Dark Reading

APRIL 4, 2023

In the height of tax-return season, a popular tax prep software service leaves a malicious JavaScript file online for weeks.

140

140

WIRED Threat Level

APRIL 3, 2023

An agency database WIRED obtained reveals widespread use of so-called 1509 summonses that experts say raises the specter of potential abuse.

Privacy 145

Privacy Security 145

IT Governance

APRIL 5, 2023

Malware is one of the most common cyber security threats that organisations and individuals face. Whenever someone talks about their computer being infected, encountering bots or even falling victim to a scam email, malware is normally involved. It’s why anti-malware software is usually considered a top priority for staying safe online. However, those tools are not flawless.

Encryption 117

Encryption Data breaches Phishing Government 117

Data Breach Today

APRIL 4, 2023

Tranche of Stolen Data Is Disguised Royal Ransomware Installer, Researchers Warn The Royal ransomware group has been running a social engineering campaign designed to trick targets into thinking they've fallen victim to a crypto-locking and data exfiltration attack by giving them a purported list of what was stolen that, if opened, installs Royal ransomware, researchers warn.

Ransomware 162

Ransomware 162

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

APRIL 4, 2023

Several domain names tied to Genesis Market , a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly

Marketing 346

Marketing Passwords Authentication Access 346

Dark Reading

APRIL 6, 2023

A flaw in Twitter code allows bot abuse to trick the algorithm into suppressing certain accounts.

142

142

Data Breach Today

APRIL 4, 2023

Chinese-Owned App Will Pay 12.7 Million Pounds A British government agency added to TikTok's reputational woes by finding it failed to protect children's privacy. TikTok is playing defense in multiple Western countries against concerns it collects massive amounts of data it could use for surveillance or information operations.

Privacy 294

Privacy Government IT 294

Krebs on Security

APRIL 3, 2023

John Clifton Davies , a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “ CodesToYou ,” which purports to be a “full cycle software development company” based in the U.K.

Communications 228

Communications Security Marketing Insurance 228

Troy Hunt

APRIL 5, 2023

A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they've named "Operation Cookie Monster" They've provided millions of impacted email addresses and passwords to Have I Been Pwned (HIBP) so that victims of the incident can discover if they have been exposed.

Marketing 141

Marketing Passwords Authentication Paper 141

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Dark Reading

APRIL 5, 2023

Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests.

IT 140

IT 140

Data Breach Today

APRIL 4, 2023

Tallahassee Memorial Says Patient Data 'Obtained' in February Security Incident A Florida-based community healthcare system has begun notifying about 20,000 individuals whose information was compromised in a data security incident that prompted the organization to operate under its IT downtime procedures, including diverting some emergency patients, for two weeks in February.

Security 277

Security IT 277

eSecurity Planet

APRIL 7, 2023

Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source security tools what Kali Linux has done for open source pentesting, but the addition of more than 100 open source tools for SIEM , incident response , intrusion detection and more should raise the profile of those defensive tools.

Energy and Utilities 137

Energy and Utilities Security Cybersecurity Passwords 137

WIRED Threat Level

APRIL 4, 2023

Italy’s recent ban of Open AI’s generative text tool may just be the beginning of ChatGPT's regulatory woes.

Privacy 127

Privacy Security 127

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Dark Reading

APRIL 4, 2023

The malware is one of the most sophisticated ransomwares ever seen in the wild, and marks a leap ahead for cybercrime.

Ransomware 133

Ransomware Encryption 133

Data Breach Today

APRIL 5, 2023

19-Year-Old José Huerta Allegedly Hacked A Government File Transfer System Spanish National Police arrested Friday a teenager hacker who allegedly stole the sensitive data of more than half a million taxpayers from the national revenue service and boasted in an online podcast about having access to personal data of 90 percent of the population.

Personal data 273

Personal data Government Access 273

KnowBe4

APRIL 3, 2023

Using the lure of ChatGPT’s AI as a means to find new ways to make money, scammers trick victims using a phishing -turned-vishing attack that eventually takes victim’s money.

Phishing 124

Phishing Artificial Intelligence 124

WIRED Threat Level

APRIL 4, 2023

Digging through manuals for security cameras, a group of gearheads found sinister details and ignited a new battle in the US-China tech war.

Security 124

Security 124

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Dark Reading

APRIL 7, 2023

Your family's SUV could be gone in the night thanks to a headlight crack and hack attack.

IoT 124

IoT 124

Data Breach Today

APRIL 6, 2023

Russian Group Targets Patient Care and Evolves Its Tactics, HHS HC3 Report Warns Most of the healthcare organizations hit by distributed denial-of-service attacks by pro-Russia hacktivists in January have one or more level 1 trauma centers, indicating that the attackers aimed to disrupt care for the most critically ill and injured patients, according to a new government report.

Government 257

Government IT 257

KnowBe4

APRIL 3, 2023

The Cyber Police of Ukraine have arrested twelve alleged members of an organized cybercrime group that’s stolen approximately $4.3 million from users across Europe, the Hacker News reports.

122

122

eSecurity Planet

APRIL 5, 2023

Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the U.S.

Ransomware 120

Ransomware Cybersecurity Education Encryption 120

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Dark Reading

APRIL 3, 2023

Proxyjacking is an emerging, low-effort and high-reward attack for threat actors, with the potential for far-reaching implications.

Cloud 118

Cloud 118

Data Breach Today

APRIL 5, 2023

International Operation Led by FBI Results in Hundreds of Arrests The FBI and other national police are touting an operation that dismantled Genesis Market, a marketplace used by ransomware hackers and bank thieves to gain ongoing access to victims' computers. Genesis Market since 2018 offered access to more than 1.5 million compromised computers around the world.

Marketing 255

Marketing Ransomware Access 255

IT Governance

APRIL 3, 2023

Welcome to our March 2023 list of data breaches and cyber attacks. Our research identified exactly 100 publicly disclosed incidents during the month, accounting for 41,970,182 breached records. You can find the full list of data breaches and cyber attacks below, including our new feature in which we delve into the month’s biggest incidents in a little more detail.

Data breaches 117

Data breaches Ransomware Phishing Government 117

KnowBe4

APRIL 5, 2023

The FBI’s newly-released report shows just how ransomware continues to plague critical infrastructure sectors, despite the U.S. government’s recent efforts to stop these attacks.

Ransomware 115

Ransomware 115

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Dark Reading

APRIL 4, 2023

Have you ever wondered how they design blue team exercises? One ransomware and cyber extortion simulation demonstrates the best practices.

Ransomware 113

Ransomware 113

Data Breach Today

APRIL 3, 2023

Online Services Are Offline Hard disk drive maker Western Digital disclosed a hacking incident the company says likely resulted in data theft. Online services offered by the California company - including personal and enterprise cloud storage and email and push notifications - are down as of publication.

Cloud 234

Cloud 234

Data Protection Report

APRIL 5, 2023

Introduction By way of an interim measure adopted on 30 March 2023, the Italian Data Protection Authority ( Garante per la protezione dei dati personali ) (the Garante ) ordered the US company Open AI LLC to temporarily stop ChatGPT’s processing of personal data relating to individuals located in Italy, pending the outcome of the Garante’s investigation into the privacy practices of ChatGPT.

Personal data 111

Personal data GDPR Data breaches Privacy 111