Schneier on Security
AUGUST 14, 2024
Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN : In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle,” according to the AG’s statement.
Tech Republic Security
AUGUST 14, 2024
Cybersecurity professionals are experiencing high levels of stress, which can have both business and personal implications. Here’s how they can improve their mental health.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
AUGUST 14, 2024
This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is on the 24th. The list is maintained on this page.
Tech Republic Security
AUGUST 14, 2024
Patch Tuesday brought updates for 90 security vulnerabilities, including patching severe remote code execution vulnerabilities and closing some doors in Chromium.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
WIRED Threat Level
AUGUST 14, 2024
Researchers have discovered a way that would allow anyone with a few hundred dollars to hack into a wireless gear-shifting systems used by the top cycling teams for events like the Tour de France.
Tech Republic Security
AUGUST 14, 2024
CBA's x15ventures is transforming fintech AI with its Xccelerate program, boosting innovation and setting new industry benchmarks in AI technology.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
The Hacker News
AUGUST 14, 2024
A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations' cloud environments.
Security Affairs
AUGUST 14, 2024
SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-28986 (CVSS score 9.8), in SolarWinds’ Web Help Desk solution for customer support. The flaw is a Java deserialization issue that an attacker can exploit to run commands on a vulnerable host leading to remote code execution.
The Hacker News
AUGUST 14, 2024
A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S.
WIRED Threat Level
AUGUST 14, 2024
APT42, which is believed to work for Iran’s Revolutionary Guard Corps, targeted about a dozen people associated with both Trump’s and Biden’s campaigns this spring, according to Google’s Threat Analysis Group.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Hacker News
AUGUST 14, 2024
Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. This indicates that the "IoT botnet is targeting more robust servers running on cloud native environments," Aqua Security researcher Assaf Morag said in a Wednesday analysis.
Security Affairs
AUGUST 14, 2024
Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak of their personal information by the ThreeAM (3AM) ransomware gang. Kootenai Health is a healthcare organization based in Coeur d’Alene, Idaho. It is a regional medical center that provides a wide range of medical services, including emergency care, surgical services, cancer care, and specialized
The Hacker News
AUGUST 14, 2024
An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC.
Security Affairs
AUGUST 14, 2024
China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41 ) has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. Trend Micro researchers observed the APT targeting countries like Italy, Germany, UAE, and Qatar, and the group is suspected to have targeted also entities in Georgia and Romania.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Hacker News
AUGUST 14, 2024
A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim to steal sensitive data. The attack campaign, detected by NSFOCUS on July 1, 2024, leveraged spear-phishing emails to single out Azerbaijani and Israeli diplomats. The activity is being tracked under the moniker Actor240524.
Penetration Testing
AUGUST 14, 2024
MSI, a leading manufacturer of computer hardware, has recently disclosed a critical vulnerability, tracked as CVE-2024-36877, that affects a wide range of its motherboards. The vulnerability, residing in the System... The post CVE-2024-36877 in MSI Motherboards Opens Door to Code Execution Attacks, PoC Published appeared first on Cybersecurity News.
Malwarebytes
AUGUST 14, 2024
Things have changed in cybersecurity. Gone are the days when our only worry was downloading a virus. Now, 71% of people say having their data leaked and identity stolen is one of their biggest fears about being online. Sadly, they’re right to be concerned: Fraud losses hit $10 billion in 2023 (up 14% from 2022). But as the threats have evolved, so have we, and over the last year we’ve added products that protect your entire digital life.
Trend Micro
AUGUST 14, 2024
This is the first blog in a series on Rogue AI. Later articles will include technical guidance, case studies and more.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Malwarebytes
AUGUST 14, 2024
In what may come as a surprise to nobody at all, there’s been yet another complaint about using social media data to train Artificial Intelligence (AI). This time the complaint is against X (formerly Twitter) and Grok, the conversational AI chatbot developed by Elon Musk’s company xAI. Grok is a large language model (LLM) chatbot able to generate text and engage in conversations with users.
WIRED Threat Level
AUGUST 14, 2024
Security researchers say they’ve extracted digital management keys from select electronic lockers and revealed how they could be cloned.
Penetration Testing
AUGUST 14, 2024
For a long time, the iPhone’s NFC functionality was limited to Apple’s own Apple Pay for near-field communication payments. This restriction led to multiple complaints against Apple in the European... The post Apple Breaks the Mold: iPhone NFC Opens to Third-Party Payments appeared first on Cybersecurity News.
Security Boulevard
AUGUST 14, 2024
See These CVEs: Patch Tuesday—ten zero-days, seven Critical vulns, zero time to waste. The post August Patch Pileup: Microsoft’s Zero-Day Doozy Dump appeared first on Security Boulevard.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Penetration Testing
AUGUST 14, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory detailing multiple critical vulnerabilities discovered in Vonets WiFi Bridge devices. These vulnerabilities, which could allow attackers to execute... The post CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available appeared first on Cybersecurity News.
Security Boulevard
AUGUST 14, 2024
Rather than rely only on GitOps, teams should first implement AI and analytics capabilities to reduce human configuration security errors. The post Will GitOps Solve Configuration Security Issues? appeared first on Security Boulevard.
Graham Cluley
AUGUST 14, 2024
An investigation dating back almost ten years has seen the extradition this week to the United States of a man suspected to be the head of one the world's most prolific Russian-speaking cybercriminal gangs. The UK's National Crime Agency (NCA) says it has been investigating a cybercriminal using the online handle "J P Morgan" since 2015, alongside parallel investigations run by the United States FBI and Secret Service.
Security Boulevard
AUGUST 14, 2024
By pushing past the hurdles that can make threat modeling challenging, business leaders can take full advantage of threat models to give their organizations a leg up in the battle against cyberattacks. The post Putting Threat Modeling Into Practice: A Guide for Business Leaders appeared first on Security Boulevard.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Graham Cluley
AUGUST 14, 2024
Scammers are once again using deepfake technology to dupe unwary internet Facebook and Instagram users into making unwise cryptocurrency investments. AI-generated videos promoting fraudulent cryptocurrency trading platform Immediate Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to reach an estimated 890,000 people via Meta's social media platforms.
Security Boulevard
AUGUST 14, 2024
DigiCert today announced it is acquiring Vercara, a provider of Domain Name System (DNS) and distributed denial-of-service (DDoS) security services delivered via the cloud. The post DigiCert Acquires Vercara to Extend Cybersecurity Services appeared first on Security Boulevard.
eSecurity Planet
AUGUST 14, 2024
OpenVPN has long been a popular choice for creating secure point-to-point or site-to-site connections over the internet. Its open-source nature and robust encryption capabilities have made it a staple in many organizations’ and individuals’ security arsenals. However, a recent discovery by Microsoft researchers has unveiled a critical flaw in this widely trusted software.
Security Boulevard
AUGUST 14, 2024
As data protection laws take hold across the world and the consequences of data loss become more severe, let’s take a closer look at the transformative potential that LLMs bring to the table. The post How LLMs are Revolutionizing Data Loss Prevention appeared first on Security Boulevard.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Expert insights. Personalized for you.
298 
Let's personalize your content