The Last Watchdog

JUNE 5, 2024

Digital rights management ( DRM ) has come a long way since Hollywood first recognized in the 1990s that it needed to rigorously protect digital music and movies. By the mid-2000s a branch called enterprise digital rights management ( EDRM ) cropped up to similarly protect sensitive business information. Today, businesses amass vast amounts of business-critical data – at a pace that’s quickening as GenAI takes hold.

Architecture 290

Architecture Marketing Internet Internet 290

Tech Republic Security

JUNE 5, 2024

The observability suite is the first major overhaul for Splunk products since the Cisco acquisition. Plus, Mistral AI makes a deal with Cisco’s incubator.

Big data 175

Big data Artificial Intelligence Network Security 175

Bleeping Computer

JUNE 5, 2024

The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free. [.

Ransomware 144

Ransomware Encryption 144

Tech Republic Security

JUNE 5, 2024

Are password managers safe to use? Find out if they are really secure and discover the benefits and risks of using password managers.

Password Management 179

Password Management Passwords Risk 179

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Elie

JUNE 5, 2024

This case-study explores the effectiveness of virtual reality (VR) for diversity, equity, and inclusion (DEI) training through the lens of a custom VR application developped to train Google employees.

138

138

Tech Republic Security

JUNE 5, 2024

Find out how the cyberespionage threat actor LilacSquid operates, and then learn how to protect your business from this security risk.

Malware 165

Malware Risk Big data Phishing 165

Security Boulevard

JUNE 5, 2024

RansomHub, which has become among the most prolific ransomware groups over the past few months, likely got its start with the source code from the Knight malware and a boost from a one-time BlackCat affiliate. The post RansomHub Rides High on Knight Ransomware Source Code appeared first on Security Boulevard.

Ransomware 134

Ransomware Malware Security Awareness Cybersecurity 134

Trend Micro

JUNE 5, 2024

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.

Cryptocurrency 132

Cryptocurrency Cyber threats Malware 132

Bleeping Computer

JUNE 5, 2024

Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned. [.

Hacking 129

Hacking 129

Security Affairs

JUNE 5, 2024

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited vulnerabilities in the German government’s implementation of the Cisco Webex software to access internal meetings. In March, the German authorities admitted the hack by Russia-linked actors of a military meeting where participants discussed giving military support to Ukraine. “In early May 2024, Ci

Government 118

Government Hacking Media Passwords 118

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JUNE 5, 2024

Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. [.

Accountability 126

Accountability 126

Security Boulevard

JUNE 5, 2024

In an era marked by escalating cybersecurity threats, companies within the Defense Industrial Base (DIB) find themselves at a critical juncture. With approximately 80,000 entities poised for substantial IT system enhancements to adhere to DFARS 7012 and CMMC standards, the emphasis largely remains on compliance. This perspective, however, often overshadows the fundamental purpose of these […] The post The Imperative of Strong Cybersecurity for DIB Companies: Beyond Compliance to Genuine Protecti

Cybersecurity 120

Cybersecurity 120

Bleeping Computer

JUNE 5, 2024

Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. [.

123

123

The Hacker News

JUNE 5, 2024

Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that's designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library named crytic-compile.

Cybersecurity 118

Cybersecurity 118

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

JUNE 5, 2024

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads. [.

Ransomware 120

Ransomware 120

The Hacker News

JUNE 5, 2024

An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace.

Government 117

Government 117

Bleeping Computer

JUNE 5, 2024

Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace [.

Hacking 116

Hacking Government 116

The Hacker News

JUNE 5, 2024

An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to steal and encrypt victims' data for financial gain.

Ransomware 115

Ransomware Healthcare Encryption 115

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JUNE 5, 2024

Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug. [.

138

138

Security Boulevard

JUNE 5, 2024

A rising volume of risks, shortage of qualified cybersecurity professionals and time management with vendors are among the challenges MSPs face. The post MSPs Look to Streamline Cybersecurity Partnerships, Skills Shortage Persists appeared first on Security Boulevard.

Cybersecurity 113

Cybersecurity Risk 113

Bleeping Computer

JUNE 5, 2024

A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation. [.

Ransomware 106

Ransomware 106

Malwarebytes

JUNE 5, 2024

High profile TikTok accounts, including CNN, Sony, and—er­—Paris Hilton have been targeted in a recent attack. CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens without the account owner needing to click on or open anything—known as a zero-click attack.

Accountability 108

Accountability Passwords Password Management Risk 108

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

JUNE 5, 2024

Security researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evoloved from the currently defunct Knight ransomware project. [.

Ransomware 108

Ransomware 108

Malwarebytes

JUNE 5, 2024

“Hey there!” messaged Savannah, someone 16-year-old Charlie had never met before, but looked cute in her profile picture. She had long blonde hair, blue eyes, and an adorable smile, so he decided to DM with her on Instagram. Soon their flirty exchanges grew heated, and Savannah was sending Charlie explicit photos. When she asked him for some in return, he thought nothing of taking a quick snap of himself naked and sending it her way.

Scams 107

Scams Media Artificial Intelligence Accountability 107

Bleeping Computer

JUNE 5, 2024

Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. [.

Software 109

Software 109

The Hacker News

JUNE 5, 2024

Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations.

Firmware 108

Firmware 108

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Penetration Testing

JUNE 5, 2024

A critical security flaw has been uncovered in the popular WordPress plugin, Email Subscribers by Icegram Express. This vulnerability, designated as CVE-2024-4295, carries a severity rating of 9.8 (CVSS), making it a prime target... The post CVE-2024-4295: Critical Vulnerability in Popular WordPress Plugin Exposes 90K+ Sites appeared first on Cybersecurity News.

Cybersecurity 111

Cybersecurity 111

Security Affairs

JUNE 5, 2024

Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical flaws in some of its NAS devices that have reached end-of-life. An attacker can exploit the vulnerabilities to perform command injection attacks and achieve remote code execution.

Firmware 101

Firmware Authentication Manufacturing Hacking 101

The Hacker News

JUNE 5, 2024

Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate.

98

98

SecureWorld News

JUNE 5, 2024

The U.S. Department of Health and Human Services (HHS) has stepped in to ensure patients are made aware if their sensitive data was compromised during February's massive cyberattack on health IT firm Change Healthcare. In a ruling issued on May 31, 2024, HHS stated that hospitals and health systems impacted by the Change Healthcare data breach must now require the insurance giant UnitedHealth Group to directly notify affected individuals about potential exposure of their personal and medical inf

Healthcare 89

Healthcare Data breaches Identity Theft Insurance 89

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity