WIRED Threat Level

DECEMBER 26, 2024

From Chinese cyberspies breaching US telecoms to ruthless ransomware gangs disrupting health care for millions of people, 2024 saw some of the worst hacks, breaches, and data leaks ever.

Ransomware 101

Ransomware Security 101

Data Breach Today

DECEMBER 24, 2024

Cybercriminals Say They Hacked 66 Companies The Clop cybercriminal group is threatening to make public the companies swept up by its mass hacking of managed file-transfer software built by Cleo Communications. In a Dec. 24 update to its dark web leak site, Clop asserted it has "data of many companies who use Cleo.

Communications 265

Communications IT 265

AIIM

DECEMBER 26, 2024

As an Information Leader, selecting the right imaging technology for your organization is a critical decision that impacts information flow, accessibility, and management. With the rapid evolution of cloud and mobile technologies, it's crucial to choose solutions that are not only effective today but also future-proof. The TWAIN Working Group standards, particularly TWAIN Direct, offer a framework for making informed decisions.

Cloud 160

Cloud Access IT 160

Collaboration 2.0

DECEMBER 24, 2024

In just two years, AI has gone from hype to essential skill, offering massive productivity gains and increasing creativity among teams who use it. Here's how.

IT 138

IT 138

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

DECEMBER 27, 2024

Smartphones and face recognition are being combined to create new digital travel documents. The paper passports days are numbereddespite new privacy risks.

Paper 130

Paper Privacy Risk Security 130

Security Affairs

DECEMBER 21, 2024

Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company’s telemetry shows that over192,000 devices were infected with the BADBOX bot. The botnet includes 160,000 previously unseen devices, notably Yandex 4K QLED Smart TVs and T963 Hisense Smartphones.

Communications 142

Communications Information Security Cybersecurity Risk 142

Collaboration 2.0

DECEMBER 24, 2024

I've used and covered Linux for nearly 30 years. Here's my top pick for my favorite open-source distro in 2024.

Access 137

Access 137

WIRED Threat Level

DECEMBER 25, 2024

AI voice cloning and deepfakes are supercharging scams. One method to protect your loved ones and yourself is to create secret code words to verify someones identity in real time.

Passwords 124

Passwords Privacy Security 124

Data Breach Today

DECEMBER 27, 2024

Unauthenticated Attackers Using Malicious Packet to Crash Devices' PAN-OS Software Security giant Palo Alto Networks is pushing updates to fix a denial-of-service vulnerability in its PAN-OS device software that unauthenticated, remote attackers have been actively exploiting. The flaw can be triggered by sending firewalls "a malicious packet," which will crash the devices.

Security 174

Security IT 174

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Security Affairs

DECEMBER 23, 2024

Italy’s data protection watchdog fined OpenAI 15 million for ChatGPT’s improper collection of personal data. Italys privacy watchdog, Garante Privacy, fined OpenAI 15M after investigating ChatGPT’s personal data collection practices. The Italian Garante Priacy also obliges OpenAI to conduct a six-month informational campaign over ChatGPTs data management violations.

Artificial Intelligence 107

Artificial Intelligence Personal data Data collection Privacy 107

Collaboration 2.0

DECEMBER 22, 2024

Who is liable: the product maker, the library coder, or the company that chose the product? Our Part 2 analysis examines this sticky issue if a catastrophic outcome occurs.

Libraries 130

Libraries 130

Schneier on Security

DECEMBER 24, 2024

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case.

Paper 113

Paper IT 113

Data Breach Today

DECEMBER 26, 2024

The 'Eagle S' Forms Part of Sanctions-Busting Russian Shadow Fleet, Says EU Finnish police boarded Thursday an oil tanker suspected of rupturing telecommunications and electricity cables running beneath the Baltic Sea in a Christmas Day incident. They escorted the tanker, the Eagle S, into Finnish waters as part of a criminal investigation into damage caused on Wednesday.

163

163

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

DECEMBER 24, 2024

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote code execution under certain conditions. The Apache Software Foundation (ASF) addressed an important vulnerability, tracked as CVE-2024-56337 , in its Tomcat server software. The researchers warn that exploiting this vulnerability could result in remote code execution under certain conditions.

IT 115

IT Security Information Security 115

Collaboration 2.0

DECEMBER 27, 2024

In 2024, AI became truly helpful. Here are 15 clever ways I integrated it into my workflow for quicker, better results - and how you can too.

IT 119

IT 119

WIRED Threat Level

DECEMBER 23, 2024

In Russias war against Ukraine, electronic warfare, including signal-jamming, anti-drone weapons, and innovative protections for critical military systems, has become a key piece of the conflict.

Military 107

Military Security 107

Data Breach Today

DECEMBER 26, 2024

Also, US Court Rules NSO Group Violated Hacking Laws With Pegasus Spyware This week, cyberattack disrupts Japan Airlines, U.S. court rules NSO Group violated hacking laws, the European Space Agencys web store hacked, FTC orders Marriott to overhaul data security, Sophos patches critical firewall flaws and Apache fixes critical SQL injection in Traffic Control.

Security 163

Security 163

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane.

Authentication 113

Authentication Access Cloud Cybersecurity 113

Collaboration 2.0

DECEMBER 23, 2024

In 2024, AI became truly helpful. Here are 15 clever ways I integrated it into my workflow for quicker, better results - and what I hope to do with it in 2025.

IT 126

IT 126

Schneier on Security

DECEMBER 27, 2024

The basic strategy is to place a device with a hidden camera in a position to capture normally hidden card values, which are interpreted by an accomplice off-site and fed back to the player via a hidden microphone. Miniaturization is making these devices harder to detect. Presumably AI will soon obviate the need for an accomplice.

99

99

Data Breach Today

DECEMBER 23, 2024

Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed Hackers Hackers tied to North Korea's cash-strapped totalitarian dictatorship this year stole a record amount of cryptocurrency, totaling $1.34 billion across 47 incidents, or about double their known haul for 2023, reported blockchain analytics firm Chainalysis.

Blockchain 163

Blockchain Analytics 163

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

DECEMBER 22, 2024

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the U.S. Panev was arrested in Israel in August and is awaiting extradition to the U.S. on criminal charges.

Ransomware 120

Ransomware Communications Government Access 120

Collaboration 2.0

DECEMBER 26, 2024

Suno will use its AI skills to create a song based on your description of a specific genre and topic.

IT 118

IT 118

Schneier on Security

DECEMBER 26, 2024

Scammers are hacking Google Forms to send email to victims that come from google.com. Brian Krebs reports on the effects. Boing Boing post.

Cybersecurity 93

Cybersecurity 93

Data Breach Today

DECEMBER 27, 2024

American Addiction Centers Says 422,424 Individuals' Private Details Exposed Substance abuse treatment company American Addiction Centers is warning nearly half a million patients that ransomware-wielding attackers stole their personal details, including names and Social Security numbers. The Rhysida ransomware operation claimed to perpetrate the attack.

Ransomware 148

Ransomware Security 148

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

DECEMBER 26, 2024

A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing on Thursday. A cyber attack hit Japan Airlines (JAL) on Thursday, the offensive began at 7:24 a.m. and impacted internal and external systems. The Associated Press reported that the attack disabled a router, causing system malfunctions and suspending ticket sales for Thursday departures.

Sales 121

Sales Government IT Information Security 121

Collaboration 2.0

DECEMBER 24, 2024

If you're a mobile gamer, the Redmagic 10 Pro was designed specifically for you, and I highly recommend it.

IT 119

IT 119

KnowBe4

DECEMBER 24, 2024

CyberheistNews Vol 14 #52 [Heads Up] Bad Actors Use Voice Phishing in Microsoft Teams To Spread Malware

Phishing 87

Phishing 87