The Last Watchdog

SEPTEMBER 21, 2022

Cybersecurity is a top concern for individuals and businesses in the increasingly digital world. Billion-dollar corporations, small mom-and-pop shops and average consumers could fall victim to a cyberattack. Related: Utilizing humans as security sensors. Phishing is one of the most common social engineering tactics cybercriminals use to target their victims.

Phishing 198

Phishing Artificial Intelligence Cybersecurity Compliance 198

Dark Reading

SEPTEMBER 22, 2022

An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559.

100

100

Schneier on Security

SEPTEMBER 21, 2022

This is a fascinating glimpse of the future of automatic cheating detection in sports: Maybe you heard about the truly insane false-start controversy in track and field? Devon Allen—a wide receiver for the Philadelphia Eagles—was disqualified from the 110-meter hurdles at the World Athletics Championships a few weeks ago for a false start.

IT 120

IT 120

Security Affairs

SEPTEMBER 22, 2022

A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit ransomware gang. The leak of the builder for the latest encryptor of the LockBit ransomware gang made the headlines, it seems that the person who published it is a disgruntled developer. The latest version of the encryptor, version 3.0 , was released by the gang in June.

Ransomware 342

Ransomware Archiving Passwords IT 342

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

SEPTEMBER 20, 2022

Assume Password, Email and IPs Leaked as an Attempt to Export User Database Made One of the internet's worst websites is down following a weekend hack that may have exposed the email, password and IP address of Kiwi Farms yses. A statement on the site says hackers gained access to site administrator Joshua Moon's account. Site users stalk trans and non-binary people.

Passwords 341

Passwords Access 341

WIRED Threat Level

SEPTEMBER 23, 2022

Amid protests against the killing of Mahsa Amini, authorities have cut off mobile internet, WhatsApp, and Instagram. The death toll continues to rise.

Security 234

Security 234

Security Affairs

SEPTEMBER 20, 2022

How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left calling cards at the attacked properties. Internet fraudsters usually leave a trail of breadcrumbs whenever they visit websites through specific IP addresses. They reveal their physical location and the device they used to connect to the web.

Privacy 356

Privacy Risk Big data Libraries 356

Data Breach Today

SEPTEMBER 20, 2022

Cybercriminals Using Social Engineering, Phishing to Divert Payments Cybercriminals are netting multimillion-dollar hauls by targeting healthcare industry payment processing, the FBI warns. The criminals use publicly available personally identifiable information and deploy social engineering techniques to impersonate care providers.

Phishing 284

Phishing 284

Krebs on Security

SEPTEMBER 17, 2022

Three men in the United Kingdom were arrested this month for attempting to assault a local man and steal his virtual currencies. The incident is the latest example of how certain cybercriminal communities are increasingly turning to physical violence to settle scores and disputes. Shortly after 11 p.m. on September 6, a resident in the Spalding Common area in the district of Lincolnshire, U.K. phoned police to say three men were acting suspiciously, and had jumped a nearby fence. “The thre

Access 267

Access 267

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

WIRED Threat Level

SEPTEMBER 17, 2022

An alleged teen hacker claims to have gained deep access to the company’s systems, but the full picture of the breach is still coming into focus.

Access 222

Access Security 222

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The now-patched critical security flaw was disclosed by Atlassian in early June, at the time the company warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versio

Mining 337

Mining File names Ransomware Cloud 337

Data Breach Today

SEPTEMBER 23, 2022

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? Michael DeBolt of Intel471 says anti-ransomware efforts, including government action and better cybersecurity practices, are working. But ransomware isn’t going away soon.

Ransomware 259

Ransomware Cybersecurity Government IT 259

The Last Watchdog

SEPTEMBER 21, 2022

The pace and extent of digital transformation that global enterprise organizations have undergone cannot be overstated. Related: The criticality of ‘attack surface management’ Massive global macro-economic shifts have fundamentally changed the way companies operate. Remote work already had an impact on IT strategy and the shift to cloud, including hybrid cloud , well before the onset of Covid 19.

Cybersecurity 214

Cybersecurity Digital transformation Cloud Financial Services 214

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

WIRED Threat Level

SEPTEMBER 17, 2022

Plus: An AI artist exposes surveillance of Instagram users, the US charges Iranians over a ransomware campaign, and more.

Ransomware 209

Ransomware Privacy Security 209

Security Affairs

SEPTEMBER 17, 2022

Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying a ransom. The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom. “We’re pleased to announce the availability of a new decryptor for LockerGoga, a strain of ransomware that rose to fame in 2019 with the attack of the Norsk Hydro company.” reads the ann

Ransomware 337

Ransomware Encryption Cybersecurity Security 337

Data Breach Today

SEPTEMBER 23, 2022

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? Michael DeBolt of Intel471 says anti-ransomware efforts, including government action and better cybersecurity practices, are working. But ransomware isn’t going away soon.

Ransomware 250

Ransomware Cybersecurity Government IT 250

eSecurity Planet

SEPTEMBER 23, 2022

Whether it’s package hijacking, dependency confusing, typosquatting, continuous integration and continuous delivery ( CI/CD ) compromises, or basic web exploitation of outdated dependencies , there are many software supply chain attacks adversaries can perform to take down their victims, hold them to ransom , and exfiltrate critical data. It’s often more efficient to attack a weak link in the chain to reach a bigger target, like what happened to Kaseya or SolarWinds in the last couple of years.

Security 141

Security Authentication Access Libraries 141

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

SEPTEMBER 22, 2022

Security firm Chainguard has created a simple, open-source way for organizations to defend the cloud against some of the most insidious attacks.

Cloud 190

Cloud Security 190

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis, is a popular open source data structure tool that can be used as an in-memory distributed database, message broker or cache. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication.

Mining 290

Mining Data structuring Business Services Encryption 290

Data Breach Today

SEPTEMBER 22, 2022

Current and Former Customers' Contact Details Exposed, But No Financial Information Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.

Data breaches 246

Data breaches Passwords IT 246

Schneier on Security

SEPTEMBER 23, 2022

Okay, it’s an obscure threat. But people are researching it : Our models and experimental results in a controlled lab setting show it is possible to reconstruct and recognize with over 75 percent accuracy on-screen texts that have heights as small as 10 mm with a 720p webcam.” That corresponds to 28 pt, a font size commonly used for headings and small headlines. […].

Paper 140

Paper Privacy Access IT 140

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

WIRED Threat Level

SEPTEMBER 21, 2022

But as Ukrainians retake ground, some of the firms are erasing their online presence.

Privacy 172

Privacy Security 172

Security Affairs

SEPTEMBER 19, 2022

Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online game acceleration. Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts multiple Netgear router models.

Passwords 278

Passwords Communications Compliance Security 278

Data Breach Today

SEPTEMBER 18, 2022

Group Thanked FBI Agent for Insider Information About Weaknesses The LockBit group has paid the first payment of $50,000 as part of its bug bounty program for researchers willing to aid in cybercriminality. The group had announced that it will pay individuals who find exploitable vulnerabilities in the software it uses to maliciously encrypt files.

Ransomware 246

Ransomware Encryption IT 246

Dark Reading

SEPTEMBER 17, 2022

Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.

Passwords 141

Passwords Cloud Access 141

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

SEPTEMBER 19, 2022

Despite having one of the strongest data-protection policies in Africa, the country’s enforcement and disclosure practices remain dangerously broken.

Cybersecurity 171

Cybersecurity Security 171

Security Affairs

SEPTEMBER 22, 2022

Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to target organizations in the cryptocurrency industry, the last victim in order of time is crypto trading firm Wintermute. The company made the headlines after that threat actors have stolen around $160 million worth of digital assets.

Marketing 266

Marketing Communications Security IT 266

Data Breach Today

SEPTEMBER 17, 2022

The latest edition of the ISMG Security Report discusses the appearance at a Senate hearing this week by the former head of security for Twitter; the top-performing web application and API protection vendors, according to Gartner's Magic Quadrant 2022; and threat trends to watch for in 2023.

Security 246

Security 246