The Last Watchdog

JUNE 21, 2023

To be productive in an interconnected work environment, employees need immediate access to numerous platforms, both on- and off-premises. Related: Why SMBs need to do PAM well Keeping track of user activity and effecting proper on- and off-boarding are becoming more and more difficult, even as unauthorized access via unused, expired, or otherwise compromised access credentials has become the number one cybersecurity threat vector.

Access 172

Access Cybersecurity Compliance Security 172

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties.

e-Delivery 251

e-Delivery Passwords Cybersecurity Sales 251

WIRED Threat Level

JUNE 18, 2023

The AI era promises a flood of disinformation, deepfakes, and hallucinated “facts.” Psychologists are only beginning to grapple with the implications.

Privacy 112

Privacy Security 112

eSecurity Planet

JUNE 22, 2023

A VLAN (Virtual Local Area Network) is a logical grouping of devices that are all connected to the same network regardless of physical location. VLANs are an essential component of contemporary networking, allowing network traffic to be segmented and managed. VLANs enable logical partitioning inside a single switch, resulting in multiple virtual local area networks where physical switch segmentation is not a possibility.

Communications 109

Communications Security Access Risk 109

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

JUNE 19, 2023

HHS Says 'Obscure' Group Has Resurfaced, Hitting a Cancer Center Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S. cancer center. HHS says the group was discovered by security researchers in 2018.

Ransomware 312

Ransomware Security 312

OpenText Information Management

JUNE 21, 2023

“Artificial intelligence is as revolutionary as mobile phones and the Internet.” — Bill Gates Despite the hype that seems to accompany nearly every technology breakthrough, true revolutions are few and far between. In a March blog, Bill Gates said he’s witnessed two technology demonstrations in his life that have struck him as revolutionary.

Artificial Intelligence 124

Artificial Intelligence Cloud Security 124

Schneier on Security

JUNE 21, 2023

Tadayoshi Kohno, Yasemin Acar, and Wulf Loh wrote excellent paper on ethical thinking within the computer security community: “ Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversation “: Abstract: The computer security research community regularly tackles ethical questions. The field of ethics / moral philosophy has for centuries considered what it means to be “morally good” or at least “morally allowed / acceptable.” Among phil

Security 117

Security Paper Education IT 117

Data Breach Today

JUNE 21, 2023

APT Group Masqueraded as Indonesia's Foreign Ministries in Emails to G7 Officials Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.

Government 338

Government 338

Dark Reading

JUNE 20, 2023

It's still important to use other security measures, such as strong passwords and two-factor authentication, to protect your data.

Passwords 125

Passwords Authentication Security IT 125

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

JUNE 23, 2023

Mountain View, Calif. June 22, 2023 — Dasera , the premier automated data security and governance platform for top-tier finance, healthcare, and technology enterprises, is thrilled to unveil “Ski Lift,” a complimentary platform exclusively designed for Snowflake users. With “Ski Lift,” Snowflake customers can gain a panoramic view of their Snowflake environment while scaling their data security and governance controls.

Government 113

Government Security Compliance Risk 113

KnowBe4

JUNE 21, 2023

The US Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams in 2022. Phony bank fraud prevention.

Phishing 111

Phishing 111

Data Breach Today

JUNE 23, 2023

Bart Kalsu, Tim Brown Could Face Monetary Penalties, Public Company Officer Ban The Securities and Exchange Commission accused SolarWinds CFO Bart Kalsu and CISO Tim Brown of violating securities laws in their response to the 2020 cyberattack. Kalsu and Brown are among "certain current and former executive officers and employees" targeted by the SEC for alleged violations.

Security 300

Security 300

Dark Reading

JUNE 23, 2023

Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise.

118

118

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

JUNE 21, 2023

Vehicles from Toyota, Honda, Ford, and more can collect huge volumes of data. Here’s what the companies can access.

Access 110

Access Privacy Security 110

KnowBe4

JUNE 20, 2023

Legitimate services can be exploited in social engineering , including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using Soda PDF to send messages encouraging the recipients to call a phone number. Should they make the call, the bad actor on the line seeks to winkle them out of their cash.

110

110

Data Breach Today

JUNE 23, 2023

Search Scams Luring Users to Malware-Infected Sites Are Often Tricky to Detect Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.

284

284

Dark Reading

JUNE 22, 2023

Under construction: The world's leading ransomware gang is workshopping ransomware for less obvious systems beyond Windows environments. Experts weigh in on how worried we should be.

Ransomware 110

Ransomware 110

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Collibra

JUNE 23, 2023

Government agencies — from DC to Duluth, NYC to LA — are struggling. The ever-growing digitalization of our world has raised significant concerns about data privacy and security, particularly for agencies that manage and process sensitive and confidential information. And the pandemic only increased the cost and complexity of these challenges. There’s no going back.

Privacy 109

Privacy Government Data Privacy Data breaches 109

Schneier on Security

JUNE 19, 2023

This is a clever new side-channel attack : The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader­or of an attached peripheral device­during cryptographic operations. This technique allowed the researchers to pull a 256-bit ECDSA key off the same government-approved smart card used in Minerva.

Government 108

Government IT 108

Data Breach Today

JUNE 20, 2023

Security Alert Again Highlights Risk of Sharing Sensitive Information With Chatbots Compromised chatbot credentials are being bought and sold by criminals who frequent underground marketplaces for stolen data, warns cybersecurity firm Group-IB, as the use of ChatGPT and rival AI chatbot offerings and services newly baked into existing products continues to surge across the globe.

Cybersecurity 264

Cybersecurity Risk Security 264

Dark Reading

JUNE 20, 2023

Infostealers are as alive as ever, wantonly sweeping up whatever business data might be of use to cybercriminals, including OpenAI credentials.

110

110

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

KnowBe4

JUNE 23, 2023

Using credibility-building imagery and creating a need for the user to click what may or may not be perceived as an image is apparently all it takes to engage potential phishing victims.

Phishing 108

Phishing IT 108

Security Affairs

JUNE 22, 2023

Researchers reported that millions of GitHub repositories are likely vulnerable to an attack called RepoJacking. A study conducted by Aqua researchers revealed that millions of GitHub repositories are potentially vulnerable to RepoJacking. In the RepoJacking attack, attackers claim the old username of a repository after the legitimate creator changed the username, then publish a rogue repository with the same name to trick users into downloading its content.

IT 101

IT Risk Security Access 101

Data Breach Today

JUNE 19, 2023

Paid IT Infrastructure Undermines Hacktivism Claim of Pro-Russia Group Pro-Russian and self-declared "hacktivist" group Anonymous Sudan appears to use expensive online infrastructure to perpetuate distributed denial of attacks, undermining its claim to be volunteers operating from an impoverished East African country.

IT 260

IT 260

Dark Reading

JUNE 21, 2023

The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states.

Security 109

Security IT 109

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

KnowBe4

JUNE 22, 2023

A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, telecommunications, and technology industries, according to researchers at Palo Alto Networks’ Unit 42.

Phishing 105

Phishing Access 105

The Last Watchdog

JUNE 22, 2023

Eden Prairie, Minn., June 22, 2023 — Malicious emails have reached a crescendo in 2023 according to the latest report from cybersecurity software and services provider Fortra. Email impersonation threats such as BEC currently make up nearly 99 percent of threats, and of those 99 percent of threats observed in corporate inboxes are response-based or credential theft attacks.

Phishing 100

Phishing Security awareness Cybersecurity Security 100

Data Breach Today

JUNE 23, 2023

Citing 'Significant Confusion,' Agency Says Patching Microsoft Windows Not Enough The National Security Agency has released mitigation advice for locking down Windows and Linux environments against powerful BlackLotus malware, warning organizations against having "a false sense of security" since patching alone will not stop the bootkit.

Security 259

Security 259