Data Breach Today
JULY 19, 2024
CrowdStrike Confirms Faulty Software Update for Falcon Sensor, Is Deploying Fix Banks, airlines, media giants and others are being disrupted by a mass, global IT outage tied to Windows PCs. While CrowdStrike has issued a workaround tied to a Falcon software update that appears to be the culprit, many IT administrators say it so far remains difficult to implement at scale.
Krebs on Security
JULY 15, 2024
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
JULY 17, 2024
6.8% , to be precise. From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. That total is nearly a third of all the DDoS attacks they mitigated the previous year.
Weissman's World
JULY 19, 2024
I recently gave a presentation to ARMA International about the human consequences of what we do, and though you probably can get a copy of it from ARMA itself – and for sure you can from me – I wanted to take a minute to reinforce the criticality of my point. Most of us spend… Read More » Wanted! An IG Code of Human Ethics The post Wanted!
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
JULY 17, 2024
Costs Have Already Hit $2 Billion, Parent Company UnitedHealth Group Reports Fallout from the February ransomware hit on Change Healthcare, including the theft of data pertaining to up to one-third of Americans, has so far led to $2 billion in costs and may yet reach $2.5 billion, says parent company UnitedHealth Group.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
JULY 16, 2024
I want to share my thoughts on the relationship between information management and emerging technologies like AI and bots. I'll discuss how I view information management as part of an evolving ecosystem that encompasses various technologies and practices.
WIRED Threat Level
JULY 19, 2024
A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.
Data Breach Today
JULY 13, 2024
Nearly 5 Million Servers May be Affected, Only 82 Have Been Patched A critical vulnerability in Exim Mail Transfer Agent enables threat actors to bypass email security filters and deliver malicious attachments directly to user inboxes. Nearly 5 million servers could be vulnerable, but only 82 public-facing servers have updated to the patched release, Exim 4.98.
Security Affairs
JULY 19, 2024
Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation. The LockBit ransomware operation has been active since January 2020, the group hit over 2,500 victims across 120 countries, including 1,800 in the U.S.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
JULY 15, 2024
Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored as metadata, not visible in the article’s text directly, but assigned to a digital object identifier, or DOI—a unique identifier for each sci
WIRED Threat Level
JULY 19, 2024
A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.
Data Breach Today
JULY 15, 2024
Largest Deal in Cyber History Would Help Google Rival Microsoft, Limit Partnerships Despite all the platformization buzz, there are very few vendors with market-leading capabilities in at least three disparate security technology categories. That could change if Google forges ahead with buying cloud security firm Wiz for a reported $23 billion just two years after buying Mandiant.
Security Affairs
JULY 18, 2024
Researchers discovered security flaws in SAP AI Core cloud-based platform that could expose customers’ data. Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked as SAPwned, in the SAP AI Core cloud-based platform. An attacker can exploit the flaws to obtain access tokens and customer data. SAP AI Core, developed by SAP, is a cloud-based platform providing the essential infrastructure and tools for constructing, managing, and deploying predictive AI workfl
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
KnowBe4
JULY 18, 2024
The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously estimated, Cybersecurity Dive reports. The incident has already cost the firm nearly $2 billion.
WIRED Threat Level
JULY 19, 2024
Swindlers are spinning up bogus websites in an attempt to dupe people with “CrowdStrike support” scams following the security firm's catastrophic software update.
Data Breach Today
JULY 15, 2024
Disney’s Data Targeted for Using Artists’ Work in AI Systems, Hacking Group Says An apparent hacktivist group known as NullBulge claimed to have released a major data trove of sensitive information from Disney’s third-party digital workplace collaboration platform, Slack, after reportedly targeting the tech giant for its use of artists' work in training advanced AI systems.
Security Affairs
JULY 18, 2024
The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. FIN7 developed a tool called AvNeutralizer (also known as AuKill) that can bypass security solutions.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Last Watchdog
JULY 15, 2024
In our digital age, managing passwords effectively is crucial not just for our security while we’re alive, but also for ensuring our digital legacies are secure after we’re gone. Related : Understanding digital footprints A recent study by All About Cookies sheds light on the alarming lack of preparation most internet users have for their digital assets.
WIRED Threat Level
JULY 17, 2024
After the Supreme Court limited the power of federal agencies to craft regulations, it’s likely up to Congress to keep US cybersecurity policy intact.
Data Breach Today
JULY 15, 2024
Paying Criminals for a Promise to Delete Data Is Part of the Problem What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers? The latest breached business to pay a ransom to its attackers appears to be AT&T, which reportedly paid Shiny Hunters over $350,000 for a promise to delete stolen data.
Security Affairs
JULY 15, 2024
Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the Veeam Backup & Replication component. An attacker can exploit the issue to obtain encrypted credentials stored in the configuration database, potentially leading to gaining access to the backup infrastructure hosts.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
KnowBe4
JULY 19, 2024
I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event. Within hours of mass IT outages on Friday, a surge of new domains began appearing online, all sharing one common factor: the name CrowdStrike. As the company grapples with a global tech outage that has delayed flights and disrupted emergency services, opportunistic cybercriminals are quick to exploit the chaos.
WIRED Threat Level
JULY 15, 2024
A hacker group called “NullBulge” says it stole more than a terabyte of Disney’s internal Slack messages and files from nearly 10,000 channels in an apparent protest over AI-generated art.
Data Breach Today
JULY 15, 2024
Banks, Bondholders Help French Firm Restructure Debt Ahead of Government Takeover French IT consultancy Atos has raised 1.675 billion euros to restructure its debt as the company prepares to finalize a takeover bid by the French government. About 800 million euros will go toward keeping the business running, according to an announcement by the Paris-based firm on Monday.
Security Affairs
JULY 17, 2024
A vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers allows threat actors to change any user’s password. Cisco has addressed a critical vulnerability, tracked as CVE-2024-20419 (CVSS score of 10.0), in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers that allows attackers to change any user’s password.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
KnowBe4
JULY 17, 2024
Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.
WIRED Threat Level
JULY 15, 2024
Senator Mark Warner is trying to pass new limits on when the government can wiretap Americans. At least two senators are quietly trying to stop him.
Data Breach Today
JULY 15, 2024
GAO: Department Lacks Cybersecurity Strategies for Major Business IT Programs The U.S. Department of Defense still hasn't addressed a series of critical cybersecurity gaps in its information technology business programs, according to an annual assessment conducted by the Government Accountability Office, despite years of warnings from the government watchdog.
Expert insights. Personalized for you.
306 
Let's personalize your content