Sat.Feb 04, 2023 - Fri.Feb 10, 2023

article thumbnail

3 security gadgets I never leave home without via ZDNet

IG Guru

These gadgets give you a huge advantage over the hackers.

article thumbnail

Want to Delete Your Twitter DMs? Good Luck With That

WIRED Threat Level

People in Europe are making GDPR requests to have their private messages erased, but Elon’s team is ignoring them.

GDPR 98
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Reddit discloses security breach that exposed source code and internal docs

Security Affairs

Social news aggregation platform Reddit suffered a security breach, attackers gained unauthorized access to internal documents, code, and some business systems. Reddit announced it was hit by a sophisticated and highly-targeted attack that took place on February 5, 2023. A highly-targeted phishing attack hit the employees of the company. The company pointed out that Reddit user passwords and accounts were not compromised.

article thumbnail

How Artificial Intelligence Can Make or Break Cybersecurity

KnowBe4

With the introduction of OpenAI's Chat GPT, artificial intelligence is no longer considered part of science fiction. It has presented a new problem for cybersecurity professionals, as AI-generated malware and hacks can be challenging to detect. AI is undoubtedly having an impact on society, whether it is benefiting or threatening our organizations.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

'Money Lover' Finance App Exposes User Data

Dark Reading

A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.

Access 132

More Trending

article thumbnail

Finland’s Most-Wanted Hacker Nabbed in France

Krebs on Security

Julius “Zeekill” Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest.

ROT 259
article thumbnail

GUEST ESSAY: Advanced tools are ready to help SMBs defend Microsoft 365, Google Workspace

The Last Watchdog

Throughout 2022, we saw hackers become far more sophisticated with their email-based cyber attacks. Using legitimate services and compromised corporate email addresses became a norm and is likely to continue in 2023 and beyond. Related: Deploying human sensors Additionally, with tools like ChatGPT, almost anyone can create new malware and become a threat actor.

article thumbnail

Same Recipe, Different Clientele Cooking Up Effective Programs for Records, Data, and Information Governance

Weissman's World

It’s no secret that infogov and records management can be difficult and frustrating – increasingly so as traditional areas like policy development, process improvement, compliance, retention, and destruction have begun banging into once-separate and quickly growing disciplines like privacy and security. What seems to be lesser-known, though, is that there’s a remarkably universal strategic recipe… Read More » Same Recipe, Different Clientele Cooking Up Effective Programs for Records,

article thumbnail

UScellular Customer Data On Hacker Forum

Data Breach Today

Data Leaked from a Thrid-Party Vendor U.S. wireless telecom USCellular says a data breach at a third party vendor resulted in a leak of 52,000 named and email addresses. The company confirmed that data from the leak is available for download on a criminal data breach forum.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

Krebs on Security

KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can’t predict what the producers will do with the video interviews we shot, it’s fair to say the series will explore compelling new clues as to who may have been responsible for the attack.

IT 251
article thumbnail

FIRESIDE CHAT: New automated tools, practices ascend to help companies wrangle PKI

The Last Watchdog

Arguably one of the biggest leaps forward an enterprise can make in operational reliability, as well as security, is to shore up its implementations of the Public Key Infrastructure. Related: Why the ‘Matter’ standard matters Companies have long relied on PKI to deploy and manage the digital certificates and cryptographic keys that authenticate and protect just about every sensitive digital connection you can name.

article thumbnail

Pwned Passwords Adds NTLM Support to the Firehose

Troy Hunt

I think I've pretty much captured it all in the title of this post but as of about a day ago, Pwned Passwords now has full parity between the SHA-1 hashes that have been there since day 1 and NTLM hashes. We always had both as a downloadable corpus but as of just over a year ago with the introduction of the FBI data feed , we stopped maintaining downloadable behemoths of data.

Passwords 123
article thumbnail

Notorious Finnish Hacker 'Zeekill' Busted by French Police

Data Breach Today

Aleksanteri Kivimaki Charged With Mental Health Patient Data Breach and Extortion French police arrested hacker Aleksanteri Kivimäki, 25, who's suspected of hacking and extorting a Finnish mental health service provider, leaking patient data and extorting 25,000 patients. The suspect was formerly convicted of disrupting thousands of websites when he was a teenager.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities.

article thumbnail

GUEST ESSAY: The common thread between China’s spy balloons and Congress banning Tik Tok

The Last Watchdog

The decision by the House of Representatives to ban TikTok from federal devices is noteworthy, especially as the Chinese spy balloon crisis unfolds. Related: The Golden Age of cyber espionage On December 23, 2022, Congress, in a bipartisan spending bill, banned TikTok from all government devices. The White House, the Pentagon, the Department of Homeland Security, and the State Department have already banned the social media app, as have more than a dozen other states.

Access 189
article thumbnail

Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats

eSecurity Planet

ChatGPT has raised alarm among cybersecurity researchers for its unnerving ability in composing everything from sophisticated malware to phishing lures – but it’s important to keep in mind that the tool can help support cybersecurity defenses as well. Shiran Grinberg, director of research and cyber operations at Cynet, told eSecurity Planet that too many companies are deterred by ChatGPT, rather than encouraging employees to leverage its functionality. “After all, I doubt you’l

article thumbnail

E-Commerce Shops: 12% Are Publicly Exposing Private Backups

Data Breach Today

Hackers Actively Scanning for Backups to Steal Access Credentials, Researchers Warn Researchers at Sansec warn that 12% of e-commerce sites they studied publicly expose private backups and that hackers are actively scanning for them. Such backups can give attackers customer data, passwords and other details required to gain remote, administrator-level access to an environment.

Passwords 244
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

DPRK Using Unpatched Zimbra Devices to Spy on Researchers

Dark Reading

Lazarus Group used a known Zimbra bug to steal data from medical and energy researchers.

115
115
article thumbnail

Malware Delivered through Google Search

Schneier on Security

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros.

Phishing 112
article thumbnail

Biden’s SOTU: Data Privacy Is Now a Must-Hit US State of the Union Topic

WIRED Threat Level

Biden’s speech proves that protecting personal info is no longer a fringe issue. Now, Congress just needs to do something about it.

article thumbnail

Modified ESXiArgs Ransomware Blocks VMware Host Recovery

Data Breach Today

Updates by Attacker Block Decryption Workaround and Tracking, Researchers Warn Attackers targeting unpatched VMware ESXi hypervisors to hit virtual machines have reportedly modified their ESXiArgs ransomware to prevent victims from using decryption workarounds identified by researchers. The campaign has already amassed nearly 3,000 known victims and could have many more.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Lovin’ The Prufrock: Celebrating 108 Years of T.S. Eliot’s Modernist Masterpiece

Information Governance Perspectives

In literature like Prufrock, modernists often recycled myths and other masterworks to support their impressions of daily life and present-day experiences. They juxtaposed different voices, traditions, and arguments and emphasized form itself as the "carrier of meaning." The post Lovin’ The Prufrock: Celebrating 108 Years of T.S. Eliot’s Modernist Masterpiece appeared first on Rafael Moscatel.

111
111
article thumbnail

[Scam Of The Week] The Turkey-Syria Earthquake

KnowBe4

Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria.

Phishing 107
article thumbnail

Attacking Machine Learning Systems

Schneier on Security

The field of machine learning (ML) security—and corresponding adversarial ML—is rapidly advancing as researchers develop sophisticated techniques to perturb, disrupt, or steal the ML model or data. It’s a heady time; because we know so little about the security of these systems, there are many opportunities for new researchers to publish in this field.

article thumbnail

Twitter, YouTube, Instagram Crippled By Massive Outages

Data Breach Today

Twitter Falters After Post Length for Twitter Blue Users Rises to 4,000 Characters Three of the planet's largest social media platforms suffered outages Wednesday, blocking some users at Twitter, Instagram and YouTube from accessing their accounts. At Twitter, many users received a message Wednesday saying they were "over the daily limit" and were unable to post.

Access 237
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Sometimes in eDiscovery more is better

OpenText Information Management

With the proliferation of electronic data, the vast majority of business communication is now in electronic format. It is not surprising that the use cases for eDiscovery technology have expanded beyond the typical litigation review for production use cases. In the eDiscovery Today 2023 State of the Industry Report, survey respondents reported that the expanded … The post Sometimes in eDiscovery more is better appeared first on OpenText Blogs.

article thumbnail

IT Governance Podcast 2023-3: Bank security flaws ranked, ION ransom paid, MP hacked

IT Governance

This week, we discuss a Which? investigation into basic security flaws on banks’ websites and apps, a ransomware attack on the financial firm ION Cleared Derivatives, and a phishing attack that compromised the emails of Stewart McDonald MP. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 2023-3: Bank security flaws ranked, ION ransom paid, MP hacked appeared first on IT Governance UK Blog.

article thumbnail

Is AIIM Celebrating Its 80th Anniversary?

AIIM

We have an information dilemma on our hands at AIIM. Starting the year, we believed that 2023 is the 80th anniversary of AIIM. We have several blog posts referencing 1943 as AIIM’s founding date. In fact, we celebrated our 75th anniversary just five years ago. 2023 must be our 80th anniversary, right? We believe the National Microfilm Association was founded in 1943.

Metadata 104