Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out
06-02-2023 22:30

Crypto Drainers Are Ready to Ransack Investor Wallets
Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.
06-02-2023 22:20

Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.
06-02-2023 22:11

Cadien Cyber Response Launches to Deliver Incident Response & Complex Digital Forensics Services
06-02-2023 21:38

Hackers are mass infecting servers worldwide by exploiting a patched hole
Servers running unpatched versions of ESXi are sitting ducks for ESXiArgs attacks.
06-02-2023 21:32

Cybercrime Shows No Signs of Slowing Down
Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023.
06-02-2023 20:00

Patching & Passwords Lead the Problem Pack for Cyber-Teams
Despite growing awareness, organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies.
06-02-2023 19:18

Endless Seinfeld episode grinds to a halt after AI comic violates Twitch guidelines
Unintended transphobic act by AI-powered Jerry Seinfeld clone leads to 14-day ban.
06-02-2023 17:10

Will Emphasising App Security Lead to More App Installs?
The app industry is incredibly competitive. There are millions of apps available today, with many more being released all of the time. As a developer, making a fantastic app is one thing; ensuring it gets lots of downloads is another. There are a number
06-02-2023 15:39

Name That Edge Toon: For the Birds
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
06-02-2023 15:00

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It
It's time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide.
06-02-2023 15:00

Ars Archivum: Top cloud backup services worth your money
We tested five consumer-friendly cloud backup services and found a clear winner.
06-02-2023 14:49

Big Tech companies use cloud computing arms to pursue alliances with AI groups
Deals between Big Tech and "generative AI" startups raise competition concerns.
06-02-2023 14:25

$400,000 Fine for Stalkerware App Developer
A fine of over $400,000 has been handed to the developer of several stalkerware apps, alongside an order to modify the software. A consortium of 16 companies owned by Patrick Hinchy produced apps that snooped users, including DDI Utilities, PhoneSpector,
06-02-2023 12:22

What CISOs Can Do About Brand Impersonation Scam Sites
Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.
03-02-2023 22:04

Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says
The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.
03-02-2023 21:41

Microsoft alleges attacks on French magazine came from Iranian-backed group
Leaked personal data of Charlie Hebdo customers puts them at risk from extremists.
03-02-2023 21:10

The newest feature in the Microsoft Store is more ads
App store ads on other platforms may offer benefits to devs—but few for users.
03-02-2023 16:29

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.
03-02-2023 16:00

How the Cloud Is Shifting CISO Priorities
The greatly expanding attack surface created by the cloud needs to be protected.
03-02-2023 15:00

Until further notice, think twice before using Google to download software
Over the past month, Google has been outgunned by malvertisers with new tricks.
03-02-2023 13:29

MITRE Releases Tool to Design Cyber-Resilient Systems
Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.
03-02-2023 03:00

Hornetsecurity Combats QR Code Phishing With Launch of New Technology
02-02-2023 21:20

Korelock Launches IOT Smart Lock Technology Company
Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.
02-02-2023 21:05

Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally
The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.
02-02-2023 20:53

6 Examples of the Evolution of a Scam Site
Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.
02-02-2023 19:01

Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks
The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.
02-02-2023 18:23

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter
QNAP NAS devices are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.
02-02-2023 16:08

Ransomware attack halts London trading
Ion Markets, a financial data group crucial to the financial plumbing underlying the derivatives trading industry, has fallen prey to the cybercrime group Lockbit.  The company has revealed that 42 clients have been affected by the attack, which has caus
02-02-2023 15:02

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.
02-02-2023 15:00

Managing the Governance Model for Software Development in a No-Code Ecosystem
Forward-leading business and technology leaders are seeing the value of the "do-It-yourself" approach.
02-02-2023 15:00

Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.
02-02-2023 14:50

ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research
02-02-2023 14:40

Discrepancies Discovered in Vulnerability Severity Ratings
Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says.
02-02-2023 11:01

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk
With the proliferation of cyber attacks in all industries, organizations are beginning to grasp the growing significance of cyber risk and how this is an integral part of protecting and maintaining an efficient business. Ransomware is the single biggest
02-02-2023 09:31

Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.
02-02-2023 09:00

Why CISOs Should Care About Brand Impersonation Scam Sites
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.
01-02-2023 23:36

ChatGPT sets record for fastest-growing user base in history, report says
Intense demand for AI chatbot breaks records and inspires new subscription plan.
01-02-2023 22:57

Nearly All Firms Have Ties With Breached Third Parties
The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds.
01-02-2023 22:12

CISA to Open Supply Chain Risk Management Office
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.
01-02-2023 21:31

Up to 29,000 unpatched QNAP storage devices are sitting ducks to ransomware
QNAP storage devices are a frequent target of criminal hackers.
01-02-2023 21:08

Netflix stirs fears by using AI-assisted background art in short anime film
Netflix cites labor shortage, kicks hornets nest with AI-assisted 3-minute short.
01-02-2023 21:00

Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report
Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics.
01-02-2023 20:58

Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC
Move will strengthen position as a leader in the identity governance and analytics market.
01-02-2023 20:32

Vista Equity Partners Completes Acquisition of KnowBe4
01-02-2023 20:29

Inside Killnet: Pro-Russia Hacktivist Group's Support and Influence Grows
Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.
01-02-2023 20:20

New data illustrates time’s effect on hard drive failure rates
Backblaze examines 230,921 HDDs across 29 models from Seagate, Toshiba, and more.
01-02-2023 18:48

Paper: Stable Diffusion “memorizes” some images, sparking privacy concerns
Out of 300,000 high-probability images tested, researchers found a 0.03% memorization rate.
01-02-2023 18:37

Beating the Odds: 3 Challenges Women Face in the Cybersecurity Industry
Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward
01-02-2023 18:00

Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats
Gem Security provides the world's first holistic approach for Cloud TDIR, bridging the gap between cloud complexity and security operations.
01-02-2023 16:05

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover
Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.
01-02-2023 16:00

Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions
The Security Innovation Alliance (SIA) empowers customers to create holistic security programs by leveraging robust end-to-end integration partnerships.
01-02-2023 15:45

Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data
Findings underscore security awareness training that leverages practical, hands-on exercises is essential to creating a security-aware culture.
01-02-2023 15:08

KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship
KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.
01-02-2023 15:00

Application Security Must Be Nonnegotiable
Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.
01-02-2023 15:00

ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers
Study also reveals enterprises rely on multiple tools to ensure cloud security.
01-02-2023 14:48

Google Fi Users Caught Up in T-Mobile Breach
Google Fi mobile customers have been alerted that their SIM card serial numbers, phone numbers, and other data were exposed in T-Mobile hack.
01-02-2023 14:18

Pig-butchering scam apps sneak into Apple’s App Store and Google Play
In online confidence scams, appearance is everything—and app stores can help with that.
01-02-2023 11:00

Checkmarx Launches Threat Intelligence for Open Source Packages
The new API incorporates threat intelligence research and employs machine learning to identify threats in the supply chain.
01-02-2023 05:00

How Can Disrupting DNS Communications Thwart a Malware Attack?
Malware eventually has to exfiltrate the data it accessed. By watching DNS traffic for suspicious activity, organizations can halt the damage.
01-02-2023 02:05

Firmware Flaws Could Spell 'Lights Out' for Servers
Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access.
31-01-2023 22:35

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code
Security vulnerabilities in VMware's vRealize Log Insight platform can be chained together to offer a cybercriminals a gaping hole to access corporate crown jewels.
31-01-2023 21:30

Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status
Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.
31-01-2023 20:00

Poser Hackers Impersonate LockBit in SMB Cyberattacks
Recent cyberattacks against SMBs across Europe have been traced back to copycat groups using leaked LockBit locker malware.
31-01-2023 19:44

Will Cybersecurity Remain Recession-Proof in 2023?
Demand for skilled professionals will remain high, but cyber budgets will be eaten away.
31-01-2023 18:00

NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America
To meet a pressing demand for industrial and OT security, zero-trust, device-level cybersecurity provider expands with strategic hires in new and established markets.
31-01-2023 16:15

New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year
SysKit report highlighting effects of digital transformation on IT admins and governance landscape released.
31-01-2023 16:09

Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce
Mentoring, scholarships, and professional development opportunities will be offered to those underrepresented in the industry through the collaboration.
31-01-2023 15:58

Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud
Standard Investments leads round with participation from Munich Re Ventures, Moore Strategic Ventures, Bessemer Venture Partners, and Zeev Ventures.
31-01-2023 15:45

Are Your Employees Thinking Critically About Their Online Behaviors?
Three mindset shifts will help employees build a habit of vigilance and make better security decisions. Move past security theater to reframe thinking so employees understand data's value, act with intention, and follow data best practices.
31-01-2023 15:00

Unleash the Full Potential of Zero-Trust Security
The demand is unmistakeable and the business case is readily justified — it's time to implement zero trust.
31-01-2023 08:00

Predictions For Securing Today's Hybrid Workforce
Since requirements differ for users who work both from home and in the office, policies — and underlying technology — must adapt.
31-01-2023 08:00

Checkmarx Launches Threat Intelligence for Open Source Packages
The new API incorporates threat intelligence research and employs machine learning to identify threats in the supply chain.
31-01-2023 05:00

GitHub says hackers cloned code-signing certificates in breached repository
It remains unclear how the threat actor compromised access token used in the breach.
30-01-2023 22:59

MusicLM: Google AI generates music in various genres at 24 kHz
Your musical wish is MusicLM's command, making audio from "rich captions."
30-01-2023 22:43

Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
30-01-2023 22:32

SentinelOne and KPMG Announce Alliance To Accelerate Cyber Investigations and Response
30-01-2023 22:00

Cybercrime Ecosystem Spawns Lucrative Underground Gig Economy
The complex nature of cyberattacks has increased demand for software developers, reverse engineers, and offensive specialists — attracting workers facing financial insecurity.
30-01-2023 21:52

10M JD Sports Customers' Info Exposed in Data Breach
UK sportswear retailer asks exposed customers to stay "vigilant" against phishing attempts following cyberattack.
30-01-2023 21:17

IT and Security Professionals Spend an Average of 4,300 Hours Annually Achieving or Maintaining Compliance
New research from Drata shows compliance remains a business challenge for many organizations.
30-01-2023 20:33

The Threat from Within: 71% of Business Leaders Surveyed Think Next Cybersecurity Breach Will Come from the Inside
30-01-2023 20:28

Make Developers the Driver of Software Security Excellence
Those who are wrangling code every day could fuel a genuinely transformational approach to security — if they are adequately upskilled.
30-01-2023 20:17

How $6 Can Buy Hacked Social Media & Streaming Accounts From the Dark Web, Whizcase Study Reveals
30-01-2023 19:55

Facebook Bug Allows 2FA Bypass Via Instagram
The Instagram rate-limiting bug, found by a rookie hunter, could be exploited to bypass Facebook 2FA in vulnerable apps, researcher reports.
30-01-2023 19:00

Fake Texts From the Boss, Bogus Job Postings and Frankenstein Shoppers — Oh My!
Experian’s annual Future of Fraud Forecast highlights five fraud threats facing businesses and consumers in 2023.
30-01-2023 17:40

Massive Yandex code leak reveals Russian search engine’s ranking factors
Details show how the world's fourth-largest search engine ranks webpages.
30-01-2023 17:37

Convincing, Malicious Google Ads Look to Lift Password Manager Logins
Users searching for Bitwarden and 1Password's Web vaults on Google have recently reported seeing paid ads with links to cleverly spoofed sites for stealing credentials to their password vaults.
30-01-2023 17:15

Long Con Impersonates Financial Advisers to Target Victims
Cybercriminals are co-opting the identities of legitimate US financial advisers to use them as fodder for relationship scams (aka "pig butchering"), which end with the theft of investments.
30-01-2023 16:45

The Journal, Artificial Intelligence in the Life Sciences, Highlights the Contributions of Women in Artificial Intelligence in the Life Sciences
The launch of a new article collection and webinar by the journal AILSCI recognises prominent female scientists in the field of AI.
30-01-2023 16:43

JD Sports admits data breach
JD Sports has warned customers that bought items on its website, as well as those of Size?, Blacks and Millets, between November 2018 and October 2020 may have been impacted in the breach. The company has urged customers to be wary of potential phishing
30-01-2023 15:32

Spotlight on 2023 DevSecOps Trends
Solutions that provide more actionable results — remediation that frees up engineers, processes which integrate security into software development from its design, along with automation, IAC, and tool consolidation — are among the DevSecOps strategies th
30-01-2023 15:00

Acronis seals cyber protection partnership with Fulham FC
Acronis, a global and visionary cyber protection company, today announced a three-year partnership with London´s oldest professional football club, Fulham FC. will support Acronis as its ‘Strategic #Cyberfit’ delivery partner providing i
30-01-2023 13:37

Most criminal cryptocurrency is funneled through just 5 exchanges
A few big players are moving a “shocking” amount of currency in a tight market.
28-01-2023 12:15

Enterprises Don't Know What to Buy for Responsible AI
Organizations are struggling to procure appropriate technical tools to address responsible AI, such as consistent bias detection in AI applications.
27-01-2023 22:30

Enterprises Need to Do More to Assure Consumers About Privacy
Organizations care about data privacy, but their priorities appear to be different from what their customers think are important.
27-01-2023 22:00

Why Most Companies Still Don’t Know What’s on Their Network
Chris Kirsch, CEO of runZero, sits down with Dark Reading’sTerry Sweeney for a Fast Chat on the importance of asset discovery.
27-01-2023 21:00

On Data Privacy Day, Organizations Fail Data Privacy Expectations
Data Privacy Day rolls around year after year, and data privacy breaches likewise. Two-thirds of data breaches result in data exposure.
27-01-2023 20:00

#GermanyRIP. Kremlin-loyal hacktivists wage DDoSes to retaliate for tank aid
Killnet hacktivist group appears to have indirect ties to the Russian government.
27-01-2023 19:39

BuzzFeed preps AI-written content while CNET fumbles
200 percent BuzzFeed stock rise might signal start of a "pivot to AI" media trend.
27-01-2023 18:10

Pivot to ChatGPT? BuzzFeed preps for AI-written content while CNET fumbles
200 percent BuzzFeed stock rise might signal start of an AI media trend.
27-01-2023 18:10

source : arstechnica, darkreading, itsecurityguru