Data Breach Today
DECEMBER 27, 2023
Attacks Exposed Millions of Records, Severely Disrupted Care and More Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
Security Affairs
DECEMBER 28, 2023
Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globally, observed multiple actors on the Dark Web releasing substantial data leaks. Over 50 million records containing PII of consumers from around the world have been leaked.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
DECEMBER 29, 2023
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.
WIRED Threat Level
DECEMBER 27, 2023
Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Data Breach Today
DECEMBER 26, 2023
Agency Set to Bolster Space Cybersecurity Efforts Across Public and Private Sectors Ground control to the space industry: Take your static cybersecurity practices and upgrade them to a dynamic model. So says NASA's first-ever security best practices guide for space communications, part of an effort to make mission security requirements more accessible.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
DECEMBER 27, 2023
AIIM Research shows the number of content systems in organizations is on the rise Organizations everywhere face the challenge of managing an ever-increasing volume of content. From documents and files to multimedia assets and web content, CRMs and ERPs, the pressing need for more broadly encompassing information management has become paramount. According to the AIIM 2023 State of the IIM Industry Report , it is evident that organizations are adopting an increasing number of content systems to ha
WIRED Threat Level
DECEMBER 28, 2023
From Sam Altman and Elon Musk to ransomware gangs and state-backed hackers, these are the individuals and groups that spent this year disrupting the world we know it.
Data Breach Today
DECEMBER 29, 2023
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
Security Affairs
DECEMBER 29, 2023
The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). One of the key significant improvements are support of more software clients (including browser-based cryptocurrency wallets), upgraded credit card (CC) grabber, and additional advanced mechanisms for password storage dump on var
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Schneier on Security
DECEMBER 26, 2023
Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police.
WIRED Threat Level
DECEMBER 29, 2023
It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.
Data Breach Today
DECEMBER 29, 2023
Attackers Have Been Exploiting App Installer to Evade Malware Defenses in Windows Microsoft has deactivated a tool designed to simplify the installation of Windows applications after hacking groups began exploiting the functionality to distribute malware loaders, leading to infections involving backdoors and ransomware.
Security Affairs
DECEMBER 25, 2023
Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm , Holmium , Elfin , and Magic Hound ) Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack against organizations in the Defense Industrial Base (DIB) sector. “Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
KnowBe4
DECEMBER 28, 2023
A newly-discovered technique misusing SMTP commands allows cybercriminals to pass SPF, DKIM and DMARC checks, empowering impersonated emails to reach their intended victim.
Schneier on Security
DECEMBER 27, 2023
Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more.
Data Breach Today
DECEMBER 29, 2023
Media Giant Alleges 'Billions of Dollars in Statutory and Actual Damages' The New York Times is suing OpenAI and its chief backer Microsoft for copyright infringement, alleging that OpenAI used without permission "millions" of its copyrighted articles to train the large language models used by ChatGPT and by extension Bing Chat and Copilot.
Security Affairs
DECEMBER 29, 2023
Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported. Albania’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed that cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania. The telecom carrier disclosed the cyber attack with a post published on Facebook, the company also added that the cyber attack did not interrupt its services. “Today, we identi
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
KnowBe4
DECEMBER 28, 2023
With so much of an attack riding on a cybercriminals ability to gain access to systems, applications and data, experts predict the trend of rising impersonation is only going to get worse.
Schneier on Security
DECEMBER 29, 2023
Wow : To test PIGEON’s performance, I gave it five personal photos from a trip I took across America years ago, none of which have been published online. Some photos were snapped in cities, but a few were taken in places nowhere near roads or other easily recognizable landmarks. That didn’t seem to matter much. It guessed a campsite in Yellowstone to within around 35 miles of the actual location.
Data Breach Today
DECEMBER 28, 2023
Deal Follows Court Ruling That Cleared the 4-Year-Old Class Action Claim for Trial Google reached a preliminary settlement in a class action lawsuit that alleged the tech giant had misled consumers about their privacy protections when using the private browsing Incognito mode of its Chrome web browser. The settlement came on the heels of a court ruling clearing the case for trial.
Security Affairs
DECEMBER 29, 2023
Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of a new cyber espionage campaign carried out by the Russia-linked group APT28 (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ”). The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
KnowBe4
DECEMBER 27, 2023
Cybersecurity researchers at Group-IB have identified a single scam campaign leveraging over 1500 websites impersonating postal carriers and shippers leading up to Christmas this year.
Jamf
DECEMBER 27, 2023
Check valuable insights on how to effectively manage security risks and maintain a healthy work-life balance with BYOD in small business. Read now to learn more.
Data Breach Today
DECEMBER 28, 2023
Also: Yakult Australia Admits to Experiencing 'Cybersecurity Incident' This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
Security Affairs
DECEMBER 24, 2023
A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming. Europol, ENISA, and private security firms Group-IB and Sansec collaborated in a joint law enforcement operation, uncovering 443 online shops affected by digital skimming. The operation is part of EMPACT priority, a law enforcement activity targeting the criminals behind online fraud schemes.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
KnowBe4
DECEMBER 27, 2023
With November demonstrating multiple increases when compared to various previous time periods, new data signals that we may be in for a bumpy ride in 2024.
Troy Hunt
DECEMBER 23, 2023
It's that time of the year again, time to head from the heat to the cold as we jump on the big plane(s) back to Europe. The next 4 weekly updates will all be from places of varying degrees colder than home, most of them done with Scott Helme too so they'll be a little different to usual. For now, here's a pretty casual Christmas edition, see you next week from the other side 🙂 References Sponsored by: Unpatched devices keeping you up at night?
Data Breach Today
DECEMBER 28, 2023
Also: Binance Ex-CEO's Wealth Up $25B; Coinbase Refutes Senate Claims; $3M Scam This week in the cryptocurrency industry, Thunder Terminal successfully prevented a hack, Changpeng Zhao ranking 34th on a list of billionaires, Coinbase refuted a senator's allegations of subverting crypto regulations, and scammers stole $3 million in 24 hours using fake ads.
Expert insights. Personalized for you.
306 
Let's personalize your content