The Last Watchdog

JUNE 21, 2023

To be productive in an interconnected work environment, employees need immediate access to numerous platforms, both on- and off-premises. Related: Why SMBs need to do PAM well Keeping track of user activity and effecting proper on- and off-boarding are becoming more and more difficult, even as unauthorized access via unused, expired, or otherwise compromised access credentials has become the number one cybersecurity threat vector.

Access 172

Access Cybersecurity Compliance Security 172

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties.

e-Delivery 237

e-Delivery Passwords Cybersecurity Sales 237

WIRED Threat Level

JUNE 18, 2023

The AI era promises a flood of disinformation, deepfakes, and hallucinated “facts.” Psychologists are only beginning to grapple with the implications.

Privacy 102

Privacy Security 102

eSecurity Planet

JUNE 22, 2023

A VLAN (Virtual Local Area Network) is a logical grouping of devices that are all connected to the same network regardless of physical location. VLANs are an essential component of contemporary networking, allowing network traffic to be segmented and managed. VLANs enable logical partitioning inside a single switch, resulting in multiple virtual local area networks where physical switch segmentation is not a possibility.

Communications 109

Communications Security Access Risk 109

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

JUNE 19, 2023

HHS Says 'Obscure' Group Has Resurfaced, Hitting a Cancer Center Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S. cancer center. HHS says the group was discovered by security researchers in 2018.

Ransomware 299

Ransomware Security 299

OpenText Information Management

JUNE 21, 2023

“Artificial intelligence is as revolutionary as mobile phones and the Internet.” — Bill Gates Despite the hype that seems to accompany nearly every technology breakthrough, true revolutions are few and far between. In a March blog, Bill Gates said he’s witnessed two technology demonstrations in his life that have struck him as revolutionary.

Artificial Intelligence 124

Artificial Intelligence Cloud Security 124

Dark Reading

JUNE 20, 2023

A severe security vulnerability allows credentials for the power meters to continuously transmit in cleartext, allowing device takeover.

Security 138

Security 138

Data Breach Today

JUNE 21, 2023

APT Group Masqueraded as Indonesia's Foreign Ministries in Emails to G7 Officials Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.

Government 335

Government 335

The Last Watchdog

JUNE 22, 2023

Eden Prairie, Minn., June 22, 2023 — Malicious emails have reached a crescendo in 2023 according to the latest report from cybersecurity software and services provider Fortra. Email impersonation threats such as BEC currently make up nearly 99 percent of threats, and of those 99 percent of threats observed in corporate inboxes are response-based or credential theft attacks.

Phishing 100

Phishing Security awareness Cybersecurity Security 100

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Collibra

JUNE 23, 2023

Government agencies — from DC to Duluth, NYC to LA — are struggling. The ever-growing digitalization of our world has raised significant concerns about data privacy and security, particularly for agencies that manage and process sensitive and confidential information. And the pandemic only increased the cost and complexity of these challenges. There’s no going back.

Privacy 109

Privacy Government Data Privacy Data breaches 109

Dark Reading

JUNE 23, 2023

Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise.

118

118

Data Breach Today

JUNE 20, 2023

Security Alert Again Highlights Risk of Sharing Sensitive Information With Chatbots Compromised chatbot credentials are being bought and sold by criminals who frequent underground marketplaces for stolen data, warns cybersecurity firm Group-IB, as the use of ChatGPT and rival AI chatbot offerings and services newly baked into existing products continues to surge across the globe.

Cybersecurity 264

Cybersecurity Risk Security 264

The Last Watchdog

JUNE 22, 2023

Tel Aviv, Israel, June 23, 2023 — The industry’s first-ever directory of virtual Chief Information Security Officer service providers has gone live today at www.thevcisodirectory.com. This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance.

IT 100

IT Cybersecurity Compliance Marketing 100

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Schneier on Security

JUNE 21, 2023

Tadayoshi Kohno, Yasemin Acar, and Wulf Loh wrote excellent paper on ethical thinking within the computer security community: “ Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversation “: Abstract: The computer security research community regularly tackles ethical questions. The field of ethics / moral philosophy has for centuries considered what it means to be “morally good” or at least “morally allowed / acceptable.” Among phil

Security 108

Security Paper Education IT 108

Dark Reading

JUNE 22, 2023

Under construction: The world's leading ransomware gang is workshopping ransomware for less obvious systems beyond Windows environments. Experts weigh in on how worried we should be.

Ransomware 110

Ransomware 110

Data Breach Today

JUNE 23, 2023

Bart Kalsu, Tim Brown Could Face Monetary Penalties, Public Company Officer Ban The Securities and Exchange Commission accused SolarWinds CFO Bart Kalsu and CISO Tim Brown of violating securities laws in their response to the 2020 cyberattack. Kalsu and Brown are among "certain current and former executive officers and employees" targeted by the SEC for alleged violations.

Security 271

Security 271

The Last Watchdog

JUNE 21, 2023

Chicago, Ill., June 21, 2023 – NowSecure, the recognized experts in mobile security and privacy, announced today that it has completed its latest annual SOC 2 Type 2 security audit – the industry benchmark for independent auditing of security controls for software vendors. This certification covers the NowSecure Platform for automated mobile app security testing.

Privacy 100

Privacy Risk Government Compliance 100

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Matters

JUNE 23, 2023

On 14 June 2023, the European Parliament adopted – by a large majority – its compromise text for the EU’s Artificial Intelligence Act (“ AI Act ”), paving the way for the three key EU Institutions (the European Council, Commission and Parliament) to start the ‘ trilogue negotiations ’. This is the last substantive step in the legislative process and it is now expected that the AI Act will be adopted and become law on or around December 2023 / January 2024.

Artificial Intelligence 94

Artificial Intelligence Privacy IT Big data 94

Dark Reading

JUNE 20, 2023

It's still important to use other security measures, such as strong passwords and two-factor authentication, to protect your data.

Passwords 125

Passwords Authentication Security IT 125

Data Breach Today

JUNE 22, 2023

NCSC Says Lawyers Assaulted by Novice Hackers, Ransomware and Nation-State Groups British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country's top cybersecurity agency warned in a new advisory. Lawyer are under attack from cybercriminals, nation-state groups and ransomware gangs.

Risk 234

Risk Ransomware Cybersecurity 234

The Last Watchdog

JUNE 20, 2023

Santa Clara, Calif. — CybeReady, a global leader in security awareness training, today announced the release of its informative guide, “Five Workforce Security Strategies to Consider During Summer Holidays.” Produced by the company’s security experts, the guide is part of the CISO Toolkit, which is designed to help cybersecurity managers to communicate tips and best practices and help employees in maintaining a higher level of security – easily and effectively.

Security awareness 100

Security awareness Security Healthcare Risk 100

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

eSecurity Planet

JUNE 22, 2023

Dynamic Application Security Testing (DAST) combines elements of pentesting, vulnerability scanning and code security to evaluate the security of web applications. The cyber security team adopts the role of a simulated hacker and expertly scrutinizes the application’s defenses, thoroughly assessing its vulnerability to potential threats. By doing this, DAST helps determine how secure the web application is and pinpoint areas that need improvement.

Security 104

Security Risk Libraries IT 104

Dark Reading

JUNE 23, 2023

Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization's employees, but no patch is imminent.

Phishing 107

Phishing Communications 107

Data Breach Today

JUNE 23, 2023

Search Scams Luring Users to Malware-Infected Sites Are Often Tricky to Detect Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.

276

276

The Last Watchdog

JUNE 20, 2023

Tel Aviv, Israel, June 19, 2023– Radiflow , creators of the leading OT network cybersecurity platform CIARA, continue to see budgetary pressure as a main driver in prioritizing OT Cybersecurity projects. This has created opportunities for more partnerships across the OT Cybersecurity sector, resulting in greater flexibility and coverage in the analysis of OT networks.

Cybersecurity 100

Cybersecurity Risk Manufacturing Analytics 100

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Schneier on Security

JUNE 19, 2023

This is a clever new side-channel attack : The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader­or of an attached peripheral device­during cryptographic operations. This technique allowed the researchers to pull a 256-bit ECDSA key off the same government-approved smart card used in Minerva.

Government 102

Government IT 102

Dark Reading

JUNE 21, 2023

Gen Digital, the parent company of the security companies, is the latest victim in a rash of Cl0p attacks on the bug in the MOVEit transfer software, leading to employee data being revealed.

Ransomware 106

Ransomware Security 106

Data Breach Today

JUNE 22, 2023

French Regulator Fines Criteo for Website Cookie Tracking Tools The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.

GDPR 244

GDPR Personal data Privacy Compliance 244