Data Breach Today
JUNE 25, 2023
Google, Lyft Among Vulnerable Repositories, Aqua Researchers Say Millions of GitHub repositories are vulnerable to a repository renaming flaw that that could enable supply chain attacks, a new report by security firm Aqua said. They found 36,983 GitHub repositories vulnerable to repo jacking attacks including Google and Lyft.
Krebs on Security
JUNE 29, 2023
Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsin’s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that it intends to block his extradition to the United States.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
JUNE 27, 2023
Westford, Mass., June 27, 2023 – The industry is vying for ever-increasing gigabyte capacities. And yet there are countless applications that only require a fraction of this storage space. Typical applications include green IIoT technologies like charging stations, smart meters, and PV inverters, for which only a small amount of memory is required to run boot software or to communicate with cloud applications.
Dark Reading
JUNE 30, 2023
The group has given one of Apple's biggest semiconductor suppliers until Aug. 6 to pay $70 million or risk having its data and "points of entry" to its network publicly leaked.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
JUNE 28, 2023
Researchers Say Routers, Access Points, Firewalls, VPNs Could Expose Federal Data Security researchers at Censys found hundreds of federally owned devices at 50 different agencies exposed to the internet, accessible through IPv4 addresses and loaded with potentially vulnerable MOVEit and Barracuda Networks' ESG software. The vulnerabilities violate new CISA policy, the firm said.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
JUNE 26, 2023
As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats. Related: A call to regulate facial recognition Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.
Dark Reading
JUNE 27, 2023
By investing in a strong future cybersecurity workforce, we can prevent future attacks on US critical infrastructure before they occur.
Data Breach Today
JUNE 30, 2023
Third-Party Supplier Hacked; TSMC Says Leak Only Affected Initial Setup Files The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
eSecurity Planet
JUNE 28, 2023
Penetration tests are vital components of vulnerability management programs. In these tests, white hat hackers try to find and exploit vulnerabilities in your systems to help you stay one step ahead of cyberattackers. Because these tests can use illegal hacker techniques, pentest services will sign a contract detailing their roles, goals, and responsibilities.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Elie
JUNE 25, 2023
Exploring the societal impact of the genAI workforce entering the market.
Dark Reading
JUNE 27, 2023
Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs.
Data Breach Today
JUNE 26, 2023
Malware-Infected Watches Are the New USB Thumb Drive for Social Engineers Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as intercept voice communications and hijack cameras.
Schneier on Security
JUNE 29, 2023
We have learned this lesson again : As part of the FTC v. Microsoft hearing , Sony supplied a document from PlayStation chief Jim Ryan that includes redacted details on the margins Sony shares with publishers, its Call of Duty revenues, and even the cost of developing some of its games. It looks like someone redacted the documents with a black Sharpie but when you scan them in, it’s easy to see some of the redactions.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
KnowBe4
JUNE 24, 2023
According to an internal email obtained by CNN, the CEO of SolarWinds informed employees on Friday that the company plans to vigorously defend itself against potential legal action from US regulators over its handling of the 2020 breach by alleged Russian hackers.
Dark Reading
JUNE 29, 2023
Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.
Data Breach Today
JUNE 29, 2023
Group Listed Nearly 40 Victims on its Dark Web Leak Site So Far This Month New entrant ransomware group 8Base is fast becoming a "big player" in the underground market with nearly 40 victims in June - second only to the notorious LockBit ransomware gang. The group's top targets include business services, finance, manufacturing and IT industries.
Data Matters
JUNE 29, 2023
On June 13, 2023, the Office of Management and Budget released its Spring 2023 Unified Agenda of Regulatory and Deregulatory Actions , which includes updates on Securities and Exchange Commission (“SEC”) proposed rules. The SEC pushed back its estimate for the final action date to October 2023 for its proposed cybersecurity rules related to public companies, as well as for its investment advisers and funds proposal.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
KnowBe4
JUNE 30, 2023
Ransomware is only continuing to evolve and and get much, much worse. We've created this free Ransomware Awareness Month resource kit to help you protect.
John Battelle's Searchblog
JUNE 28, 2023
Welcome to the hellscape of “Made for Advertising” sites This past Monday NewsGuard , a journalism rating platform that also analyzes and identifies AI-driven misinformation, announced it had identified hundreds of junk news sites powered by generative AI. The focus of NewsGuard’s release was how major brands were funding these spam sites through the indifference of programmatic advertising, but what I found interesting was how low that number was – 250 or so sites.
Data Breach Today
JUNE 29, 2023
Denial of Service Attack, Remote Code Execution Could Affect Medtronic's Paceart Optima System Federal regulators have issued a warning about a vulnerability in medical device maker Medtronic's Paceart Optima System which, if exploited, could lead to a denial-of-service or remote code execution affecting the system's cardiac device data.
eSecurity Planet
JUNE 27, 2023
Security information and event management (SIEM) systems only have detections for 24 percent of the 196 techniques in MITRE ATT&CK v13, according to a new report. “This implies that adversaries can execute around 150 different techniques that will be undetected by the SIEM,” says the CardinalOps report. “Or stated another way, SIEMs are only covering around 50 techniques out of all the techniques that can potentially be used by adversaries.” The Third Annual Report on
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
KnowBe4
JUNE 28, 2023
A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.
Dark Reading
JUNE 26, 2023
A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
Data Breach Today
JUNE 29, 2023
Only 7% of Approximately 140 Affected Organizations Have Shared Count of Victims More victims of the Clop ransomware group's supply chain attack against popular file transfer software MOVEit continue to come to light. Security experts say about 140 organizations now appear to have been affected, comprising over 15 million individuals.
WIRED Threat Level
JUNE 27, 2023
Fifty years ago, a fire ripped through the National Personnel Records Center. It set off a massive project to save crucial pieces of American history—including, I hoped, my grandfather’s.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
KnowBe4
JUNE 27, 2023
CyberheistNews Vol 13 #26 | June 27th, 2023 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text scam last year. "Reports about texts impersonating banks are up nearly tenfold since 2019 with median reported individual losses of $3,000 last year," the report says.
Dark Reading
JUNE 26, 2023
A legitimate installer for the popular Nintendo game infects Windows machines with various malware, including a cryptominer and an infostealer, again showcasing the importance of remote worker security hygiene.
Data Breach Today
JUNE 27, 2023
Buying Document Verification Startup Berbix Will Make Socure Faster, More Accurate Socure has purchased a document verification startup founded by former members of Airbnb's Trust and Safety Team for $70 million to better detect fake identities. The deal will help Socure optimize the digital capturing and back-end processing of driver's licenses and passports at faster speeds.
Expert insights. Personalized for you.
262 
Let's personalize your content