Schneier on Security
DECEMBER 19, 2023
There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are more nuanced , but there’s still a lot of confusion. It seems not to be true. Dropbox isn’t sharing all of your documents with OpenAI. But here’s the problem: we don’t trust OpenAI.
Krebs on Security
DECEMBER 19, 2023
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who con
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
DECEMBER 19, 2023
Australia is about to get a national online ID system — the Digital ID — which promises to improve the security and privacy of data online. However, concerns among Australians persist.
eSecurity Planet
DECEMBER 19, 2023
As 2023 draws to an end and cybersecurity budgeting is nearly complete, it helps to consider the year’s events and try to predict next year’s trends. After receiving input from industry experts and doing my own analysis of the year’s driving forces, I identified five major cybersecurity trends. We each need to consider how these trends may affect our organizations and allocate our budgets and resources accordingly: AI will turbo-charge cybersecurity and cyberthreats: Artificial intelligence (AI
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Tech Republic Security
DECEMBER 19, 2023
As the year comes to a close, Mac users should take these steps to ensure their device's security, performance and organization.
Bleeping Computer
DECEMBER 19, 2023
The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys. [.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 19, 2023
Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast’s Xfinity is notifying its customers about the compromise of their data in a cyberattack that involved the exploitation of the CitrixBleed flaw. CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966 , in Citrix NetScaler ADC (Application Delivery Controller) software.
Security Boulevard
DECEMBER 19, 2023
Our digital world never stands still. How we do business and interact with each other is evolving at a breakneck pace. We saw during the pandemic that digital transformation of all kinds can happen faster than we ever thought possible. It’s a thrilling time to work in cybersecurity, but new technology and unprecedented opportunities also present us with extraordinary challenges.
Security Affairs
DECEMBER 19, 2023
The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.
Security Boulevard
DECEMBER 19, 2023
Even though organizations are using AI-based coding, about the benefits and security fears of AI-based software development. The post AI Coding Tools: How to Address Security Issues appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Malwarebytes
DECEMBER 19, 2023
A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. has released more information on a recent breach. In a data breach notification , the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” For those unfamiliar with the name, Mr.
Security Boulevard
DECEMBER 19, 2023
The Play ransomware group, which was behind such high-profile attacks as those on the city of Oakland, California, and Dallas County, Texas, is behind at least 300 similar cyber-incidents since June 2022, according to government cybersecurity agencies in the United States and Australia. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, joined.
eSecurity Planet
DECEMBER 19, 2023
Infrastructure as a service security is a concept that assures the safety of organizations’ data, applications, and networks in the cloud. Understanding the risks, advantages, and best practices connected with IaaS security is becoming increasingly important as enterprises shift their infrastructure to the cloud. By exploring the top eight issues and preventative measures, as well as shedding light on the security benefits of IaaS, you can better secure your cloud security infrastructure.
Security Affairs
DECEMBER 19, 2023
By neglecting to set a password, a BMW dealer in India has jeopardized the entire network of car dealerships in the country and put its clients at risk. The Cybernews research team has discovered that the Bengaluru branch of BMW Kun Exclusive, a BMW dealership in India, has exposed sensitive data to the public. The data leak could have resulted in unauthorized access to sensitive clients’ and business data or even a full takeover of the BMW outlet’s internal systems by threat actors.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
The Hacker News
DECEMBER 19, 2023
Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace.
Security Affairs
DECEMBER 19, 2023
Smishing Triad: Researchers warn crooks impersonating UAE Federal Authority for Identity and citizenship ahead of the Holiday Season Resecurity, Inc. (USA) has identified a new fraudulent campaign by the Smishing Triad gang in which they are impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. This campaign involves malicious SMS/iMessage texts that pretend to be on behalf of the General Directorate of Residency and Foreigners Affairs, targeting digital identity
Security Boulevard
DECEMBER 19, 2023
As CMMC Final Rule approaches, one of the most common concerns defense contractors have is the cost of achieving compliance. CMMC will step up enforcement of the 110 NIST 800-171 controls, making compliance a prerequisite for continued work with the Department of Defense (DoD). In order to achieve certification, defense contractors will need to budget […] The post <span style="color:#f05f2a;">CMMC Enclaves:</span> What they are.<br/> How they help compliance. appeared fir
Graham Cluley
DECEMBER 19, 2023
Simon Whittaker, CEO of Vertical Structure, invited me onto the "CyberTuesday" show to share some stories and opinions from the world of cybersecurity. I couldn't resist also breaking into my Jason Statham impression at one point.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Bleeping Computer
DECEMBER 19, 2023
Microsoft has confirmed that some Windows 11 devices experience Wi-Fi connectivity issues after installing recent cumulative updates. [.
NetSpi Executives
DECEMBER 19, 2023
It’s a question older than the internet—do we optimize our existing tech stack or invest in new technology? The debate is as fresh today as ever, especially with the saturation of solutions promising to simplify security stacks. NetSPI Partners bring a fresh perspective to the lofty goal of simplifying detection and response outcomes by weighing in on the long-term effects of complexity, discussing when to optimize versus invest in technology, and explaining how automation can ease workflows and
GlobalSign
DECEMBER 19, 2023
DevOps teams are facing new challenges to securing their environments. Let’s explore how shift-left practices can address them.
Bleeping Computer
DECEMBER 19, 2023
A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data of over 50,000 users of 40 banks in North America, South America, Europe, and Japan. [.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
The Hacker News
DECEMBER 19, 2023
The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S.
CompTIA on Cybersecurity
DECEMBER 19, 2023
CompTIA has produced an abundance of YouTube content and we’ve rallied our top 10 videos of the year. Here are the Top 10 videos from the CompTIA Connect YouTube channel for 2023.
Bleeping Computer
DECEMBER 19, 2023
An international law enforcement operation codenamed 'Operation HAECHI IV' has led to the arrest of 3,500 suspects of various lower-tier cybercrimes and seized $300 million in illicit proceeds. [.
The Hacker News
DECEMBER 19, 2023
Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Digital Guardian
DECEMBER 19, 2023
Microsoft DLP, part of the larger Purview offering, can be a part of your organization's defensive strategy and complemented by Digital Guardian's enhanced offering.
Penetration Testing
DECEMBER 19, 2023
In light of a severe vulnerability discovered in Apache Struts, Cisco Systems has elucidated the impact on its products. The culprit, a path traversal vulnerability identified as CVE-2023-50164, has sent ripples through the cyber... The post Apache Struts (CVE-2023-50164) RCE Vulnerability Affects some Cisco Products appeared first on Penetration Testing.
We Live Security
DECEMBER 19, 2023
The H2 2023 issue of ESET Threat Report reviews the key trends and developments that shaped the threat landscape from June to Novembery 2023.
Penetration Testing
DECEMBER 19, 2023
A vulnerability has recently been identified in Apache Guacamole, an HTML5 web application that provides access to desktop environments using remote desktop protocols (such as VNC or RDP). Guacamole is also the project that... The post CVE-2023-43826: Integer Overflow in Apache Guacamole Opens Door to RCE appeared first on Penetration Testing.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Expert insights. Personalized for you.
289 
Let's personalize your content