The Last Watchdog

SEPTEMBER 14, 2023

In today’s digital age, trust has become a cornerstone of building a better Internet. Preserving privacy for a greater good The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities. These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.

Mining 290

Mining Communications Privacy Risk 290

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. In early August, a cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings , which are located in multiple states, including California, Tex

Ransomware 359

Ransomware Paper Cybersecurity IT 359

WIRED Threat Level

SEPTEMBER 12, 2023

Signs suggest the culprits worked within a notorious Chinese hacker group that may have also hacked Indian electric utilities years earlier.

Security 349

Security 349

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold.

Passwords 338

Passwords Authentication Sales Data breaches 338

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

SEPTEMBER 13, 2023

Alphv/BlackCat Group Reportedly Hit Casino Operator via Social Engineering Attack Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.

Ransomware 329

Ransomware Cybersecurity Security 329

WIRED Threat Level

SEPTEMBER 13, 2023

A scandal unfolding in Argentina shows the dangers of implementing facial recognition—even with laws and limits in place.

Privacy 245

Privacy Security 245

Krebs on Security

SEPTEMBER 12, 2023

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe , Google Chrome and Apple iOS users may have their own zero-day patching to do. On Sept. 7, researchers at Citizen Lab warned they were seeing active exploitation of a “zero-click,” zero-day flaw to install spyware on iOS devices without any interaction from the victim. 

Authentication 298

Authentication Passwords Access Privacy 298

Data Breach Today

SEPTEMBER 11, 2023

Honeypot Hits Reinforce Need for Strong Passwords and Multifactor Authentication Honeypot data collected by CISO Jesse La Grew highlights how attackers continue to target default usernames - including for SSH - together with weak passwords to gain brute force remote access to their targets. Here are essential username, password and remote service practices for combating such attacks.

Honeypots 317

Honeypots Passwords Data collection Authentication 317

Security Affairs

SEPTEMBER 11, 2023

Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercriminal community. The malware is not sophisticated, however, unlike other loaders, it has a modular structure that allows supporting code injection and execution.

Security 351

Security Access IT Information Security 351

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

WIRED Threat Level

SEPTEMBER 9, 2023

Plus: Apple patches newly discovered flaws exploited by NSO Group spyware, North Korean hackers target security researchers, and more.

Data Privacy 244

Data Privacy Privacy Security 244

The Last Watchdog

SEPTEMBER 13, 2023

From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life. Sharing intel for a greater good Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks. I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd , a pioneer in the crowdsourced security market.

Security 228

Security Risk Marketing IT 228

Data Breach Today

SEPTEMBER 13, 2023

Defense Department Will Conduct Defensive Ops on Internal Network, Invest in People The Defense Department's updated cyber strategy calls for disrupting malicious actors and boosting the cyber capabilities of U.S. allies to take on Chinese threats to critical infrastructure. Defense officials also plan to conduct defensive operations to protect the department's information network.

311

311

Security Affairs

SEPTEMBER 13, 2023

The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airbus announced that it is investigating a data leak after cybersecurity firm Hudson Rock reported that a hacker posted information on thousands of the company’s vendors to the dark web.

Sales 350

Sales Access Ransomware Cybersecurity 350

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

WIRED Threat Level

SEPTEMBER 11, 2023

State and local governments in the US are scrambling to harness tools like ChatGPT to unburden their bureaucracies, rushing to write their own rules—and avoid generative AI's many pitfalls.

Government 243

Government Artificial Intelligence Privacy Security 243

The Last Watchdog

SEPTEMBER 11, 2023

In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft. Related: Neutralizing insider threats This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management.

MDM 203

MDM Analytics Risk Access 203

Data Breach Today

SEPTEMBER 15, 2023

MGM Resorts Continuing to Be Extorted by the Same Alphv/BlackCat Ransomware Group Casino and hotel giant Caesars Entertainment is warning customers that their personal details were stolen in a recent hack attack. After successfully shaking down Caesars for a ransom, the same attackers are continuing to extort MGM Resorts, claiming to have crypto-locked its EXSi hypervisors.

Ransomware 308

Ransomware Data breaches IT 308

Security Affairs

SEPTEMBER 10, 2023

Akamai announced it has mitigated the largest distributed denial-of-service (DDoS) attack on a U.S. financial company. Cybersecurity firm Akamai successfully identified and prevented a massive distributed denial-of-service (DDoS) attack targeting an unnamed, leading American financial institution. The attack took place last week and the malicious traffic peaked at 633.7 gigabits per second.

Financial Services 350

Financial Services Ransomware Cybersecurity IT 350

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

SEPTEMBER 13, 2023

Senators are meeting with Silicon Valley's elite to learn how to deal with AI. But can Congress tackle the rapidly emerging tech before working on itself?

IT 201

IT Artificial Intelligence Privacy Security 201

AIIM

SEPTEMBER 12, 2023

Navy Petty Officer1st Class Rholanda Tucker, assigned to the "Blacklions" of Strike Fighter Squadron 213, conducts routine maintenance on a 20mm gun from an F/A-18F Super Hornet in the hangar bay of the aircraft carrier USS Gerald R. Ford in the Adriatic Sea, July 16, 2023. The Gerald R. Ford Carrier Strike Group is on a scheduled deployment in the U.S.

Information governance 160

Information governance Government 160

Data Breach Today

SEPTEMBER 12, 2023

Hackers Likely Exploited ProxyLogon to Gain Access, Says Eset Hackers aligned with the Iranian state are targeting vulnerable Microsoft Exchange Servers to deploy a new malware backdoor that has already victimized over two dozen Israeli organizations as part of an ongoing espionage campaign. Hackers' initial access point into systems likely was ProxyLogon.

Access 301

Access 301

Security Affairs

SEPTEMBER 11, 2023

CyberNews researchers discovered that many universities worldwide are leaking sensitive information and are even open to full takeover. Many universities worldwide, including some of the most prestigious, leave their webpages unpatched, leaking sensitive information, and even open to full takeovers, a Cybernews Research team investigation reveals. Among the 20 cases found, at least six websites belong to the top 100 universities list worldwide.

Cybersecurity 343

Cybersecurity Access Passwords Metadata 343

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

Dark Reading

SEPTEMBER 15, 2023

ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.

Ransomware 140

Ransomware 140

Schneier on Security

SEPTEMBER 13, 2023

Make sure you update your iPhones : Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061 , allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachment

Security 137

Security 137

Data Breach Today

SEPTEMBER 14, 2023

China Cites Apple Security Flaws in Warning to Foreign Mobile Device Manufacturers China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.

Government 299

Government Manufacturing Information Security Security 299

Security Affairs

SEPTEMBER 10, 2023

Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. One of the apps was downloaded more than ten million times before it was removed from Google Play.

File names 342

File names Personal data Encryption Security 342

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Dark Reading

SEPTEMBER 14, 2023

The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.

Ransomware 136

Ransomware 136

Schneier on Security

SEPTEMBER 11, 2023

The robot revolution began long ago, and so did the killing. One day in 1979, a robot at a Ford Motor Company casting plant malfunctioned—human workers determined that it was not going fast enough. And so twenty-five-year-old Robert Williams was asked to climb into a storage rack to help move things along. The one-ton robot continued to work silently, smashing into Williams’s head and instantly killing him.

Artificial Intelligence 138

Artificial Intelligence Risk Government IT 138

Data Breach Today

SEPTEMBER 13, 2023

EU Will Grant AI Startups Access to Supercomputers, Commission President Says The European Union will open up supercomputers to artificial intelligence startups in a bid to boost innovation inside the trading bloc, European Commission President Ursula von der Leyen said Wednesday. She said Europe has a "narrowing window of opportunity" to guide responsible innovation.

Artificial Intelligence 298

Artificial Intelligence Access 298