The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

SecureList

OCTOBER 29, 2024

The primary objective of these services is risk reduction. Moreover, exploitation of a public-facing application was the root cause in 42.37% of cases investigated by the Kaspersky Global Emergency Response Team (GERT) in 2023. This is where compromise assessment enters the game.

Risk 111

Risk Antivirus Accountability Malware 111

Penetration Testing

APRIL 6, 2025

This flaw, identified as CVE-2023-6931, carries a CVSS score of 7.8, indicating a high severity risk. A security researcher has recently disclosed technical details and proof-of-concept (PoC) exploit code for a vulnerability in the Linux kernel’s Performance Events system component.

Risk 111

Risk Cybersecurity 111

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Krebs on Security

DECEMBER 11, 2024

Sanders spent most of 2023 in Ukraine, traveling with Ukrainian soldiers while mapping the shifting landscape of Russian crypto exchanges that are laundering money for narcotics networks operating in the region. — shows an entity by that name incorporated at a mail drop in London in December 2023. had their registrations revoked.

Cryptocurrency 280

Cryptocurrency Banking Cybercrime Advertising 280

Tech Republic Security

MAY 15, 2023

A new report from Proofpoint provides global insight into CISOs' challenges, expectations and priorities for 2023. The post Survey: Most CISOs feel their business is at risk for cyberattack appeared first on TechRepublic.

CISO 197

CISO Risk Big data Ransomware 197

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Cyber Risk 178

Cyber Risk Cyber threats Risk Technology 178

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare 119

Healthcare Ransomware Identity Theft Data breaches 119

Centraleyes

APRIL 24, 2025

Ivanti Connect Secure VPN (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893) was repeatedly targeted, with Chinese espionage groups among the early adopters. Fortinet FortiClient EMS (CVE-2023-48788) was used in both ransomware campaigns and data theft. The post When Security Becomes the Risk appeared first on Centraleyes.

Risk 52

Risk VPN Firewall Ransomware 52

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. Yet, boardroom focus on cyber risk appears to be diminishing. trillion by 2025, a 300% increase since 2015 1.

Cyber Risk 189

Cyber Risk Risk Insurance Energy and Utilities 189

The Last Watchdog

APRIL 30, 2023

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen. Here are four evolving themes reverberating from RSAC 2023 that struck me: Password enabled access will endure for the foreseeable future. Related: Demystifying ‘DSPM’ This was my nineteenth RSAC.

Mobile 238

Mobile Cloud Migration Penetration Testing Authentication 238

Krebs on Security

JUNE 15, 2023

” In details published on June 12 , Fortinet confirmed that one of the vulnerabilities ( CVE-2023-27997 ) is being actively exploited. The company said it discovered the weakness in an internal code audit that began in January 2023 — when it learned that Chinese hackers were exploiting a different zero-day flaw in its products.

Risk 263

Risk VPN Internet Internet 263

The Last Watchdog

OCTOBER 4, 2023

I heard a cogent assessment of the shift that must take at the Omdia Analyst Summit at Black Hat USA 2023. The Omdia analysts called out a a handful of key proactive methodologies: Risk-Based Vulnerability Management (RBVM), Attack Surface Management (ASM), and Incident Simulation and Testing (IST).

Risk 222

Risk Marketing Software Network Security 222

The Last Watchdog

APRIL 28, 2023

“Stronger together” was the theme of RSA Conference 2023 , which returned to its pre-Covid grandeur under the California sunshine last week at San Francisco’s Moscone Center. Here are three evolving themes reverberating from RSAC 2023 that struck me: Getting a grip on identities Password enabled access will endure for the foreseeable future.

Mobile 211

Mobile Cloud Migration Penetration Testing Authentication 211

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. trillion, the risk of a data breach extends beyond immediate financial losses. trillion and $5.28

Retail 71

Retail Cyber Risk Risk DDOS 71

Malwarebytes

JANUARY 6, 2025

In January 2023 a witness confirmed there had been a data breach, which prompted the Indiana OIG to initiate a wider investigation to assess compliance with the HIPAA rules and state laws. The company provided no HIPAA training for employees prior to November 2023. This investigation revealed extensive HIPAA violations.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Schneier on Security

AUGUST 12, 2024

Interesting paper: “ Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data “: Generative, multimodal artificial intelligence (GenAI) offers transformative potential across industries, but its misuse poses significant risks. image, text, audio, video) in the wild.

Artificial Intelligence 321

Artificial Intelligence Risk 321

SecureList

MAY 6, 2024

Amid the current threat landscape, Kaspersky has conducted a comprehensive analysis of the financial risks, pinpointing key trends and providing recommendations to effectively mitigate risks and enhance security posture. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million detections compared to 5.04

Phishing 133

Phishing Banking Mobile Scams 133

The Last Watchdog

DECEMBER 14, 2022

Based on insights from our team of elite security researchers here at Bugcrowd, these are three trends gaining steam as 2022 comes to a close – trends that I expect to command much attention in 2023. Continuous pentesting. However, a longtime challenge with pentesting has been the “point-in-time” nature of the tests.

Penetration Testing 229

Penetration Testing Risk Marketing Government 229

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. Intelligence and cybersecurity experts have different opinions on AI development.

Artificial Intelligence 143

Artificial Intelligence Technology Risk Hacking 143

Security Affairs

JANUARY 4, 2025

According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. Violators risk penalties, with sanctions aimed at encouraging behavioral change rather than punishment.

Cybersecurity 121

Cybersecurity IoT Hacking Technology 121

Schneier on Security

JULY 20, 2023

The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” ” Lots of interesting bits. Third, many of the implementation plan’s goals have timelines stretching into 2025.

Cybersecurity 185

Cybersecurity Software Risk Accountability 185

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. High-risk vulnerabilities can cause errors in applications and affect customers’ business. More than a third (39%) used the microservice architecture.

Passwords 139

Passwords Authentication Architecture Risk 139

The Last Watchdog

OCTOBER 23, 2024

As small businesses increasingly depend on digital technologies to operate and grow, the risks associated with cyber threats also escalate. The cost of ignoring such measures can be substantial, as noted in IBM’s 2023 Cost of a Data Breach Report, which found the average impact of a data breach on small businesses can exceed $3.31

Small Business 162

Small Business Data breaches Backups Passwords 162

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. In 2023, cybercriminals put up information belonging to as many as seven million 23andMe customers for sale on criminal forums following a credential stuffing attack against the genomics company. I honestly hope they’re right.

Insurance 145

Insurance Accountability Risk Data breaches 145

SecureWorld News

NOVEMBER 13, 2024

The MOVEit vulnerability (CVE-2023-34362), first exploited in May 2023, allowed unauthenticated attackers to gain unauthorized access to vulnerable systems. The group has been observed leaking stolen data, potentially putting individuals and businesses at risk. The third-party vendor breached in the attack was not identified.

Data breaches 117

Data breaches Identity Theft Education Software 117

Security Affairs

DECEMBER 23, 2024

The decision stems from a March 2023 investigation and aligns with the EDPB’s guidance on AI-driven services and personal data processing. ” reads the press release published by Italy’s Garante. ” reads the press release published by Italy’s Garante.

Artificial Intelligence 106

Artificial Intelligence Data collection Data breaches Hacking 106

Security Affairs

FEBRUARY 26, 2025

The two vulnerabilities are: CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is a cross-site scripting (XSS) issue in Synacor ZCS. .

Authentication 100

Authentication Hacking Cybersecurity Risk 100

Adam Shostack

JANUARY 2, 2025

External changes will be driving appsec in 2023. 2023 brings new challenges and new opportunities for software companies, and all companies are now software companies. Threat modeling is the activity that lets us identify those risks. Its time to frame the decisions in front of you.

Engineering 130

Engineering Software Architecture Manufacturing 130

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed). million customers.

Hacking 236

Hacking Government Identity Theft Accountability 236

Security Affairs

NOVEMBER 18, 2024

The security breach poses a major national security risk. In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023.

Mobile 112

Mobile Telecommunications Data breaches Hacking 112

Malwarebytes

APRIL 10, 2025

The risk is considered real because of the impending takeover of the genetic database that belongs to 23andMe. However, the senator fears that the company and its assets will be sold to the highest bidder which will put the information of its approximately 15 million customers at risk of falling into the wrong hands.

Accountability 109

Accountability Risk Data breaches Education 109

The Last Watchdog

JANUARY 3, 2023

At the start of 2023, consumers remain out in the cold when it comes to online protection. With more and more people working remotely, unsecured home or public WiFi networks represent a security risk not only to individuals but to their companies as well. Related: Leveraging employees as human sensors.

Risk 203

Risk Cybersecurity Antivirus Phishing 203

Tech Republic Security

DECEMBER 6, 2023

Based on the security researchers' analysis of the 2023 cyberthreat landscape, we highlight new or heightened risks.

Malware 211

Malware Ransomware Risk Cybersecurity 211

Security Boulevard

DECEMBER 30, 2024

In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission adopted new cybersecurity disclosure rules in July 2023, which took effect in September 2023, with compliance required by December 2023. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules.

Cybersecurity 85

Cybersecurity Cyber Risk CISO Risk 85