Data Breach Today
MAY 23, 2024
Also: Spanish Hacker Alcasec Arrested Again This week, Fluent Bit contains a flaw, Microsoft is nuking VBScript, Irish police and the SEC face fines, a man was sentenced for BEC, a flaw was found in Netflix's Genie, an Australia university said it was breached and Black Basta claimed an attack, and hacker Alcasec was arrested again.
AIIM
MAY 21, 2024
We live and work in the liminal spaces where transformation and possibility reside. It is this possibility that we, as Women in Information Management, must take advantage of.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Matters
MAY 22, 2024
On 30 April 2024, the UK’s Information Commissioner’s Office (“ICO”) published its strategic approach to regulating artificial intelligence (“AI”) (the “Strategy”), following the UK government’s request that key regulators set out their approach to AI regulation and compliance with the UK government’s previous AI White Paper (see our previous blog post here).
Krebs on Security
MAY 23, 2024
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation c
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MAY 24, 2024
Malicious Script Targets Users in Mexico, Indonesia, Jordan Why bother building a crypto-locker when Microsoft has perfectly acceptable encryption software preloaded on desktops? Many ransomware hackers agree with that statement - and they're learning to make such attacks even harder to recover from.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
MAY 22, 2024
Ultra-wideband radio has been heralded as the solution for “relay attacks” that are used to steal cars in seconds. But researchers found Teslas equipped with it are as vulnerable as ever.
Security Affairs
MAY 21, 2024
The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. Atlas is one of the largest national fuel distributors to 49 continental US States with over 1 billion gallons per year. The Blackbasta extortion group added the company to the list of victims on its Tor leak site, as the researcher Dominic Alvieri reported.
Data Breach Today
MAY 20, 2024
TekStream's Johnson and Splunk's Prevost on Tapping Into Student Talent for the SOC The threat landscape has evolved for state and local government entities as well as higher education institutes. Mary Lou Prevost from Splunk and Bruce Johnson of TekStream discuss innovative public-private partnerships that boost institutional defense mechanisms.
The Last Watchdog
MAY 23, 2024
AppSec has never been more challenging. By the same token, AppSec technology is advancing apace to help companies meet this challenge. Related: AppSec market trajectory At RSAC 2024 , I sat down with Bruce Snell , cybersecurity strategist at Qwiet.ai , to hear a break down about how Qwiet has infused it’s preZero platform, with graph-database capabilities to deliver SAST, SCA, container scanning and secrets detection in a single solution.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
MAY 23, 2024
Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases.
Security Affairs
MAY 20, 2024
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such as coin and card-operated laundry machines, mobile payment solutions, and maintenance suppor
Data Breach Today
MAY 24, 2024
The UAE No Longer Has Cases of SIM Swap Fraud - Here's Why SIM swap fraud continues to cause substantial financial losses for both consumers and financial institutions, undermining the integrity of the financial ecosystem. In the UAE, the banking industry has incurred considerable losses from SIM swap fraud. But a strategic approach has stopped it.
The Last Watchdog
MAY 21, 2024
New York, NY, May 21, 2024, CyberNewsWire — Memcyco Inc., provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Website Impersonation Scams report. Notably, Memcyco’s research indicates that the majority of companies do not have adequate solutions to counter digital impersonation fraud, and that most only learn about attacks from their customers.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
MAY 23, 2024
The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site's users—and then refashioning himself as a legit crypto crime expert.
Security Affairs
MAY 24, 2024
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information.
Data Breach Today
MAY 21, 2024
Tips to Get You to the Place in Your Career Where You Really Want to Be LinkedIn recently released its list of the top companies to work for in 2024. Securing a technical position at a top company requires a strategic approach. Here are some practical tips to help you get started on landing your dream job in tech.
The Last Watchdog
MAY 20, 2024
The open-source Chromium project seeded by Google more than a decade ago has triggered something of a web browser renaissance. Related: Browser attacks mount Browsers based on Chromium include Google Chrome and Microsoft Edge, which dominate in corporate settings – as well as popular upstarts Brave, Opera and Vivaldi. Together these browsers have given rise to a vast ecosystem of extensions – one that happens to align perfectly with a highly distributed work force and global supply chain.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
MAY 21, 2024
A WIRED investigation found thousands of Eventbrite posts selling escort services and drugs like Xanax and oxycodone—some of which the company’s algorithm recommended alongside addiction recovery events.
Security Affairs
MAY 19, 2024
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by Kimsuky via Trojanized software installation packages.
Data Breach Today
MAY 22, 2024
Thousands of People Tricked Bots into Revealing Sensitive Data in Lab Setting It doesn't take a skilled hacker to glean sensitive information anymore: all you need to trick a chatbot into spilling someone else's passwords is "creativity." In a multi-level test, nearly all participants were able to trick the chatbot into revealing a password on at least one level.
The Last Watchdog
MAY 22, 2024
Torrance,Calif., May 22, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal IP , is now available on the AWS Marketplace. This integration ensures efficient software procurement and deployment, aligning seamlessly with customers’ existing cloud architectures.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
WIRED Threat Level
MAY 18, 2024
Plus: Three arrested in North Korean IT workers fraud ring, Tesla staffers shared videos from owners’ cars, and more.
Security Affairs
MAY 22, 2024
A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. Positive Technologies researchers observed while responding to a customer’s incident spotted an unknown keylogger embedded in the main Microsoft Exchange Server page. The keylogger was used to collect account credentials.
Data Breach Today
MAY 24, 2024
Backdoored Installer Facilitates Full, Remote Takeover, Justice AV Solutions Warns Attackers backdoored versions of widely used audiovisual recording software being distributed by Justice AV Solutions via its official download site. Experts say users should "immediately" update to patched versions, review their IT environments for signs of compromise and wipe affected endpoints.
Troy Hunt
MAY 21, 2024
We often do that in this industry, the whole "1.0" thing, but it seems apt here. I started Have I Been Pwned (HIBP) in 2013 as a pet project that scratched an itch, so I never really thought of myself as an "employee" Over time, it grew (and I tell you what, nobody is more surprised by that than me!) and over the last few years, my wife Charlotte got more and more involved.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
MAY 20, 2024
Two judges in London have ruled WikiLeaks’ founder Julian Assange can appeal his extradition to the US on freedom of speech grounds.
Security Affairs
MAY 22, 2024
A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported. Parents often use the app to monitor their children’s online activities or by employers to keep track of employee productivity and internet usage.
Data Breach Today
MAY 22, 2024
K ICO Announces Probe Into Microsoft Screenshot Storage Feature Microsoft's new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. Additionally, the U.K. data regulator will probe Recall for compliance with privacy law.
Expert insights. Personalized for you.
309 
Let's personalize your content