The Last Watchdog

JANUARY 29, 2023

The cybersecurity profession can be very rewarding, but at the same time quite taxing. Related: Equipping SOCs for the long haul In fact, stress factors have risen to where some 45 percent of the security professionals polled in Deep Instinct’s third annual Voice of SecOps report said they’ve considered leaving the industry altogether. Ransomware is at an all-time high; attackers are as elusive as ever.

Security 203

Security Digital transformation Cybersecurity Ransomware 203

KnowBe4

JANUARY 31, 2023

Threat actors are using malicious attachments in OneNote in order to distribute malware, BleepingComputer reports. The attackers attach VBS files that instruct the user to double-click on the file. Most of the phishing lures pose as shipping notifications, invoices, or mechanical drawings.

Phishing 100

Phishing 100

Schneier on Security

FEBRUARY 2, 2023

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while attacking other teams’. It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others’ It’s the software vulnerability lifecycle.

Artificial Intelligence 119

Artificial Intelligence Military Privacy Cybersecurity 119

Dark Reading

FEBRUARY 1, 2023

Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.

Security 142

Security 142

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

FEBRUARY 2, 2023

Why COVID-19 Made Leaders Realize Just How Connected OT Networks Really Are Executives underestimated the security risk associated with operational technology based on the erroneous belief that OT networks are highly segmented or air gapped. But COVID-19 made executives realize their OT networks are more connected than they previously thought, says Dragos CEO Robert M.

Security 208

Security Risk 208

Jamf

FEBRUARY 2, 2023

Check out the new Jamf Learning Hub to find the product technical content you need, when you need it to get the most out of Jamf products and succeed with Apple.

IT 141

IT 141

Dark Reading

FEBRUARY 1, 2023

Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.

Sales 131

Sales IT 131

Data Breach Today

JANUARY 30, 2023

Exposed: Online Customer Details, But Not Complete Payment Card Data JD Sports, a sports fashion retailer with global operations, says personal details pertaining to about 10 million online customers of JD Sports and its Size?, Millets, Blacks, Scotts and MilletSport brands from 2018 to 2020 have been stolen by attackers and warns customers to beware of scammers.

Data breaches 245

Data breaches Retail IT 245

OpenText Information Management

JANUARY 31, 2023

OpenText has completed the acquisition of Micro Focus and I am delighted to welcome customers, partners and employees to OpenText. We are the platform of platforms for Information Management. Digital life is life, and with Micro Focus’ great products, amazing talent and strategic partners, we will help organizations of all sizes accelerate their digital transformations. … The post OpenText Welcomes Micro Focus Customers, Partners and Employees appeared first on OpenText Blogs.

Digital transformation 130

Digital transformation 130

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

eSecurity Planet

JANUARY 30, 2023

Two venture investors have launched an index to track the most popular open source security projects. Chenxi Wang of Rain Capital and Andrew Smyth of Atlantic Bridge unveiled the Open Source Security Index last month. The website leverages GitHub application programming interfaces (APIs) to make “finding open-source security projects easier for everyone.” Anyone can go to the site to discover “the most popular and fastest-growing open-source security (OSS) projects.” OSS

Security 120

Security Cloud IT Cybersecurity 120

Dark Reading

JANUARY 31, 2023

Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.

Cloud 126

Cloud 126

Data Breach Today

FEBRUARY 2, 2023

Extortionists Dump Private and Corporate Customer Data From European Car Giant Christmastime was bleak for a number of organizations in Britain that got hit with ransomware, including car dealership giant Arnold Clark, which originally reported that no customer data had been stolen. But the business subsequently revised its assessment, after attackers dumped stolen data.

Ransomware 257

Ransomware IT 257

Data Protection Report

JANUARY 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. We have set out some updates in the form of questions, with some links where you can find more information. Answers are below. 1. Colorado issued a revised draft of its privacy regulations, which added a list of what could be “substantial or material changes” to a privacy policy, which would require notice communicated to consumers in the manner by which

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

KnowBe4

JANUARY 30, 2023

The UK’s National Cyber Security Centre (NCSC) has described two separate spear phishing campaigns launched by Russia’s SEABORGIUM threat actor and Iran’s TA453 (also known as Charming Kitten). The NCSC says both threat actors have targeted entities in the UK, including “academia, defence, governmental organisations, NGOs, think-tanks, as well as politicians, journalists, and activists.

Phishing 121

Phishing Security 121

Dark Reading

FEBRUARY 1, 2023

Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward.

Cybersecurity 113

Cybersecurity 113

Data Breach Today

FEBRUARY 3, 2023

Spoofed Polish Police Websites Also Found Ukrainian and Polish cyber defenders are warning against a slew of phishing websites that mimic official sites, in particular a page that mimics the Ministry of Foreign Affairs of Ukraine. A hacking group likely comprised of Russian speakers uses the pages to lure users into downloading software.

Phishing 240

Phishing 240

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified on the blockchain and incorporated into our data.

Ransomware 114

Ransomware Blockchain 114

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Hanzo Learning Center

JANUARY 31, 2023

Workplace complaints are serious. Even if a claim doesn’t lead to disciplinary action, the fact that an employee has made an accusation usually indicates workplace problems that need to be addressed for productivity, morale, and quality of work life.

113

113

OpenText Information Management

JANUARY 30, 2023

Businesses strive to compete in today’s market by exercising cost leadership and delivering a winning proposition. Success lies in the organizational knowledge and data locked within its people and information silos. Knowledge Management solutions such as Cognitive Search are essential to solve challenges faced in business today. The American Productivity & Quality Center (APQC), through … The post Top factors driving higher demand for Cognitive Search appeared first on OpenText

Marketing 105

Marketing Customer Experience Digital transformation IT 105

Data Breach Today

FEBRUARY 1, 2023

Andrew Rubin on Contrasts Among Segmenting Endpoints, Servers and Cloud Workloads Illumio has extended its segmentation capabilities from servers and workloads to endpoints to minimize damage in the event of a ransomware attack, CEO Andrew Rubin says. The Silicon Valley-based company can now stop the spread of breaches and ransomware inside servers, cloud workloads and endpoints.

Ransomware 208

Ransomware Cloud IT 208

Schneier on Security

FEBRUARY 1, 2023

This is the result of a security audit: More than a fifth of the passwords protecting network accounts at the US Department of the Interior—including Password1234, Password1234!, and ChangeItN0w!—were weak enough to be cracked using standard methods, a recently published security audit of the agency found. […] The results weren’t encouraging.

Passwords 106

Passwords Authentication Government Security 106

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

IT Governance

FEBRUARY 2, 2023

Cyber incident investigation is one of the most crucial skills that an organisation can master. With countless information security threats looming over your business, you need to understand that data breaches are inevitable. When you come to this realisation, you can implement an incident response plan that helps you identify and investigate security threats.

Data breaches 102

Data breaches Information Security Access Government 102

Jamf

JANUARY 31, 2023

An increasing number of governmental and educational organizations have decided to block TikTok from their networks. Here's why, and how you can do the same if you wish.

Education 106

Education 106

Data Breach Today

JANUARY 31, 2023

Former GSA Administrator Leading Effort to Tackle Software Supply Chain Issues U.S. Federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.

Security 224

Security 224

Security Affairs

FEBRUARY 1, 2023

Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw. On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. A remote attacker can exploit the vulnerability to inject malicious code on QNAP NAS devices.

IoT 98

IoT Ransomware Security IT 98

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

eSecurity Planet

JANUARY 31, 2023

John the Ripper is a popular password cracking tool that can be used to perform brute-force attacks using different encryption technologies and helpful wordlists. It’s often what pen-testers and ethical hackers use to find the true passwords behind hashes. This open-source package is free to download and has several modules for generating hashes from a range of file types, such as Secure Shell (SSH) keys with ssh2john,kbdx files with keepass2john, and password-protected zip archives with zip2joh

Passwords 98

Passwords Encryption Archiving Security 98

Collibra

FEBRUARY 1, 2023

The business landscape gets routinely disrupted by new technologies, social shifts, environmental issues, and constant upheavals in connected global enterprises. Add the pressure of economic uncertainties, and you know why organizations are fighting to keep pace with these changes. The question is how? Today, data is at the heart of every business decision.

Analytics 98

Analytics Customer Experience Marketing Compliance 98

Data Breach Today

FEBRUARY 3, 2023

Mary O'Brien on How External Attack Surface Management Finds Internet-Facing Issues Companies can be blinded by their inside-out view and often benefit from another set of eyes that see their business the same way an attacker would, says IBM's Mary O'Brien. IBM's acquisition of attack surface management firm Randori gives clients another view of areas that need to be remediated.

Security 214

Security 214