Examples - Information Management Today

The Dark Side of AI: Previewing Criminal Uses

Data Breach Today

NOVEMBER 20, 2020

Threats Include Social Engineering, Insider Trading, Face-Seeking Assassin Drones "Has anyone witnessed any examples of criminals abusing artificial intelligence?" A new report has identified likely ways in which such attacks might occur and offers examples of threats already emerging

Artificial Intelligence

Artificial Intelligence Security

Ransomware Attackers Exfiltrate Data From Magellan Health

Data Breach Today

MAY 14, 2020

Another Example of How Cybercriminals' Tactics Are Changing Magellan Health, a U.S. managed care company that focuses on specialty areas of healthcare, says it was hit by a ransomware attack that involved the exfiltration of data.

Ransomware

Ransomware Encryption IT

Memo to Ransomware Victims: Seeking Help May Save You Money

Data Breach Today

OCTOBER 25, 2021

The latest example: Errors in DarkSide - and its BlackMatter rebrand - enabled security experts to quietly decrypt many victims' files for free, saving millions in potential ransom payments.

Ransomware

Ransomware Security IT

Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves

Data Breach Today

JULY 30, 2021

The DoppelPaymer operation, for example, appears to have reinvented itself as Grief, while the administrator of Babuk has launched a ransomware-friendly cybercrime forum called RAMP.

Ransomware

The Definitive Guide to Dashboard Design

Download the Definitive Guide to learn why dashboard design matters, and how to do it well.

IT

Panasonic India's Data Released in Extortion Plot

Data Breach Today

DECEMBER 11, 2020

Experts Say Attack is Textbook Example of Hack and Extort Campaign A 4GB data archive belonging to Panasonic India has been released by a hacker who waged an extortion plot. The company says no highly confidential data was revealed, but a look at the data suggests otherwise.

Archiving

Kaspersky: SolarWinds Backdoor Similar to Russian 'Kazuar'

Data Breach Today

JANUARY 11, 2021

For Example, Both Backdoors Use Same 'Sleeping' Algorithm The "Sunburst" backdoor deployed in the breach of SolarWinds' Orion network monitoring tool uses some of the same code found in the "Kazuar" backdoor, which security researchers have previously tied to Russian hackers, the security firm Kaspersky reports.

Security

Ransomware Attack's Economic Impact: $67 Million

Data Breach Today

MARCH 2, 2021

Universal Health Services' Financial Statement Spells Out the Effects In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care.

Ransomware

Ransomware Insurance

Tesla Hack Could Allow Car Theft, Security Researchers Warn

Data Breach Today

SEPTEMBER 13, 2022

The newest example comes from internet of things security company IOActive in an attack involving two people and customized gear.

Security

Introducing CDEs to Your Enterprise

Gain insights into best practices for implementing scalable CDEs, using real-world examples and guidance to successfully roll out managed platforms across enterprise environments.

Cloud

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Krebs on Security

MARCH 17, 2022

For example, the popular library ES5-ext hadn’t updated its code in nearly two years. A more concerning example can be found at the GitHub page for “ vue-cli ,” a popular Javascript framework for building web-based user interfaces. The message has been Google-Translated from Russian to English.

Libraries

Libraries IT Security

How the U.S. Government Views the Bright, Dark Sides of AI

Data Breach Today

SEPTEMBER 14, 2023

The cybersecurity element is a great example of the bright and the dark side of AI technology," said White House Director Arati Prabhakar. White House, DOD, DHS Leaders Reveal How their Agencies Use Artificial Intelligence AI allows U.S.

Artificial Intelligence

Artificial Intelligence Government Cybersecurity Risk

US Agencies Urged to Combat Growing Chinese Cyberthreat

Data Breach Today

NOVEMBER 20, 2024

Experts Call on Feds to Step Up Defense Against Escalating Chinese Threats A panel of cybersecurity experts and top industry officials pushed lawmakers and the federal government to step up their defenses against escalating cyberthreats from China, citing recent high-profile examples of evidence that Beijing is increasingly targeting the U.S.

Cybersecurity

Cybersecurity Government

FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data

Krebs on Security

APRIL 29, 2024

” The FCC’s findings against AT&T , for example, show that AT&T sold customer location data directly or indirectly to at least 88 third-party entities. For example, $47 million is less than one percent of Verizon’s total wireless service revenue in 2023, which was nearly $77 billion.

Access

Access Communications IT

Get Better Network Graphs & Save Analysts Time

For example, instead of a graph with six related nodes, you get a resolved graph that condenses six nodes into one person. Critical graph visualizations with overly complex nodes and connections transform into network graphs that are much easier and faster for analysts to understand.

Analytics

Should US Banks Do More to Reduce APP Fraud?

Data Breach Today

AUGUST 1, 2022

for examples of how to stop authorized push payment fraud. Ken Palla Discusses New Guidance From the Bureau of Consumer Financial Protection The US Consumer Financial Protection Bureau reportedly plans to release new guidance requiring banks to reimburse consumers for certain money-transfer service scams.

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

Here’s one example from Jan. 3 example that leads to a phish targeting Amazon customers. Urlscan.io , a free service that provides detailed reports on any scanned URLs, also offers a historical look at suspicious links submitted by other users. A recent phishing site that abused LinkedIn’s marketing redirect.

Phishing

Phishing Marketing Access IT

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

For example, the timestamp for Mr. Carter’s inbox reads August 2009, but clicking that inbox revealed messages as recent as Feb. Carter’s own recent emails to him, along with a request to understand how exactly the company managed to screw things up so spectacularly. Individual inboxes of U.S.

Education

Education Data breaches Government Security

GUEST ESSAY: Data loss prevention beccomes paramount — expecially in the wake of layoffs

The Last Watchdog

FEBRUARY 13, 2023

Tesla, for example, suffered two cybersecurity events after layoffs back in 2018. For example, one priority is identifying personally identifiable information of your customers. Another example is any kind of proprietary algorithm or system. But it’s a real and growing risk to be aware of. Data loss isn’t necessarily spiteful.

Artificial Intelligence

Artificial Intelligence Risk Education Access

The Definitive Guide to Predictive Analytics

The Definitive Guide to Predictive Analytics has everything you need to get started, including real-world examples, steps to build your models, and solutions to common data challenges. By embedding predictive analytics, you can future-proof your application and give users sophisticated insights.

Analytics

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

The Last Watchdog

MAY 21, 2024

One promising example of the latter comes from messaging security vendor IRONSCALES. There was a lot of buzz at RSAC 2024 about how GenAI and Large Language Models (LLM) are getting leveraged — by both attackers and defenders. Related: Is your company moving too slow or too fast on GenAI?

Phishing

Phishing Access Security IT

Does Your Organization Have a Security.txt File?

Krebs on Security

SEPTEMBER 20, 2021

An example of a security.txt file. For example, just this morning a trusted source forwarded me the VPN credentials for a major clothing retailer that were stolen by malware and made available to cybercriminals. Image: Securitytxt.org. well-known/security.txt.

Retail

Retail Security Encryption IT

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

But cybercrooks are constantly figuring out ingenious ways to fly beneath Google’s anti-abuse radar, and new examples of bad ads leading to malware are still too common. And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. Other domains at 93.190.143[.]252

IT

IT Security

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

The Last Watchdog

JANUARY 9, 2024

Common examples of AR applications include the Pokemon Go mobile game and Snapchat filters. For example, security professionals can build cyberattack scenarios, designing the system to provide realistic feedback so participants better understand what to do if they encounter real-life threats.

Cybersecurity

Cybersecurity Risk Access Marketing

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

JUNE 20, 2022

Once vetted and accepted, threat hunters will go into these message boards and communities and search for anything connected to your business, for example: •Corporate login credentials. Data collections released after ransomware attacks. Databases with critical IP and/or PII. Chatter about the best methods to attack your business.

Ransomware

Ransomware Access Marketing Data collection

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

AUGUST 14, 2020

For example, in an attack targeting a hospital, the phishing email was made to look like it came from a hospital IT manager, with the malicious files disguised as patient reports. According to Trend Micro , Defray usually is spread via booby-trapped Microsoft Office documents sent via email.

Ransomware

Ransomware Insurance Phishing IT

Managing Security at the Network Layer

Data Breach Today

SEPTEMBER 25, 2024

Here are the essential practices for managing network security, along with real-world examples that reinforce the importance of comprehensive protection. How to Safeguard Critical Infrastructure Neglecting network security can lead to serious consequences for organizations. The time to secure your network is now - before it's too late.

Security

Security IT

FCC Proposal Targets SIM Swapping, Port-Out Fraud

Krebs on Security

OCTOBER 1, 2021

By way of example, the commission pointed to the recent breach at T-Mobile that exposed this data on 40 million current, past and prospective customers. According to the FCC, several examples of pre-established passwords include: -a one-time passcode sent via text message to the account phone number or a pre-registered backup number. -a

Passwords

Passwords Authentication Communications Retail

Sales Effectiveness: The B2B Sales Leader's Guide

Advertiser: ZoomInfo

You’ll get a deep dive on: Proven methods for warming up cold calls Coaching points for responding to price pressure early and often Front-line examples of how to win the battle for customer retention This guide is designed to help today’s B2B sales leaders ramp up their effectiveness in any economic environment.

B2B

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

The Last Watchdog

JULY 1, 2024

LW: What’s an example that illustrates the benefit of teaming? Singh: One example is a large tire manufacturer that operates multiple production plants globally, each with its own production schedule. Patches can only be applied outside of production times.

IT

IT Security Compliance Manufacturing

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

For example, it is unclear how much data would have been unrecoverable if a decryption key had not become available as the HSE’s backup infrastructure was only periodically backed up to offline tape. “For example, they do not have a CISO or a Security Operations Center established.”

Ransomware

Ransomware Cybersecurity Phishing Security

What Counts as “Good Faith Security Research?”

Krebs on Security

JUNE 3, 2022

” “Security research not conducted in good faith — for example, for the purpose of discovering security holes in devices, machines, or services in order to extort the owners of such devices, machines, or services — might be called ‘research,’ but is not in good faith.”

Security

Security Computer and Electronics Access Libraries

Microsoft Buys Corp.com So Bad Guys Can’t

Krebs on Security

APRIL 7, 2020

And unfortunately, in early versions of Windows that supported Active Directory — Windows 2000 Server, for example — the default or example Active Directory path was given as “corp,” and many companies apparently adopted this setting without modifying it to include a domain they controlled.

Sales

Sales Risk Access Security

Outrun Your Competition: Best Practices for Accelerating Sales Processes

Advertiser: ZoomInfo

Dig into our data-backed guide to learn: Proven methods for warming up cold calls Coaching points for responding to price pressure early and often Front-line examples of how to win the battle for customer retention

Sales

ICANN Launches Service to Help With WHOIS Lookups

Krebs on Security

DECEMBER 6, 2023

The service can’t be used to request WHOIS data tied to country-code top level domains (CCTLDs), such as those ending in.de (Germany) or.nz (New Zealand), for example. The RDRS portal.

Phishing

Phishing GDPR Personal data Communications

RSAC insights: ‘CAASM’ tools and practices get into the nitty gritty of closing network security gaps

The Last Watchdog

JUNE 6, 2022

Zheng walked me through an example of how easy it is for a security team to overlook gaps created, for instance, in the mixing and matching of cloud resources leased from Amazon Web Services: “Let’s say you have an internal resource that’s not configured to be public facing by itself. There are countless more examples like this.

Security

Security Cloud Analytics Digital transformation

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

” In this scenario, the fraudster actually enters a Zelle transfer that triggers the following text to the member, which the member is asked to authorize: For example: “Send $200 Zelle payment to Boris Badenov? Reply YES to send, NO to cancel. ABC Credit Union. STOP to end all messages.” Be sure to include Docket No.

IT

IT Passwords Authentication Phishing

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

If the attachment is opened, the malicious document proceeds to quietly download additional malware and hacking tools to the victim machine ( here’s one video example of a malicious Microsoft Office attachment from the malware sandbox service any.run ). which significantly affects the scale of the conversion rate.

Ransomware

Ransomware Access Marketing Cloud

Solving the Biggest Tech Challenges in RevOps

Advertiser: ZoomInfo

In this eBook, we’ll run through real-world examples that show how RevOps teams can benefit from modern solutions for the access, management, and activation of their GTM data.

Access

GUEST ESSAY: How to detect if a remote job applicant is legit — or a ‘Deepfake’ candidate

The Last Watchdog

AUGUST 10, 2022

Even deepfake examples designed to educate the public — like a doctored video of Nixon’s resignation speech — fool observers without meaning to. A single example resulting from “deep voice” fakery resulted in a loss of $35 million in fraudulent bank transfers. The FBI’s warning. Best defense: awareness.

Education

Education Cybersecurity Authentication Security

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

For example, a company in 1995 builds their Microsoft Active Directory service around the domain company.llc , perhaps reasoning that since.llc wasn’t even a routable TLD, the domain would simply fail to resolve if the organization’s Windows computers were ever used outside of its local network.

Authentication

Authentication Passwords Ransomware Cloud

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

OCTOBER 13, 2021

For example, on Oct. ” This phishing scheme is another example of how crooks are coming up with increasingly ingenious methods for circumventing popular multi-factor authentication options, such as one-time passwords. 10 the scammers checked more than 216,000 email addresses against Coinbase’s systems.

Passwords

Passwords Phishing Authentication Access

Phish-Friendly Domain Registry “.top” Put on Notice

Krebs on Security

JULY 23, 2024

For example, more than 10 years ago the same Chinese registrar was the fourth most common source of phishing websites, as tracked by the APWG. For example, Interisle found phishing attacks involving websites created on Google’s blogspot.com skyrocketed last year more than 230 percent. is hardly a new trend.

Phishing

Phishing Compliance IT

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

The Dark Side of AI: Previewing Criminal Uses

Ransomware Attackers Exfiltrate Data From Magellan Health

Trending Sources

Memo to Ransomware Victims: Seeking Help May Save You Money

Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves

The Definitive Guide to Dashboard Design

Panasonic India's Data Released in Extortion Plot

Kaspersky: SolarWinds Backdoor Similar to Russian 'Kazuar'

Ransomware Attack's Economic Impact: $67 Million

Tesla Hack Could Allow Car Theft, Security Researchers Warn

Introducing CDEs to Your Enterprise

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

How the U.S. Government Views the Bright, Dark Sides of AI

US Agencies Urged to Combat Growing Chinese Cyberthreat

FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data

Get Better Network Graphs & Save Analysts Time

Should US Banks Do More to Reduce APP Fraud?

How Phishers Are Slinking Their Links Into LinkedIn

U.S. Internet Leaked Years of Internal, Customer Emails

GUEST ESSAY: Data loss prevention beccomes paramount — expecially in the wake of layoffs

The Definitive Guide to Predictive Analytics

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

Does Your Organization Have a Security.txt File?

Using Google Search to Find Software Can Be Risky

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

How to Package and Price Embedded Analytics

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Managing Security at the Network Layer

FCC Proposal Targets SIM Swapping, Port-Out Fraud

Sales Effectiveness: The B2B Sales Leader's Guide

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

Inside Ireland’s Public Healthcare Ransomware Scare

What Counts as “Good Faith Security Research?”

Microsoft Buys Corp.com So Bad Guys Can’t

Outrun Your Competition: Best Practices for Accelerating Sales Processes

ICANN Launches Service to Help With WHOIS Lookups

RSAC insights: ‘CAASM’ tools and practices get into the nitty gritty of closing network security gaps

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Solving the Biggest Tech Challenges in RevOps

GUEST ESSAY: How to detect if a remote job applicant is legit — or a ‘Deepfake’ candidate

Local Networks Go Global When Domain Names Collide

How Coinbase Phishers Steal One-Time Passwords

Phish-Friendly Domain Registry “.top” Put on Notice

Reimagined: Building Products with Generative AI

Stay Connected