Data Breach Today
JUNE 25, 2023
Google, Lyft Among Vulnerable Repositories, Aqua Researchers Say Millions of GitHub repositories are vulnerable to a repository renaming flaw that that could enable supply chain attacks, a new report by security firm Aqua said. They found 36,983 GitHub repositories vulnerable to repo jacking attacks including Google and Lyft.
Krebs on Security
JUNE 29, 2023
Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsin’s prosecution could soon put the Kazakhstan government in a sticky diplomatic position, as the Kremlin is already signaling that it intends to block his extradition to the United States.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
JUNE 27, 2023
Westford, Mass., June 27, 2023 – The industry is vying for ever-increasing gigabyte capacities. And yet there are countless applications that only require a fraction of this storage space. Typical applications include green IIoT technologies like charging stations, smart meters, and PV inverters, for which only a small amount of memory is required to run boot software or to communicate with cloud applications.
Dark Reading
JUNE 30, 2023
The group has given one of Apple's biggest semiconductor suppliers until Aug. 6 to pay $70 million or risk having its data and "points of entry" to its network publicly leaked.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
JUNE 28, 2023
Researchers Say Routers, Access Points, Firewalls, VPNs Could Expose Federal Data Security researchers at Censys found hundreds of federally owned devices at 50 different agencies exposed to the internet, accessible through IPv4 addresses and loaded with potentially vulnerable MOVEit and Barracuda Networks' ESG software. The vulnerabilities violate new CISA policy, the firm said.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
JUNE 26, 2023
As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats. Related: A call to regulate facial recognition Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.
eSecurity Planet
JUNE 28, 2023
Penetration tests are vital components of vulnerability management programs. In these tests, white hat hackers try to find and exploit vulnerabilities in your systems to help you stay one step ahead of cyberattackers. Because these tests can use illegal hacker techniques, pentest services will sign a contract detailing their roles, goals, and responsibilities.
Data Breach Today
JUNE 26, 2023
Malware-Infected Watches Are the New USB Thumb Drive for Social Engineers Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as intercept voice communications and hijack cameras.
Dark Reading
JUNE 27, 2023
Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
The Last Watchdog
JUNE 30, 2023
SMS toll fraud is spiking. I learned all about the nuances of deploying – and defending – these insidious attacks in a recent visit with Arkose Labs CEO, Kevin Gosschalk , who explained how the perpetrators victimize businesses that use text messages to validate phone users signing up for a new account. Related: Countering Putin’s weaponizing of ransomware The fraudsters set themselves up as “affiliates” of phone companies in Indonesia, Thailand and Vietnam and then use bots to apply for o
Data Matters
JUNE 29, 2023
On June 13, 2023, the Office of Management and Budget released its Spring 2023 Unified Agenda of Regulatory and Deregulatory Actions , which includes updates on Securities and Exchange Commission (“SEC”) proposed rules. The SEC pushed back its estimate for the final action date to October 2023 for its proposed cybersecurity rules related to public companies, as well as for its investment advisers and funds proposal.
Data Breach Today
JUNE 29, 2023
Group Listed Nearly 40 Victims on its Dark Web Leak Site So Far This Month New entrant ransomware group 8Base is fast becoming a "big player" in the underground market with nearly 40 victims in June - second only to the notorious LockBit ransomware gang. The group's top targets include business services, finance, manufacturing and IT industries.
Dark Reading
JUNE 27, 2023
By investing in a strong future cybersecurity workforce, we can prevent future attacks on US critical infrastructure before they occur.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Last Watchdog
JUNE 29, 2023
San Francisco, Calif., June 29, 2023 — NetWitness , a globally trusted provider of threat detection, investigation, and response technology and incident response services, today announced it is now integrated with AWS AppFabric , a new service from Amazon Web Services (AWS) that quickly connects software as a service (SaaS) applications for better productivity and security.
John Battelle's Searchblog
JUNE 28, 2023
Welcome to the hellscape of “Made for Advertising” sites This past Monday NewsGuard , a journalism rating platform that also analyzes and identifies AI-driven misinformation, announced it had identified hundreds of junk news sites powered by generative AI. The focus of NewsGuard’s release was how major brands were funding these spam sites through the indifference of programmatic advertising, but what I found interesting was how low that number was – 250 or so sites.
Data Breach Today
JUNE 30, 2023
Third-Party Supplier Hacked; TSMC Says Leak Only Affected Initial Setup Files The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
Schneier on Security
JUNE 29, 2023
We have learned this lesson again : As part of the FTC v. Microsoft hearing , Sony supplied a document from PlayStation chief Jim Ryan that includes redacted details on the margins Sony shares with publishers, its Call of Duty revenues, and even the cost of developing some of its games. It looks like someone redacted the documents with a black Sharpie but when you scan them in, it’s easy to see some of the redactions.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
The Last Watchdog
JUNE 27, 2023
Porto, Portugal, June 27 th 2023– Jscrambler , a leading solution for JavaScript protection and real-time webpage monitoring, today announces the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0).
eSecurity Planet
JUNE 27, 2023
Security information and event management (SIEM) systems only have detections for 24 percent of the 196 techniques in MITRE ATT&CK v13, according to a new report. “This implies that adversaries can execute around 150 different techniques that will be undetected by the SIEM,” says the CardinalOps report. “Or stated another way, SIEMs are only covering around 50 techniques out of all the techniques that can potentially be used by adversaries.” The Third Annual Report on
Data Breach Today
JUNE 26, 2023
New Bill Set to Penalize Disclosure of Data Protection Commission's Reprimands Irish Parliament has proposed changes to a new bill that would make it a criminal offense to disclose privacy reprimands issued by the Data Protection Commission. Civil rights groups are accusing the government of shielding the country's privacy regulator from criticism.
Dark Reading
JUNE 26, 2023
A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
The Last Watchdog
JUNE 27, 2023
New York and Reston, Virg., June 27, 2023 — Quantexa , a global leader in Decision Intelligence (DI) solutions for the public and private sectors, and Carahsoft Technology Corp , The Trusted Government IT Solutions Provider ® , today announced a partnership. Under the agreement, Carahsoft will serve as Quantexa’s Master Government Aggregator ® , making the company’s Decision Intelligence platform available to U.S.
eSecurity Planet
JUNE 30, 2023
Nearly half of EDR tools and organizations are vulnerable to Clop ransomware gang tactics, according to tests by a cybersecurity company. Cymulate ran 3,107 assessments across 340 organizations recently to see if security controls were adequate against the Clop (sometimes called “Cl0p” with a zero) ransomware group’s exploitation of a MOVEit software vulnerability ( CVE-2023-34362 ).
Data Breach Today
JUNE 29, 2023
Denial of Service Attack, Remote Code Execution Could Affect Medtronic's Paceart Optima System Federal regulators have issued a warning about a vulnerability in medical device maker Medtronic's Paceart Optima System which, if exploited, could lead to a denial-of-service or remote code execution affecting the system's cardiac device data.
Dark Reading
JUNE 26, 2023
A legitimate installer for the popular Nintendo game infects Windows machines with various malware, including a cryptominer and an infostealer, again showcasing the importance of remote worker security hygiene.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
IT Governance
JUNE 29, 2023
Cyber criminals have stolen text messages, call logs and location data from the popular phone monitoring app LetMeSpy. It’s a cruel twist of fate for the software provider, whose product enables customers to monitor other people’s phone activity. The technology is advertised to parents for keeping an eye on their children and to employers for monitoring their staff.
WIRED Threat Level
JUNE 27, 2023
Fifty years ago, a fire ripped through the National Personnel Records Center. It set off a massive project to save crucial pieces of American history—including, I hoped, my grandfather’s.
Data Breach Today
JUNE 29, 2023
Only 7% of Approximately 140 Affected Organizations Have Shared Count of Victims More victims of the Clop ransomware group's supply chain attack against popular file transfer software MOVEit continue to come to light. Security experts say about 140 organizations now appear to have been affected, comprising over 15 million individuals.
Expert insights. Personalized for you.
247 
Let's personalize your content