Dark Reading
DECEMBER 6, 2022
Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain.
Data Breach Today
DECEMBER 6, 2022
Government Agencies and Private Sector Affected by Attack on IT Sercices Provider A ransomware attack on a New Zealand third party managed IT service provider impacted several government agencies across the country – including the Ministry of Justice and the national health authority. Investigations are ongoing to determine the incident's full impact.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
DECEMBER 5, 2022
In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google.
Data Breach Today
DECEMBER 7, 2022
Campaign May Originate From North Korean Group Infamous for Social Engineering Hackers, possibly North Korea's Lazarus Group, are behind a campaign that socially engineers cryptocurrency traders into opening an Excel spreadsheet loaded with a malicious macro. Pyongyang hackers specialize in cryptocurrency theft as the regime seeks hard currency to fuel weapons development.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Data Breach Today
DECEMBER 5, 2022
Russia May Target Supply Chain Operations and Boost Influence Operations Russian actors may be more willing this winter to use digital tools to coerce and influence Europe away from its support of Ukraine, computing giant Microsoft warns. The Kremlin has at its disposal ransomware and active digital disinformation operations.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
DECEMBER 8, 2022
Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.
WIRED Threat Level
DECEMBER 9, 2022
Are you thinking about uploading some selfies and buying a pack of ‘Magic Avatars’? Consider these expert tips first.
Data Breach Today
DECEMBER 8, 2022
Indian Firm Accuses 'Notorious Cyber Security Company' in Ongoing Incident Indian cybersecurity firm CloudSEK says another cybersecurity firm used a compromised collaboration platform credential to obtain access to its training webpages. CEO Rahul Sasi did not identify the alleged perpetrator and says the hacker did not obtain access to the company code base and database.
Security Affairs
DECEMBER 6, 2022
Russia’s second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history. State-owned VTB Bank, the second-largest financial institution in Russia, says it is facing the largest DDoS (distributed denial of service) attack in its history. The pro-Ukraine collective IT Army of Ukraine has claimed responsibility for the DDoS attacks against the bank.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
The Last Watchdog
DECEMBER 8, 2022
Over the years, bad actors have started getting more creative with their methods of attack – from pretending to be a family member or co-worker to offering fortunes and free cruises. Related: Deploying employees as human sensors. Recent research from our team revealed that while consumers are being exposed to these kinds of attacks (31 percent of respondents reported they received these types of messages multiple times a day), they continue to disregard cyber safety guidelines.
WIRED Threat Level
DECEMBER 8, 2022
From QAnon influencers to @catturd, the very online right sees exactly what they want to see in the CEO’s orchestrated disclosure.
Data Breach Today
DECEMBER 9, 2022
Defendants Allegedly Obtained More Than $5.4 Million From Businesses They Duped U.S. federal prosecutors indicted four men charged with engaging in business email compromise and credit card fraud schemes that netted them $9.2 million. The FBI has warned that business email compromises - whether through account compromise or impersonation - is a growing threat.
Security Affairs
DECEMBER 6, 2022
Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper. The experts also reported an increase in ransomware intentionally turned into wiper malware, these malicious code are mainly employed in politically-motivated campaigns.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Last Watchdog
DECEMBER 6, 2022
Much more effective authentication is needed to help protect our digital environment – and make user sessions smoother and much more secure. Related: Why FIDO champions passwordless systems. Consider that some 80 percent of hacking-related breaches occur because of weak or reused passwords, and that over 90 percent of consumers continue to re-use their intrinsically weak passwords.
WIRED Threat Level
DECEMBER 7, 2022
On cybercrime forums, user complaints about being duped may accidentally expose their real identities.
Data Breach Today
DECEMBER 9, 2022
New Cybersecurity Strategy Will Aspire to World-Topping Performance by 2030 Australian Home Affairs and Cyber Security Minister Clare O'Neil vowed during a speech to transform the country into the world's most cyber-secure, saying experts will start work on a strategy intended to outdo the rest of the world by 2030. The country has recently experienced a data breach wave.
Security Affairs
DECEMBER 9, 2022
CommonSpirit Health confirmed that the October security breach resulted in the exposure of the personal data of 623,774 patients. In early October, Common Spirit , one of the largest hospital chains in the US, suffered a ransomware cyberattack that caused severe inconvenience to the facilities and to patients. The security breach led to delayed surgeries, hold-ups in patient care and forced the chain to reschedule doctor appointments across the country.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
eSecurity Planet
DECEMBER 7, 2022
It has certainly been a rough year for the tech industry. There have been many layoffs, the IPO market has gone mostly dark, and venture funding has decelerated. Despite all this, there is one tech category that has held up fairly well: Cybersecurity. Just look at a report from M&A advisory firm Houlihan Lokey , which found that private cybersecurity company funding grew by 9.4% to $26.9 billion between September 2021 and September 2022.
WIRED Threat Level
DECEMBER 7, 2022
The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.
Data Breach Today
DECEMBER 9, 2022
Sector Especially Vulnerable Due to Dispersed IT Footprint, Massive Records Storage Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals. This strategy snares less poorly prepared organizations, and that often means healthcare entities. Experts share insights on this plague on healthcare and what to do about it.
Security Affairs
DECEMBER 9, 2022
On the third day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition, participants earned more than $250,000. On the third day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition, participants earned more than $250,000 for demonstrating zero-day attacks against NAS devices, printers, smart speakers, routers, and smartphones.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
eSecurity Planet
DECEMBER 8, 2022
SafeBreach Labs researcher Or Yair has uncovered zero-day vulnerabilities in several leading endpoint detection and response ( EDR ) and antivirus ( AV ) solutions that enabled him to turn the tools into potentially devastating next-generation wipers. “This wiper runs with the permissions of an unprivileged user yet has the ability to wipe almost any file on a system, including system files, and make a computer completely unbootable,” Yair warned in a blog post detailing the findings
WIRED Threat Level
DECEMBER 7, 2022
The company plans to expand its Communication Safety features, which aim to disrupt the sharing of child sexual abuse material at the source.
Data Breach Today
DECEMBER 5, 2022
Fake Ransomware Isn't First Wiper to Target Windows Systems in Russia for Deletion Windows systems in Russia are being stalked by a new Trojan that purports to be ransomware but is really designed to wipe PCs and leave them unrecoverable, security researchers say. Dubbed CryWiper, it's one of a number of wipers - mostly targeting Ukraine - seen in the wild this year.
Security Affairs
DECEMBER 6, 2022
Researchers discovered a security flaw in the connected vehicle service SiriusXM that exposes multiple car models to remote attacks. Cybersecurity researchers discovered a security vulnerability in the connected vehicle service provided by SiriusXM that can allow threat actors to remotely attack vehicles from multiple carmakers, including Honda, Nissan, Infiniti, and Acura.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
DECEMBER 5, 2022
This is an actual CAPTCHA I was shown when trying to log into PayPal. As an actual human and not a bot, I had no idea how to answer. Is this a joke? (Seems not.) Is it a Magritte-like existential question? (It’s not a bicycle. It’s a drawing of a bicycle. Actually, it’s a photograph of a drawing of a bicycle. No, it’s really a computer image of a photograph of a drawing of a bicycle.
WIRED Threat Level
DECEMBER 8, 2022
The company, which works with hundreds of startups, said it detected unauthorized access to personal data, including Social Security numbers.
Data Breach Today
DECEMBER 6, 2022
Companies Tells US SEC That the Incident Will Affect Revenue Ransomware lies behind the ongoing outage of hosted Exchange services at Rackspace, the company disclosed in a Tuesday update. The company did not disclose any particular ransomware actor. It told federal regulators that the outage is likely to create a financial loss.
Expert insights. Personalized for you.
131 
Let's personalize your content