Data Breach Today
JANUARY 23, 2023
As Funding From Ransoms Goes Down, Gangs Embrace Re-Extortion, Researchers Warn Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others. The bad guys can blame a move by law enforcement to better support victims, and more organizations having robust defenses in place, which makes them tougher to take down.
Krebs on Security
JANUARY 25, 2023
On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JANUARY 24, 2023
The company will block the configuration files, which interact with Web applications — since threat actors increasingly use the capability to install malicious code.
Data Breach Today
JANUARY 25, 2023
TA444 Is Adaptable and Hard-Working, Say Proofpoint Researchers A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 in December unleashed a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Krebs on Security
JANUARY 24, 2023
Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
JANUARY 27, 2023
OpenAI's chatbot has the promise to revolutionize how security practitioners work.
Data Breach Today
JANUARY 25, 2023
1,802 Breach Notifications Issued in 2022; Over 440 Million Individuals Affected Data breaches in 2022 hit near-record levels as U.S. organizations issued 1,802 data breach notifications and more than 400 million individuals were affected. But only 34% of breach notifications included actionable information for consumers whose information was exposed.
KnowBe4
JANUARY 24, 2023
KnowBe4's latest reports on top-clicked phishing email subjects have been released for 2022 and Q4 2022. We analyze 'in the wild' attacks reported via our Phish Alert Button , top subjects globally clicked on in phishing tests , top attack vector types, and holiday email phishing subjects.
Schneier on Security
JANUARY 27, 2023
Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book , which he partially recounts his 2012 book, Ghost in the Wires. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to figure out if there’s any way out of it.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
JANUARY 27, 2023
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.
Data Breach Today
JANUARY 26, 2023
Agents Infiltrated Hive in July 2022: 'We Hacked the Hackers,' Says DOJ Official The FBI penetrated the network of the Hive ransomware group, which has a history of attacking hospitals. A multinational operation seized the ransomware-as-a-service group's leak site and two servers located in Los Angeles. U.S. law enforcement said an investigation is ongoing.
KnowBe4
JANUARY 21, 2023
Cybersecurity Ventures released a new report that showed cybercrime is going to cost the world $8 trillion USD in 2023.
Schneier on Security
JANUARY 27, 2023
This is a good list of modern phishing techniques.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Dark Reading
JANUARY 23, 2023
Use threat intelligence to reduce chance of success for malicious insider and Dark Web threats.
Data Breach Today
JANUARY 24, 2023
Lazarus Group, APT38 Stole $100M From the Blockchain Bridge in June North Korea's Lazarus Group was behind the $100 million theft from the Horizon blockchain bridge, the U.S. federal government confirmed. The FBI vowed "to expose and combat North Korea's use of illicit activities - including cybercrime and virtual currency theft - to generate revenue.
eSecurity Planet
JANUARY 26, 2023
Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware. “For deployment, they use Add-MpPreference to configure exclusions in Windows Defender (extensions, paths and processes), NSudo to launch binaries wit
Schneier on Security
JANUARY 23, 2023
I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. Back when I thought about it a lot, I realized that the TSA’s practice of giving it to every airline meant that it was not well protected, and it certainly ended up in the hands of every major government that wanted it.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Dark Reading
JANUARY 27, 2023
An academic analysis of website defacement behavior by 241 new hackers shows there are four clear trajectories they can take in future, researchers say.
Data Breach Today
JANUARY 25, 2023
TA444 Is Adaptable and Hard Working Say Proofpoint Researchers A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 unleashed in December a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind.
KnowBe4
JANUARY 25, 2023
For the second time in less than a year, Mailchimp has found itself in a precarious situation, having to admit that it has been breached. It appears that a social engineering attack tricked Mailchimp employees and contractors into giving up their login credentials, which were then used to access 133 Mailchimp accounts.
John Battelle's Searchblog
JANUARY 23, 2023
Photo by Florian Klauer on Unsplash How long have I been staring at a blank screen, this accusing white box, struggling to compose the first sentence of a post I know will be difficult to write? About two minutes, actually, but that’s at least ten times longer than ChatGPT takes to compose a full page. And it’s those two minutes – and the several days I struggled with this post afterwards – that convince me that ChatGPT will not destroy writing.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
JANUARY 24, 2023
Microsoft’s Visual Studio Code integrated development environment (IDE) is used by as much as 75% of developers, so any security issue has widespread implications. And Aqua Nautilus researchers have discovered a big one. The researchers reported earlier this month that the VSCode editor could be vulnerable to attacks targeting its extensions. The free open source and cross-platform IDE is very easy to use, and there are literally thousands of free extensions developers can install in one c
Data Breach Today
JANUARY 26, 2023
Includes Ransomware Attack on Social Services Provider, Email Hack on Behavioral Health Entity Two hacking breaches - one at a non-profit provider of foster care, mental health and substance treatment services, and the other at a provider of behavioral health services - have affected sensitive information of nearly 400,000 individuals.
Dark Reading
JANUARY 26, 2023
The rapid maturation and rebranding of ransomware groups calls for relentless preparation and flexibility in response, according to one view from the trenches.
The Last Watchdog
JANUARY 24, 2023
In an ideal world, cybersecurity analysts would get legitimate daily reports on improving a company’s security. Unfortunately, the likelihood of being handed unsolicited, untrustworthy advice is high. Related: Tech giants foster third-party snooping This is what fake bug reports are all about. Scammers now routinely spray out fake bug reports designed to take advantage of the naiveite and/or lack of vigilance of security analysts in the field.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
KnowBe4
JANUARY 25, 2023
Researchers at Safeguard Cyber describe a phishing campaign that’s posing as a Japanese rail ticket reservation company.
Data Breach Today
JANUARY 24, 2023
Growing Empire: Microsoft's Security Revenue Up 33% Since 2021, 100% Since 2020 The world's largest cybersecurity vendor continues to pull away from the competition, with Microsoft's security sales surpassing $20 billion in 2022 after 33% annual growth. The cloud computing and software giant continues to reap the rewards of security tool consolidation.
Dark Reading
JANUARY 26, 2023
After Berlin pledged tanks for Ukraine, some German websites were knocked offline temporarily by Killnet DDoS attacks.
Expert insights. Personalized for you.
329 
Let's personalize your content