Krebs on Security

DECEMBER 3, 2024

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as.shop ,top ,xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

Phishing 263

Phishing Marketing IT 263

Data Breach Today

DECEMBER 4, 2024

Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial Recognition The U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage.

Privacy 296

Privacy Artificial Intelligence Risk Security 296

The Last Watchdog

DECEMBER 3, 2024

In the modern world of software development, code quality is becoming a critical factor that determines a project success. Errors in code can entail severe consequences. Related: The convergence of network, application security For example, vulnerabilities in banking applications can lead to financial data leaks, and errors in medical systems can threaten the health of patients.

Risk 174

Risk Education Security Access 174

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. Security Operations Center (SOC) analyst burnout is a very real problem. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion.

Cybersecurity 140

Cybersecurity Artificial Intelligence Risk Data collection 140

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

AIIM

DECEMBER 10, 2024

At Shell, we recently held an IM business strategy workshop that brought together IM business leads from different lines of business. The goal? To connect the dots between information and data management and chart our approach for the coming years.

Information governance 165

Information governance Government 165

Krebs on Security

DECEMBER 18, 2024

Image: Shutterstock, iHaMoo. Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Authentication 238

Authentication Phishing Access Security 238

Data Breach Today

DECEMBER 4, 2024

Platform Used for Drugs, Arms Trafficking and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in international drug and arms trafficking. Dutch police discovered the app, named Matrix, on the phone of a criminal convicted in 2021 of murdering a journalist.

Encryption 281

Encryption 281

The Last Watchdog

DECEMBER 18, 2024

Today, part three of Last Watchdog s year-end roundtable zeroes in on the regulatory and compliance landscape. Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. From the push for quantum-resilient cryptography to Software Bill of Material (SBOM ) requirements aimed at bolstering supply chain security, this installment examines the regulatory

Compliance 130

Compliance Cybersecurity Risk Privacy 130

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. In February 2024, Serbian journalist Slavia Milanov was summoned to a police station after a routine traffic stop. After the police released him, Milanov noticed suspicious changes to his phone settings, such as disabled data and Wi-Fi.

Personal data 104

Personal data Encryption Security Privacy 104

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

DECEMBER 12, 2024

The Early Days: When We Just Collected Everything When I first joined the information management industry some 25-30 years ago, there was an assumption that information was simply what the business did. They produced it, we trusted it, and our job was to collect it. We never really questioned the information - we just collected it.

IT 160

IT 160

WIRED Threat Level

DECEMBER 4, 2024

The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it's already turning up victims.

Access 145

Access Security IT Privacy 145

Krebs on Security

DECEMBER 19, 2024

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix , a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.

IT 149

IT Data breaches Cloud Passwords 149

Data Breach Today

DECEMBER 4, 2024

Researcher Lennert Wouters on Benefits of Device Hacking Contests, Collaboration Lennert Wouters, a researcher at KU Leuven University in Belgium, has spent the past eight years studying embedded security, analyzing the vulnerabilities of everyday devices and commercial products. He shares his greatest hacks and insights on hardware security industry trends.

Manufacturing 274

Manufacturing Security 274

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

The Last Watchdog

DECEMBER 16, 2024

Continuing our look back at 2024, part two of Last Watchdogs year-ender roundtable turns its focus to emerging threats vs. evolving defense tactics. Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. The drivers are intensifying.

Security 130

Security Phishing IoT Risk 130

Collaboration 2.0

DECEMBER 5, 2024

Key questions remain unresolved concerning the use of Gen AI tools, while one country may need stronger deterrence against data theft.

137

137

AIIM

DECEMBER 5, 2024

As an advocate for advanced imaging technologies and standards, I'm often asked why information management practitioners should care about imaging standards like those developed by the TWAIN Working Group. The answer is simple yet profound: these standards are crucial for efficient, accurate, and secure information acquisition and management.

Security 164

Security 164

WIRED Threat Level

DECEMBER 3, 2024

When programmer Micah Lee was kicked off X for a post that offended Elon Musk, he didn't look back. His new tool for saving and deleting your X posts can give you that same sweet release.

Privacy 141

Privacy Security 141

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Krebs on Security

DECEMBER 10, 2024

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138 , a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that could let an authenticated attacker gain “system” level privileges on a vulnerable Windows device.

Authentication 200

Authentication Ransomware Access Security 200

Data Breach Today

DECEMBER 5, 2024

CFO Stephen Vintz, COO Mark Thurmond to Run Tenable as CEO Yoran Receives Treatment Longtime Tenable CEO Amit Yoran is temporarily stepping aside for cancer treatment and recovery, with top deputies Stephen Vintz and Mark Thurmond stepping up to lead the organization. Yoran was diagnosed in March with a treatable form of cancer, but recently learned he needs additional treatment.

271

271

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. “We identified an attempt to compromise our BT Conferencing platform.

Ransomware 132

Ransomware Blockchain Insurance Data breaches 132

Collaboration 2.0

DECEMBER 10, 2024

For 12 days, the OpenAI daily live stream is unveiling 'new things, big and small.' Here's what's new today.

IT 133

IT Artificial Intelligence 133

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

AIIM

DECEMBER 3, 2024

At Shell, we're on an exciting journey to raise our Information Management (IM) maturity. Our approach is twofold: we look externally at what others in the industry are doing, and we also focus internally on our own progress.

161

161

WIRED Threat Level

DECEMBER 3, 2024

A new proposal by the Consumer Financial Protection Bureau would use a 54-year-old privacy law to impose new oversight of the data broker industry. But first, the agency must survive Elon Musk.

Privacy 139

Privacy Security 139

The Last Watchdog

DECEMBER 5, 2024

Alisa Viejo, Calif., Dec. 5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industrys leading information security magazine. Logan We are deeply honored to be recognized amongst the winners of the 12th annual Cyber Defense Awards at CyberDefenseCon 2024, said Mark Logan, CEO of One Identity.

Cybersecurity 130

Cybersecurity Access Authentication Marketing 130

Data Breach Today

DECEMBER 2, 2024

Suspected LockBit, Babuk Operator Mikhail Matveev Arrested in Russia A prolific ransomware affiliate hacker and developer is facing criminal charges in Russia, Kremlin media reported Friday. Mikhail Pavlovich Matveev has been wanted by U.S. authorities since 2023 for his role in hacking activities as part of ransomware groups including LockBit, Hive and Babuk.

Ransomware 271

Ransomware 271

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

DECEMBER 9, 2024

Mandiant revealed a technique to bypass browser isolation using QR codes, enabling command transmission from C2 servers. Browser isolation is a security measure that separates web browsing from the user’s device by running the browser in a secure environment (e.g., cloud or VM) and streaming visuals. Mandiant has identified a new technique for bypassing browser isolation technology and using QR codes to send commands from C2 to compromised devices.

Communications 124

Communications Libraries Phishing Cloud 124

Collaboration 2.0

DECEMBER 3, 2024

The company is threatening to add a watermark to the desktop of any unsupported PC running Windows 11.

137

137

KnowBe4

DECEMBER 10, 2024

New analysis of ransomware attacks shows that phishing is the primary delivery method and organizations need to offer more effective security awareness training to mitigate the threat.

Phishing 121

Phishing Ransomware Security awareness Security 121