disastrous version A three-month countdown clock alerted many Australians this week to the government’s progress on a massive, mandatory health data centralisation scheme. Known as My Health Record , the scheme compulsorily enlists all Australians into sharing their health information, unless they opt out before the deadline of 15 October 2018.

IT 75
article thumbnail

The Midterm Elections Are Already Under Attack

WIRED Threat Level

Phishing attempts and DDoS attacks have begun hitting 2018 campaigns. The US seems ill-prepared to meet the challenge.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Server Security: The Need for Deep Learning and Anti-Exploit

Data Breach Today

Traditional server security controls were not built for ransomware, cryptojacking and other modern attacks. Paul Murray of Sophos discusses deep learning, anti-exploit technology and other key elements of the new wave of server defenses.

Security 133
article thumbnail

Researchers show how to manipulate road navigation systems with low-cost devices

Security Affairs

Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers and manipulate road navigation systems. Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers. The kit could be used to deceive receivers used by navigation systems and suggest drivers the wrong direction. “we explore the feasibility of a stealthy manipulation attack against road navigation systems.

Paper 75
article thumbnail

Cryptocurrency reality checks and the coming boom

Collaboration 2.0

Like the early stages of the dot com boom, the initial speculative crypto bubble is over. Expect waves of rapid evolution next, as maturity kicks in and serious players emerge and scale.

76
article thumbnail

RealNetworks Launches Free Facial Recognition Tool for Schools

WIRED Threat Level

A new facial recognition tool by RealNetworks aims to keep kids safe in school. But privacy experts fear the unchecked surveillance of kids could go awry.

Privacy 75
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

LabCorp Still Recovering From Ransomware Attack

Data Breach Today

SamSam, Other Ransomware Still Menacing Healthcare Sector Medical testing laboratory firm LabCorp is still working to fully recover systems functionality nearly a week after a cyberattack that the company now claims involved "a new variant" of ransomware. What can other organizations do to avoid becoming the next victim?

article thumbnail

Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Security Affairs

Researchers from the Z-Lab at CSE Cybsec analyzed a new collection of malware allegedly part of a new espionage campaign conducted by the APT28 group. It was a long weekend for the researchers from the Z-Lab at CSE Cybsec that completed the analysis a number of payloads being part of a new cyber espionage campaign conducted by the Russian APT28 group (aka Fancy Bear , Pawn Storm , Sednit , Sofacy, and Strontium ).

article thumbnail

China Publishes the Draft Regulations on the Classified Protection of Cybersecurity

Hunton Privacy

On June 27, 2018, the Ministry of Public Security of the People’s Republic of China published the Draft Regulations on the Classified Protection of Cybersecurity (?????????????????) (“Draft Regulation”) and is seeking comments from the public by July 27, 2018. Pursuant to Article 21 of the Cybersecurity Law , the Draft Regulation establishes the classified protection of cybersecurity.