Elie

AUGUST 1, 2021

Here are the ten most important steps you can take to stay safe online. Blog post

118

118

Security Affairs

AUGUST 2, 2021

Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber Ducky into a smart TV in a company meeting room.

Access 138

Access Marketing Risk Security 138

Threatpost

AUGUST 5, 2021

IBM X-Force detailed the custom-made "LittleLooter" data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof.

Security 123

Security 123

Data Breach Today

AUGUST 5, 2021

Ivanti, Sophos, Deloitte, Cerberus Sentinel and Feedzai Announce Deals Cybersecurity acquisitions continue at an intense pace, with Ivanti, Sophos, Deloitte Risk & Financial Advisory, Cerberus Sentinel and Feedzai all making moves to bolster their security portfolios.

Cybersecurity 363

Cybersecurity Risk Security 363

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

AUGUST 4, 2021

A cornucopia of cybersecurity solutions went on public display today as Black Hat USA 2021 convened once more as a live event in Las Vegas. Related: Kaseya hack raises more supply chain worries. For small- and mid-sized businesses (SMBs) cutting through the marketing hype can be daunting. That said, there is one venerable technology – web application firewalls ( WAFs) – that is emerging as a perfect fit for SMBs in today’s environment, as all companies shift to a deeper reliance on cloud service

Risk 214

Risk Digital transformation Marketing Cloud 214

Security Affairs

JULY 31, 2021

Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source code of the games, the source code of the FrostBite game engine and debug tools, FIFA 21 matchmaking server code, proprietary EA games frameworks, debug tools, SDK,

Data breaches 145

Data breaches Archiving Authentication Ransomware 145

Data Breach Today

AUGUST 4, 2021

vpnMentor: Server Belonging to OneMoreLead Is Now Secured Researchers at vpnMentor say that B2B marketing company OneMoreLead exposed the data of up to 126 million Americans on a misconfigured Elasticsearch server.

B2B 354

B2B Marketing Security 354

The Last Watchdog

AUGUST 4, 2021

Human beings remain the prime target in the vast majority of malicious attempts to breach company networks. Related: Stealth tactics leveraged to weaponize email. Cybersecurity awareness training is valuable and has its place. Yet as Black Hat USA 2021 returns today as a live event in Las Vegas, it remains so true that we can always be fooled — and that the prime vehicle for hornswoggling us remains phishing messages sent via business email.

Phishing 203

Phishing Passwords Cybersecurity IT 203

Schneier on Security

AUGUST 3, 2021

Forbes has the story : Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said. One other spyware industry executive said it also promises to get longer-lasting access to a device, even when it’s rebooted. […].

Manufacturing 145

Manufacturing Encryption Communications Access 145

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

AUGUST 4, 2021

The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack, threat actors have also stolen the personal information of some of its private investors.

Data breaches 145

Data breaches Ransomware Encryption Access 145

Data Breach Today

AUGUST 6, 2021

One Measure Calls for Sanctions Against Nations Tolerating Ransomware Gangs Two bipartisan bills introduced in Congress this week seek to address cyberthreats. One calls for imposing sanctions against countries that allow ransomware gangs to operate within their borders. Another would require law enforcement agencies to better track cybercrime statistics to identify trends.

Ransomware 328

Ransomware 328

The Last Watchdog

AUGUST 3, 2021

Software developers have become the masters of the digital universe. Related: GraphQL APIs pose new risks. Companies in the throes of digital transformation are in hot pursuit of agile software and this has elevated developers to the top of the food chain in computing. There is an argument to be made that agility-minded developers, in fact, are in a terrific position to champion the rearchitecting of Enterprise security that’s sure to play out over the next few years — much more so than me

Security 203

Security Cloud IoT Digital transformation 203

Schneier on Security

AUGUST 2, 2021

Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […]. Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […]. The satellite can detect and characterise any rogue emissions, enabling it to respond dynamically to accidental interference or intentional jamming.

Encryption 145

Encryption Government IT 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

AUGUST 6, 2021

VMware has addressed a critical vulnerability that affects multiple products that could be exploited to gain access to confidential information. VMware has released security updates to address multiple flaws in its products, including a critical issue that could allow an attacker to access confidential information. A couple of vulnerabilities tracked as CVE-2021-22002 and CVE-2021-22003, impact Workspace One Access (Access), Identity Manager (vIDM), vRealize Automation (vRA), Cloud Foundation, a

IT 144

IT Access Passwords Cloud 144

Data Breach Today

AUGUST 6, 2021

OIG Outlines Shortcomings, Recommends Fixes The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.

Security 328

Security Cybersecurity IT 328

The Last Watchdog

AUGUST 2, 2021

In less than a decade, SOAR — security orchestration, automation and response — has rapidly matured into an engrained component of the security technology stack in many enterprises. Related: Equipping SOCs for the long haul. SOAR has done much since it entered the cybersecurity lexicon to relieve the cybersecurity skills shortage. SOAR leverages automation and machine learning to correlate telemetry flooding in from multiple security systems.

Cloud 203

Cloud Digital transformation Phishing Cybersecurity 203

Schneier on Security

AUGUST 5, 2021

The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent. The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District Court for the Northern District of California.

Encryption 144

Encryption Privacy Security IT 144

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

AUGUST 5, 2021

ERG SPA, an Italian energy company, reports a minor impact on its operations after the recent ransomware attack conducted by LockBit 2.0 gang. Recently the Italian energy company ERG was hit by the LockBit 2.0 ransomware gang, now the company reported “only a few minor disruptions” for its ICT infrastructure. The company is active in the production of wind energy, solar energy, hydroelectric energy and high-yield thermoelectric cogeneration energy with low environmental impact. ̶

Ransomware 144

Ransomware Cybersecurity IT Security 144

Data Breach Today

AUGUST 4, 2021

Incident Bears Similarities to Recent Attack at Scripps Health In the wake of a recent cyberattack on UF Health Central Florida that disrupted access to patients' electronic health records for about a month during recovery, the entity is now reporting the incident also exposed patient information.

Access 328

Access 328

eSecurity Planet

AUGUST 5, 2021

Open source security has been a big focus of this week’s Black Hat conference, but no open source security initiative is bolder than the one proffered by the Open Source Security Foundation (OpenSSF). Amid discussions on the security of open source technologies like eBPF and Hadoop, OpenSSF speakers Jennifer Fernick, SVP and head of global research at NCC Group, and Christopher Robinson, Intel’s director of security communications, outlined the group’s vision to secure open sou

Security 143

Security Big data Libraries Communications 143

Threatpost

AUGUST 5, 2021

Telegram declined to fix a scenario in which the flaw can be exploited, spurring a Trustwave researcher to decline a bug bounty and to disclose his findings instead.

143

143

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

AUGUST 5, 2021

An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with the info about one of the operators. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS, he also published the info about one of the operators. The Conti Ransomware operators offer their services to their affiliates and maintain 20-30% of each ransom payment.

Ransomware 137

Ransomware Archiving IT Security 137

Data Breach Today

AUGUST 3, 2021

Malwarebytes Describes Unusual Tactics The Malwarebytes threat intelligence team has discovered a remote access Trojan apparently designed to target Russian speakers that may have combined a social engineering technique with a known exploit to maximize chances of infecting targets.

Access 331

Access 331

eSecurity Planet

AUGUST 3, 2021

Administrators overseeing the Python Package Index (PyPI) in recent days found themselves responding to vulnerabilities found in the repository of open source software, the latest security problems to hit the Python community. Most recently, the PyPI group sent out fixes for three vulnerabilities that were discovered by security researcher RyotaK and published on his blog.

Mining 143

Mining Security Archiving IT 143

Threatpost

AUGUST 6, 2021

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.

Ransomware 132

Ransomware Archiving IT 132

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

AUGUST 2, 2021

An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations. Researchers from Wordfence team discovered a vulnerability, tracked as CVE-2021-34639, affecting the WordPress Download Manager plugin that could allow attackers to execute arbitrary code under specific configurations.

IT 136

IT Security Data breaches Information Security 136

Data Breach Today

AUGUST 2, 2021

Agency Emphasizes Value of VPNs, Other Security Steps Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.

Encryption 325

Encryption Risk Security 325

Hunton Privacy

AUGUST 2, 2021

On July 29, 2021, U.S. Representative Rep. Kathy Castor (D-Florida), a member of the House Energy and Commerce Committee, reintroduced the Protecting the Information of our Vulnerable Children and Youth Act (the “Bill”). The Bill would update the Children’s Online Privacy Protection Act (“COPPA”) to, among other requirements: (1) cover teens ages 13-17; (2) expand the categories of information considered to be “personal” (to include physical characteristics, biometric information, health inform

Privacy 125

Privacy Education Access Security 125