Krebs on Security
JANUARY 10, 2024
A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide notice of the lawsuit to the defendant.
Data Breach Today
JANUARY 8, 2024
Large Mortgage Lender's Customers Say the Online Payment Portable Is Inaccessible Non-bank mortgage lending giant LoanDepot is warning customers and investors that hackers have infiltrated its network, gained unauthorized access to information and encrypted data, leading to it taking numerous systems offline while it probes the attack.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
JANUARY 9, 2024
2024 is going to be a special year. As we celebrate our 80th anniversary, we are also launching a brand new strategy. This new strategy reimagines AIIM for the age of artificial intelligence where trusted data and information are essential. In the coming months, we will be sharing much more about our new strategy, but I am very excited to give you a preview of what's to come.
The Last Watchdog
JANUARY 9, 2024
Augmented reality (AR) and virtual reality (VR) technologies provide intriguing opportunities for immersive and interactive experiences in cybersecurity training. Related: GenAI’ impact on DevSecOps Here’s how these technologies can bridge learning gaps in cybersecurity awareness and enhance the overall training experience. AR and VR technologies can create distinct immersive experiences by merging digital reality with the physical world.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Krebs on Security
JANUARY 8, 2024
In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran the world’s top spam forum and worked closely with Russia’s most dangerous cybercriminals.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
JANUARY 7, 2024
A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport Rafic Hariri in Lebanon and breached the Flight Information Display System (FIDS). Rafic Hariri International Airport is the main international airport serving Beirut, the capital of Lebanon.
Hunton Privacy
JANUARY 9, 2024
On January 8, 2024, the French Data Protection Authority (the “CNIL”) opened a consultation on its draft guidance for the use of transfer impact assessments (“Guidance”). In describing the Guidance, the CNIL references the decision of the Court of Justice of the European Union in Schrems II and states that exporters relying on tools listed in Article 46(2) and Article 46(3) of the EU General Data Protection Regulation (“GDPR”) for personal data transfers are required to assess the level of prote
The Last Watchdog
JANUARY 12, 2024
Washington, DC, Jan. 12, 2024 – Trimarc Security , the professional services company with extensive expertise in securing Active Directory for enterprise organizations, today announced the early access availability of its new product, Trimarc Vision. Trimarc Vision is a powerful security posture analysis product that provides visibility into the most important security components of Active Directory.
Data Breach Today
JANUARY 12, 2024
E-Commerce Giant Accuses Luxembourg Regulators of Attacking the Company Amazon in a Luxembourg court Tuesday contested a once-record privacy fine levied against the e-commerce giant for its advertising practices by the diminutive country's data protection authority. The fine of 746 million euros stems from a 2018 complaint by French privacy group La Quadrature du Net.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
JANUARY 7, 2024
Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3 billion. Almost all incoming crypto volume in Iran adheres to Know Your Customer (KYC) requirements.
eSecurity Planet
JANUARY 11, 2024
When remote workers connect bring-your-own-device (BYOD) laptops, desktops, tablets, and phones to corporate assets, risk dramatically increases. These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Ransomware remains just one of many different threats and as security teams eliminate key vectors of attack, adversaries will shift tactics.
KnowBe4
JANUARY 10, 2024
Artificial intelligence (AI) in the cybersecurity realm is a nuanced topic. On the one hand, it has the potential to enhance our abilities to detect and prevent cyber threats significantly.
Data Breach Today
JANUARY 11, 2024
Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
JANUARY 6, 2024
Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT’s malware family. Security researcher Greg Lesnewich discovered a backdoor, called SpectralBlur, that targets Apple macOS. The backdoor shows similarities with the malware family KANDYKORN (aka SockRacket), which was attributed to the North Korea-linked Lazarus sub-group known as BlueNoroff (aka TA444 ).
eSecurity Planet
JANUARY 12, 2024
Cloud log management is the comprehensive processing of log data, including generation, aggregation, storage, analysis, archive, and disposal. The top log management services offer troubleshooting and operational efficiency through seamless integration, secure log handling, advanced security analytics, and more. To help you select an ideal cloud log management solution, we’ve evaluated the top options and their use cases.
Hanzo Learning Center
JANUARY 9, 2024
As we step into 2024, the legal industry continues to be reshaped by technological advancements. This year promises to bring new developments that could revolutionize how legal professionals work and interact with clients.
Data Breach Today
JANUARY 12, 2024
Crypto-Malware Trackers Report a Surge in Known Ransomware Victims at End of 2023 Ransomware-wielding attackers show no signs of stopping, and experts report December 2023 was the second-worst month on record for known victims. Lately, Akira-wielding attackers have been hitting Finland hard, and Medusa has been behind a rising number of attacks.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
JANUARY 12, 2024
Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently disclosed critical flaw CVE-2023-51467 (CVSS score: 9.8) in the Apache OfBiz. In December, experts warned of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system.
Schneier on Security
JANUARY 10, 2024
In 2000, I wrote : “If McDonald’s offered three free Big Macs for a DNA sample, there would be lines around the block.” Burger King in Brazil is almost there , offering discounts in exchange for a facial scan. From a marketing video: “At the end of the year, it’s Friday every day, and the hangover kicks in,” a vaguely robotic voice says as images of cheeseburgers glitch in and out over fake computer code. “BK presents Hangover Whopper, a technology that
eSecurity Planet
JANUARY 8, 2024
The new year brought few new vulnerabilities, and only Ivanti Endpoint Manager (EPM) and Kyber, the quantum resistant encryption algorithm, publicized new vulnerabilities or fixes. Unfortunately, most news derived from the active attacks on multiple older vulnerabilities, which threaten to expose organizations slow to patch. Speed remains critical to security, but more importantly, patching teams need to make progress with patch and vulnerability management.
Data Breach Today
JANUARY 12, 2024
Also: Why We Should Care About the New York Times' Copyright Lawsuit Against OpenAI In the latest weekly update, ISMG editors discussed how the surge in API usage poses challenges for organizations, why good governance is so crucial to solving API issues and how The New York Times' legal action against OpenAI and Microsoft highlights copyright concerns.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
JANUARY 11, 2024
The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. The X account of the Google-owned firm Mandiant has over 120,000 followers.
Schneier on Security
JANUARY 12, 2024
New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker.
Jamf
JANUARY 11, 2024
Are you diving into the world of device management? In this blog, learn about Apple MDM: from what it is to how to get started with it in your organization.
Data Breach Today
JANUARY 11, 2024
Financially Motivated Actors Targeting US, EU and LATAM Countries Financially motivated Turkish hackers are targeting Microsoft SQL servers in the United States, Europe and Latin America in hacking that ultimately ends with deployment of Mimic ransomware or the sale of access to infected hosts on criminal online markets.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
JANUARY 12, 2024
Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details. Users of the e-sports knowledge base were exposed via a publicly accessible and passwordless MongoDB database, the Cybernews research team has discovered. The database was closed after researchers informed Liquipedia’s admins about the issue.
Schneier on Security
JANUARY 9, 2024
This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password authentication.
KnowBe4
JANUARY 11, 2024
Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s Brand Phishing Report for Q4 2023.
Expert insights. Personalized for you.
298 
Let's personalize your content