Sat.Jul 22, 2023 - Fri.Jul 28, 2023

article thumbnail

GUEST ESSAY: Why it’s high time for us to rely primarily on passwordless authentication

The Last Watchdog

Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies. Related: Satya Nadella calls for facial recognition regulations Historically, this relationship has been effective from both the user experience and host perspectives; passwords unlocked a world of possibilities, acted as an effective security measure, and were simple to remember.

article thumbnail

Threat Intelligence Is Growing — Here's How SOCs Can Keep Up

Dark Reading

By integrating XDR and SIEM, security professionals can automate correlation and prioritization of alerts across a broad swath of security infrastructure.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Gamification Can Make Security Training Fun

Data Breach Today

Webhelp CISO on Interactive Tools for Cybersecurity Awareness Training In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees.

Security 245
article thumbnail

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.

Analytics 211
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

News Alert: CrowdSec report highlights the rise of IPv6 in cyber criminal activities

The Last Watchdog

Paris, France, July 27, 2023 – CrowdSec , the pioneering open source and collaborative cybersecurity company, today released its Q2 2023 Majority Report , a comprehensive community-driven data report fueled by the collective efforts of its thousands of users. Key takeaways from the report include the rise of IPv6 as well as the role of VPN in cybercriminal activities.

More Trending

article thumbnail

Latest MOVEit Data Breach Victim Tally: 455 Organizations

Data Breach Today

23 Million Individuals' Personal Details Exposed, Notifications Collectively Show More details about victims of the Clop crime group's zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light. Researchers now report that at least 455 organizations were hit directly or indirectly, exposing data for at least 23 million individuals.

article thumbnail

Voice recognition

Imperial Violet

Last week’s blog post was rather long, and had a greater than normal number of typos. (Thanks to people who pointed them out. I think I’ve fixed all the ones that were reported.) This was because I saw in reviews that iOS 17’s voice recognition was supposed to be much improved, and I figured that I’d give it a try. I’ve always found iOS’s recognition to be superior to Google Docs and I have an old iPad Pro that’s good for betas. iOS’s performance remains good and, yes, I think it’s better than i

article thumbnail

News Alert: QBE North America launches new cyber insurance program with Converge

The Last Watchdog

New York, NY, July 27, 2023 – QBE North America today announced the launch of a cyber insurance program with new MGA, Converge, acting as program administrator. The program will be broken down into two separate distribution structures, each with a distinct revenue focus and cyber security data access formation. •ConvergeElements™ offers primary and excess cyber coverage through select agents and brokers for companies with up to $100 million in revenue.

Insurance 188
article thumbnail

Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor

Security Affairs

Russia-linked BlueBravo has been spotted targeting diplomatic entities in Eastern Europe with the GraphicalProton Backdoor. The Russia-linked threat-state actor BlueBravo (aka APT29 , Cloaked Ursa, and Midnight Blizzard, Nobelium ) has been observed targeting diplomatic entities throughout Eastern Europe. The group was observed conducting a spear-phishing campaign with the end goal of infecting recipients with a new backdoor called GraphicalProton.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

SEC Votes to Require Material Incident Disclosure in 4 Days

Data Breach Today

Rules Approved in 3-2 Party Line Vote, Will Take Effect in December for Large Firms U.S. federal market regulators adopted rules Wednesday that require publicly traded companies to disclose most "material cybersecurity incidents" within four business days of determining materiality. The rules were approved on a party line vote after 70 minutes of discussion and debate.

Marketing 246
article thumbnail

Webcast: Today’s biggest information management challenges

OpenText Information Management

Are information sprawl, data access and security concerns holding back workforce productivity? Will the seemingly endless amounts of information that can be generated by AI only exacerbate information overload? Is cloud adoption creating siloes of information and adding complexity? These information management challenges and how to overcome them were discussed by a panel of industry … The post Webcast: Today’s biggest information management challenges appeared first on OpenText Blogs.

Cloud 98
article thumbnail

News Alert: Protect AI raises $35M in Series A financing to secure AI, ML software supply chain

The Last Watchdog

Seattle, Wash., July 26, 2023 — Protect AI , the artificial intelligence (AI) and machine learning (ML) security company, today announced it has closed a $35M Series A round of funding. The round was led by Evolution Equity Partners with participation from Salesforce Ventures and existing investors Acrew Capital, boldstart ventures, Knollwood Capital and Pelion Ventures.

Security 188
article thumbnail

CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency

Security Affairs

Crypto-payments service provider CoinsPaid suffered a cyber attack that resulted in the theft of $37,200,000 worth of cryptocurrency. CoinsPaid, a crypto-payment service provider, fell victim to a cyber attack, leading to the theft of $37,200,000 worth of cryptocurrency. The company attributes the cyber heist to the North Korea-linked APT Lazarus , which is also responsible for the attacks against Axie Infinity (USD 625M), Horizon Bridge (USD 100M), Atomic Wallet (USD 100M) and Alphapo (USD 23M)

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

OneTrust Raises $150M From Al Gore's Firm Following Layoffs

Data Breach Today

Vendor Cuts Valuation by $800M to Get Funding From Generation Investment Management OneTrust hauled in $150 million a year after laying off 950 employees but had to slash its valuation by $800 million to seal the deal. The Atlanta-based company intends to use the proceeds to accelerate its growth and fulfill customer demand for trust intelligence software.

IT 246
article thumbnail

Jamf integration with Google Cloud’s BeyondCorp helps secure iOS and iPadOS devices

Jamf

Jamf offers integrations with Google Cloud security including Google BeyondCorp for iOS and iPadOS devices.

article thumbnail

News Alert: Perception Point reports rates of ‘BEC,’ phishing attacks climb in the first half of 2023

The Last Watchdog

Tel Aviv, Israel, July 27, 2023 — Perception Point , a leading provider of advanced threat prevention across digital communication channels, today published a new report analyzing global cyberattack trends in H1 2023 amidst the paradigm shift brought about by advances in generative AI (GenAI) capabilities. In its H1 2023 Report: Cybersecurity Trends & Insights , Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of

Phishing 186
article thumbnail

DepositFiles exposed config file, jeopardizing user security

Security Affairs

DepositFiles, a popular web hosting service, left its environment configuration file accessible, revealing a trove of highly sensitive credentials. The recent tsunami of Cl0p-driven ransomware attacks via the MOVEit Transfer exploit is a painful reminder of the general idea behind the pessimistic “the cloud is just someone else’s computer” analogy. DepositFiles, a service boasting that it’s the “perfect place to keep your precious files in safety and share them,” does not alleviate these concern

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Coro Buys Privatise to Infuse SASE With Network Connectivity

Data Breach Today

Privatise Will Add DNS Filtering, Content Filtering, ZTNA to Coro's SASE Platform SMB cybersecurity platform Coro purchased an early-stage Israeli startup to bring network connectivity to its SASE offering for midmarket organizations. Coro said its buy of Jerusalem-based Privatise will give Coro clients a secure way to connect, manage and filter out malicious content.

article thumbnail

Can AI make government services more human?

CGI

While much attention on artificial intelligence (AI) has been focused on the commercial sector, AI and the public sector is a perfect fit. In fact, there are many use cases already for using AI to digitalize government services, including improving water quality for communities to helping answer constituent and health worker questions.

article thumbnail

How KnowBe4 Can Help You Fight Spear Phishing

KnowBe4

This blog was co-written by KnowBe4's Data-Driven Defense Evangelist Roger A. Grimes and Chief Learning Officer John Just. Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that hackers and malware successfully attack devices and networks. No other initial root cause comes close (unpatched software and firmware are a distant second, being involved in about 33% of attacks).

article thumbnail

Group-IB CEO Ilya Sachkov sentenced to 14 years in a strict prison colony

Security Affairs

Ilya Sachkov, CEO and co-founder of Group-IB was sentenced to 14 years in a high security prison colony according to the Moscow court announcement. As per the announcement from the Moscow court, Ilya Sachkov, the CEO and co-founder of Group-IB, has been sentenced to 14 years in a high-security prison colony. Sachkov listened to the verdict from a glass cage in the courtroom and nervously reacted as the sentence was announced by Judge Alexander Rybak.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Criminals Are Flocking to a Malicious Generative AI Tool

Data Breach Today

A 12-Month Subscription to FraudGPT Costs $1,700 Cybercriminals are using an evil twin of OpenAI's generative artificial intelligence tool Chat GPT. It's called FraudGPT, it's available on criminal forums, and it can be used to write malicious code and create convincing phishing emails. A similar tool called WormGPT is also available.

article thumbnail

Peloton Bugs Expose Enterprise Networks to IoT Attacks

Dark Reading

Hackers have three key pathways — the OS, apps, and malware — for leveraging the popular home fitness equipment as initial access for data compromise, ransomware, and more

IoT 98
article thumbnail

Barbie-Related Scams Emerge After Recent Movie Release

KnowBe4

Scammers are taking advantage of the popularity of the Barbie movie.

article thumbnail

Monitor Insider Threats but Build Trust First

Security Affairs

The issue of how to prevent insider threats without infringing on employee privacy is one that has been a hot topic of debate in recent years. Because insider threats are uniquely challenging to detect and identify, different methods are needed than traditional detection based on signatures or other known threat triggers. Tools that are designed to detect insider threats are more effective, but also bring up questions related to the level of monitoring necessary and employees’ right to a certain

Privacy 98
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Help Your Employees Guard Against Rising Attacks

Data Breach Today

Guidehouse Security Director on Solutions to Stem Social Engineering Attacks With social engineering attacks escalating, security organizations should embrace better cybersecurity awareness training to protect their organizations against insidious schemes, said Barry Coatsworth, director of risk, compliance and security at Guidehouse.

article thumbnail

TETRA Radio Code Encryption Has a Flaw: A Backdoor

WIRED Threat Level

A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.

article thumbnail

New IBM report reveals the cost of a data breach now tops $4.45 million

KnowBe4

IBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach reached $4.45 million in 2023. This marks a significant increase of 15% over the past 3 years, making it the highest recorded cost in the history of the report. Notably, detection and escalation costs have seen a substantial rise of 42% during the same period, indicating a shift towards more complex breach investigations.