Data Breach Today
AUGUST 3, 2023
Russia Likely Continues to Run Fake Groups, Although Regional Players Also at Work How much of a risk do hacktivists pose? Hacktivism's heyday was arguably a decade ago. While activists do keep using chaotic online attacks to loudly promote their cause, they're tough to distinguish from fake operations run by governments, including Russia and Iran.
Krebs on Security
AUGUST 4, 2023
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn , or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
AUGUST 2, 2023
The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public for a second time. Original post @ [link] Burger King is a renowned US-based international fast food giant with a global presence of over 19 thousand restaurants and revenue of $1.8 billion. Recently, the Cybernews research team uncovered that Burger King in France exposed sensitive credentials to the public due to a misconfiguration on their website.
WIRED Threat Level
AUGUST 1, 2023
Researchers found a simple way to make ChatGPT, Bard, and other chatbots misbehave, proving that AI is hard to tame.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Data Breach Today
AUGUST 3, 2023
'BlueCharlie' Favors a New Domain Registrar and URL Structure A Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Its ability to adapt to public reporting suggests it will persist with "operations for the foreseeable future" and continue to evolve its tactics, Recorded Future warned.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
AUGUST 4, 2023
A cyberattack has disrupted the computer systems of multiple hospitals in several states, with a severe impact on their operations. Some emergency rooms in multiple hospitals in several states were forced to close and ambulances were diverted due to a cyberattack against their networks. The cyberattack hit hospitals operated by Prospect Medical Holdings, which are located in multiple states, including California, Texas, Connecticut, Rhode Island, and Pennsylvania.
WIRED Threat Level
AUGUST 1, 2023
Generative AI won't just flood the internet with more lies—it may also create convincing disinformation that's targeted at groups or even individuals.
Data Breach Today
AUGUST 2, 2023
Mobile Device Management Are 'Attractive Targets,' Warns Joint Advisory With Norway A hacking campaign that exploited Ivanti mobile device manager to target the Norwegian government began in April and possible earlier, say cybersecurity agencies from the U.S. and Norway. Mobile device management systems are "attractive targets for threat actors," the alert warns.
The Last Watchdog
AUGUST 4, 2023
The rise of the remote workforce, post Covid-19, did nothing to make the already difficult task of doing Identity and Access Management ( IAM ) any easier for CISOs. With Black Hat USA 2023 ramping up in Las Vegas next week, cybersecurity startup Trustle is championing a new product category—Identity Threat Detection & Response ( ITDR )—which aims to enhance the capabilities of legacy IAM solutions.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Security Affairs
AUGUST 4, 2023
Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented to detect malicious code uploaded to the Google Play Store. The technique is not new but continues to be effective, multiple malware such as the banking Trojan SharkBot used it to bypass checks implemented by Go
WIRED Threat Level
AUGUST 3, 2023
Flaws in the Points.com platform, which is used to manage dozens of major travel rewards programs, exposed user data—and could have let an attacker snag some extra perks.
Data Breach Today
AUGUST 3, 2023
'Crypto Couple' Ilya Lichenstein and Heather Morgan Plead Guilty Ilya "Dutch" Lichtenstein, 35, confessed in U.S. federal court to hacking billions of dollars from virtual currency exchange Bitfinex and laundering stolen funds with his 33-year-old wife, Heather Morgan. Lichtenstein pleaded guilty to conspiracy to commit money laundering.
The Last Watchdog
AUGUST 1, 2023
Cambridge, Mass. – Aug. 1, 2023 – Devo Technology , the cloud-native security analytics company, today announced its financial support for Cybermindz, a not-for-profit organization dedicated to improving the mental health and well-being of cybersecurity professionals. Founded in Australia just over one year ago, Cybermindz entered the U.S. in April to expand its global reach.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
AUGUST 4, 2023
A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. The hackers stole 120,000 Bitcoin and the theft had serious repercussions on the Bitcoin value that significantly dropped after the discovery of the breach, a 20 percent decrease following the hack.
WIRED Threat Level
AUGUST 4, 2023
The US Congress is trying to tame the rapid rise of artificial intelligence. But senators’ failure to tackle privacy reform is making the task a nightmare.
Data Breach Today
AUGUST 3, 2023
Russian Foreign Intelligence Campaign Targets Around 40 Organizations Globally A Russian espionage group attacked multiple organizations to steal credentials using Microsoft Teams chats that appear to originate from technical support. Microsoft on Wednesday attributed the campaign to a threat actor originating in the Russian Foreign Intelligence Service.
The Last Watchdog
AUGUST 1, 2023
Tel Aviv, Israel, Aug. 1, 2023 – Guardz , the cybersecurity company securing and insuring SMEs, today disclosed the existence of a Hidden Virtual Network Computing (hVNC) malware targeting macOS devices. The malware, which is available on the major Russian dark web forum Exploit, allows cybercriminals to gain and maintain persistent unauthorized access to a victim’s Mac computer without being detected, and demonstrates the concerning emergence of a growing number of macOS-focused Attack
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
AUGUST 4, 2023
Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data. On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were developed to exfiltrate sensitive developer source code and other confidential information.
WIRED Threat Level
JULY 31, 2023
Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.
Data Breach Today
JULY 31, 2023
RUSI Study Finds 'No Smoking Gun' Suggesting Insureds Pay Extortion More Readily Fears that cyber insurance coverage drives companies into paying ransomware demands more easily than not appear unfounded, concludes a British think tank study that also suggests insurers should do more to enact corporate discipline. Cyber insurance has been dogged by accusations of moral hazard.
The Last Watchdog
AUGUST 2, 2023
San Francisco, Calif., Aug. 2, 2023 – Normalyze , a pioneer in cloud data security, today introduced new capabilities to protect data across hybrid cloud deployments and on-premises environments. With an extensive platform that already offers comprehensive data security posture management for data at rest and in motion across all IaaS, PaaS, SaaS data assets, Normalyze now provides IT and security teams with unprecedented visibility into data housedon-premises.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Security Affairs
AUGUST 3, 2023
The OWASP Top 10 for LLM (Large Language Model) Applications version 1.0 is out, it focuses on the potential security risks when using LLMs. OWASP released the OWASP Top 10 for LLM (Large Language Model) Applications project , which provides a list of the top 10 most critical vulnerabilities impacting LLM applications. The project aims to educate developers, designers, architects, managers, and organizations about the security issues when deploying Large Language Models (LLMs).
WIRED Threat Level
JULY 29, 2023
Plus: Russia tightens social media censorship, new cyberattack reporting rules for US companies, and Google Street View returns to Germany.
Data Breach Today
AUGUST 4, 2023
'IT Complications' at Prospect Medical Holdings Shut Down Ambulances, Appointments A ransomware attack has forced a California-based hospital chain to divert ambulances from its emergency rooms and cancel appointments for services. The group of 17 hospitals, 166 outpatient clinics and various doctor practices is still recovering after an IT systems shutdown.
The Last Watchdog
AUGUST 1, 2023
San Jose, Calif. – Aug.1, 2023 – Nile the leader in next-generation enterprise networks, today announced a $175 million Series C investment round co-led by March Capital and Sanabil Investments, with strategic participation from solutions by stc, Prosperity7, and Liberty Global Ventures, and contribution from 8VC, Geodesic Capital, FirstU Capital, and Valor Equity Partners.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
AUGUST 3, 2023
Experts warn that decommissioned medical infusion pumps sold via the secondary market could expose Wi-Fi configuration settings. The sale of decommissioned medical infusion pumps through the secondary market may lead to the potential exposure of Wi-Fi configuration settings. The researchers discovered that most of the medical infusion pumps that were purchased from secondary market services such as eBay were found to still contain wireless authentication data from the original medical organizati
KnowBe4
AUGUST 4, 2023
There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about travel-themed phishing attacks , and Forbes just posted a great reminder about the dangers of sharing your boarding pass on social media. Read below for their advice.
Data Breach Today
JULY 31, 2023
Exploitation No Longer Requires Admin Authentication When Chained With Earlier Flaw Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti's endpoint management software appeared to have another zero-day flaw that tied to the overall attack exploit chain, Ivanti confirmed on Friday.
Expert insights. Personalized for you.
246 
Let's personalize your content