The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Related: SMBs too often pay ransom Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks

Cybersecurity 222

Cybersecurity Data breaches Compliance Phishing 222

KnowBe4

SEPTEMBER 28, 2023

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

Phishing 117

Phishing Security awareness Cybersecurity Security 117

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord.

Ransomware 284

Ransomware Phishing Access Passwords 284

Data Breach Today

SEPTEMBER 25, 2023

2,050 Organizations Affected After Data Stolen From Secure File-Sharing Software The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week. National Student Clearinghouse warned that data tied to nearly 900 colleges and universities had been stolen from its MOVEit server.

Data breaches 316

Data breaches Ransomware Security IT 316

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

SEPTEMBER 27, 2023

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business. Related: Why ‘observability’ is rising to the fo re Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

Cybersecurity 230

Cybersecurity Analytics Marketing Security 230

Schneier on Security

SEPTEMBER 26, 2023

Totally expected, but still good to hear : Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “backdoors” into its end-to-end encryption. “We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betrayin

Encryption 130

Encryption Privacy IT 130

Data Breach Today

SEPTEMBER 26, 2023

Two Online Threat Actors Claim Responsibility Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors. Sony is saying little other than "we are currently investigating the situation, and we have no further comment at this time.

Data breaches 306

Data breaches 306

The Last Watchdog

SEPTEMBER 27, 2023

London, UK and Austin, Tex., Sept. 27, 2023 — Organisations around the world are rushing to build API (application programming interface) marketplaces to foster greater connectivity between them and their partners and users. Global spend on API marketplaces is set to reach $50b by 2030 and helping organizations make them a success, DigitalAPICraft is today announcing their partnership with Google and the appointment of HSBC exec Marco Tedone as CTO as they scale the business.

Cloud 130

Cloud Government Communications Risk 130

Security Affairs

SEPTEMBER 29, 2023

Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software. A critical zero-day vulnerability, tracked as CVE-2023-42115 (CVSS score 9.8), affects all versions of Exim mail transfer agent (MTA) software. A remote, unauthenticated attacker, can exploit the vulnerability to gain remote code execution (RCE) on Internet-exposed servers.

Authentication 142

Authentication Risk Security IT 142

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Matters

SEPTEMBER 28, 2023

Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.

Cybersecurity 163

Cybersecurity Compliance Risk Privacy 163

Data Breach Today

SEPTEMBER 29, 2023

'There's a 10-out-10 severity bug you need to patch right now!' Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero day in the company's MOVEit file transfer software in a hack affecting tens of millions.

Security 290

Security IT 290

WIRED Threat Level

SEPTEMBER 27, 2023

SoundThinking is purchasing parts of Geolitica, the company that created PredPol. Experts say the acquisition marks a new era of companies dictating how police operate.

Security 132

Security 132

Security Affairs

SEPTEMBER 24, 2023

Researchers discovered a previously undocumented sophisticated backdoor, named Deadglyph, used by the Stealth Falcon group for espionage in the Middle East ESET researchers discovered a very sophisticated and unknown backdoor, named Deadglyph, employed by the Stealth Falcon group for espionage in the Middle East. Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns.

Libraries 141

Libraries Encryption Security IT 141

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Matters

SEPTEMBER 26, 2023

The European Commission issued the Financial Data Access Act (FIDA) proposal in June this year. FIDA will create a legislative framework that aims to "bring payments and the wider financial sector into the digital age" by facilitating the sharing of and access to customer financial data (whether of businesses or consumers). The post New EU FIDA Proposal: How Does This Affect GDPR?

GDPR 156

GDPR Privacy Access 156

Data Breach Today

SEPTEMBER 25, 2023

Backdoor Is Associated With Stealth Falcon APT Group Security researchers discovered a novel backdoor targeting a governmental agency in the Middle East for espionage purposes. Deadglyph is unique because it's made up of different parts written in different programming languages: native x64 binary and a.NET assembly.

Government 289

Government Security IT 289

The Last Watchdog

SEPTEMBER 27, 2023

New York, NY, Sept. 27, 2023 – ACM, the Association for Computing Machinery has released “ TechBrief: Generative Artificial Intelligence.” It is the latest in the quarterly ACM TechBriefs series of short technical bulletins that present scientifically grounded perspectives on the impact and policy implications of specific technological developments in computing.

Risk 100

Risk Education Artificial Intelligence Government 100

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site. Clarion Japan is the Japanese subsidiary of Clarion Co., Ltd., a global manufacturer of audio and video equipment for cars and other vehicles.

Manufacturing 139

Manufacturing Ransomware Data breaches Risk 139

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

SEPTEMBER 25, 2023

Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.

Artificial Intelligence 132

Artificial Intelligence Privacy Security 132

Data Breach Today

SEPTEMBER 29, 2023

AWS & CrowdStrike Cybersecurity Startup Accelerator Will Incubate Early-Stage Firms CrowdStrike has joined forces with Amazon Web Services to familiarize themselves with more Israeli cyber startups earlier in their development lifecycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.

Cybersecurity 288

Cybersecurity 288

The Last Watchdog

SEPTEMBER 27, 2023

Los Angeles, Calif., Sept. 27, 2023 — Citing organized crime statutes, attorneys with Wisner Baum have filed the first RICO class action alleging that H&R Block, Meta, and Google jointly schemed to install spyware on the H&R Block site, scraping customers’ private tax return information for profit. The suit comes on the heels of a July 2023 congressional report which found “a shocking breach of taxpayer privacy” when tax preparation companies shared millions of customers’ personal a

Healthcare 100

Healthcare Privacy Data Privacy Marketing 100

Security Affairs

SEPTEMBER 27, 2023

A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top-tier mobile exploits. The company is willing to pay up to $20,000,000 for zero-day exploits for iPhone and Android devices. Due to high demand on the market, we're increasing payouts for top-tier mobile exploits.

Marketing 139

Marketing Sales Government Security 139

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Dark Reading

SEPTEMBER 26, 2023

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware.

Security 129

Security 129

Data Breach Today

SEPTEMBER 29, 2023

Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new refuse to accept policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.

Cybersecurity 287

Cybersecurity 287

The Last Watchdog

SEPTEMBER 26, 2023

Washington, DC, Sept.26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. The goal is to help avoid oversights, misunderstandings, or vague legislation that could invite abuses of power and short-sighted legislation of helpful technology.

Privacy 100

Privacy Risk Encryption Access 100

Security Affairs

SEPTEMBER 23, 2023

The Government of Bermuda believes that the recent cyberattack against its IT infrastructure was launched by Russian threat actors. This week a cyber attack hit the Government of Bermuda causing the interruption of internet/email and phone services. The attack impacted all the government departments. “The Department of Information and Digital Technology (IDT) is working quickly to restore service.” reads the message published on the official account of the government on X.

Government 139

Government IT Security Information Security 139

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Schneier on Security

SEPTEMBER 27, 2023

Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library: On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from the same bug, specifically in libwebp, the code library that apps, operating systems, and other code libraries incorporate to process WebP ima

Libraries 117

Libraries Security IT 117

Data Breach Today

SEPTEMBER 28, 2023

From Paying Ransoms to Rebuilding IT Systems, Here's What the Response Looked Like A medical center president and school district IT leader talked to lawmakers Wednesday about lessons learned from their experiences responding to harrowing ransomware attacks. 'The cyberattack was much harder than the pandemic by far,' said Vermont Medical Center President Stephen Leffler.

Ransomware 285

Ransomware IT 285

Dark Reading

SEPTEMBER 27, 2023

Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.

131

131