Data Breach Today
SEPTEMBER 15, 2021
Windows Users Can Now Use Other Methods to Access Microsoft Products Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.
WIRED Threat Level
SEPTEMBER 14, 2021
iOS, Windows, and Chrome all have zero-day vulnerabilities that hackers are going after. Now that the fixes are here, you need to install them ASAP.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
SEPTEMBER 14, 2021
The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year.
Krebs on Security
SEPTEMBER 15, 2021
TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned. While many companies have been laying off or furloughing workers in response to the Coronavirus pandemic, TTEC has been massively hiring.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
SEPTEMBER 17, 2021
Many Files Crypto-Locked Before July 13 Unlockable via Free Bitdefender Decryptor Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Thales Cloud Protection & Licensing
SEPTEMBER 13, 2021
Authentication and access management increasingly perceived as core to Zero Trust Security. madhav. Tue, 09/14/2021 - 05:52. The changing global environment has brought many changes to all organizations. While many consider that remote access to corporate resources and data as the key disruption, security teams had to face many more challenges. The acceleration of cloud migration and the proliferation of containers, microservices and IoT devices have placed identity in the center of corporate se
Krebs on Security
SEPTEMBER 16, 2021
A jury in California today reached a guilty verdict in the trial of Matthew Gatrel , a St. Charles, Ill. man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. Gatrel’s conviction comes roughly two weeks after his co-conspirator pleaded guilty to criminal charges related to running the services.
Data Breach Today
SEPTEMBER 16, 2021
But Does the 'Policy Statement' Warning Overstep the Intention of the Rule? The FTC warns makers of personal health records, mobile health apps, fitness devices and a variety of similar products and services that they will face stiff civil monetary penalties for failure to comply with the commission's 12-year-old - but never-yet enforced - Health Breach Notification Rule.
Security Affairs
SEPTEMBER 12, 2021
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but changing the malware internals and its capabilities making it a fully undetectable (FUD) weapon.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
SEPTEMBER 15, 2021
Having a gold copy of critical data offline is essential in every organization's disaster recovery or continuity plan. Follow the 3-2-1-1 rule to secure your data.
Krebs on Security
SEPTEMBER 14, 2021
Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google ‘s got a new version of Chrome that tackles two zero-day flaws.
Data Breach Today
SEPTEMBER 15, 2021
Critics Say Travis CI's Security Bulletin is Insufficient Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials and more, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
Security Affairs
SEPTEMBER 14, 2021
A high severity vulnerability, tracked as CVE-2021-3437 , in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of pri
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
SEPTEMBER 11, 2021
Plus: A TrickBot hacker arrest, a Fortinet VPN password leak, and more of the week's top security news.
eSecurity Planet
SEPTEMBER 16, 2021
An investigation by McAfee researchers into a case of a suspected malware infection uncovered a cyber attack that had been sitting in the victim organization’s network for years stealing data. The investigators said the advanced threat actors used a mixture of known and unique malware tools in the attack – which they dubbed Operation Harvest – to compromise the victim’s IT environment, exfiltrate the data and evade detection.
Data Breach Today
SEPTEMBER 15, 2021
Proposed Class Action Suit Filed After Breach Affecting 1.4 Million A proposed class action lawsuit filed this week against St. Joseph's/Candler Health System in the wake of a recent ransomware breach affecting 1.4 million individuals alleges that the Georgia-based healthcare entity was "reckless" and "negligent" in safeguarding patients' information.
Security Affairs
SEPTEMBER 15, 2021
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment. The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
SEPTEMBER 17, 2021
The tech giants have set a troubling new precedent.
eSecurity Planet
SEPTEMBER 15, 2021
Tape vendors have been promoting themselves as a solution to the ransomware problem because of their ability to provide air-gapped data backup, but trying to recover terabytes of data from a tape drive can be a little like, well, running into red tape. These claims are lacking in engineering rigor and are seemingly just marketing pitches, but it’s hard to find a major tape vendor that hasn’t pushed this angle.
Data Breach Today
SEPTEMBER 13, 2021
Citizen Lab Says iMessage Exploit Delivered NSO's Pegasus Spyware Apple patched a software vulnerability on Monday that researchers say was used to deliver spyware via its iMessage platform to the mobile phones of activists. But a few changes to iMessage could make it safer overall for individuals at high risk of surveillance, says an Apple security expert.
Security Affairs
SEPTEMBER 12, 2021
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The dark web leak site of the ransomware gang, also known as the Happy Blog, is back online, while the site decoder[.]re is still offline at the time of this writing.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
WIRED Threat Level
SEPTEMBER 17, 2021
The hacktivist collective targeted the domain registrar Epik for providing services to clients including the Texas GOP, Parler, and 8chan.
Threatpost
SEPTEMBER 15, 2021
Two of IBM's aging flagship server models, retired in 2020, won’t be patched for a command-injection flaw.
Data Breach Today
SEPTEMBER 17, 2021
Researchers Say OMIGOD Vulnerability Can Give Attackers Root Privileges The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, which is part of a quarter of vulnerabilities dubbed OMIGOD, in Microsoft's Azure Linux Open Management Infrastructure framework, according to Kevin Beaumont, head of the security operations center for Arcadia Group.
Security Affairs
SEPTEMBER 17, 2021
Security researchers spotted a new malware that uses Windows Subsystem for Linux (WSL) to evade detection in attacks against Windows machines. Security researchers from Lumen’s Black Lotus Labs have discovered several malicious Linux binaries developed to target the Windows Subsystem for Linux (WSL). Windows Subsystem for Linux (WSL) is a compatibility layer for running Linux binary executables (in ELF format) natively on Windows 10, Windows 11, and Windows Server 2019.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
SEPTEMBER 12, 2021
The cybersecurity world’s favorite catchphrase isn’t any one product or system, but a holistic approach to minimizing damage.
Threatpost
SEPTEMBER 13, 2021
How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”.
Data Breach Today
SEPTEMBER 17, 2021
FBI, CISA, Coast Guard Release Joint Warning and Urge Customers to Patch CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.
Expert insights. Personalized for you.
345 
Let's personalize your content