The Last Watchdog

SEPTEMBER 24, 2024

Ever since the massive National Public Data (NPD) breach was disclosed a few weeks ago, news sources have reported an increased interest in online credit bureaus, and there has been an apparent upswing in onboarding of new subscribers. Related: Class-action lawsuits pile up in wake of NPD hack So what’s the connection? NPD reported the exposure of over 2.7 billion records.

Authentication 149

Authentication Identity Theft Banking Data breaches 149

Tech Republic Security

SEPTEMBER 24, 2024

The Secure Future Initiative was created around the same time the U.S. Cyber Safety Review Board chided Redmond for having a poor security culture.

Engineering 102

Engineering Cybersecurity Data breaches 102

The Hacker News

SEPTEMBER 24, 2024

Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover (DTO) and perform fraudulent transactions.

Banking 107

Banking Malware Cybersecurity 107

Security Boulevard

SEPTEMBER 24, 2024

The personal information of almost 3,200 Capitol Hill staffers, including passwords and IP addresses, were leaked on the dark web by an unidentified bad actor after some victims used their work email addresses to sign up for online services, according to reports. The post Congressional Staffers’ Data Leaked on Dark Web: Report appeared first on Security Boulevard.

Passwords 99

Passwords Data breaches Mobile Cybersecurity 99

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Tech Republic Security

SEPTEMBER 24, 2024

Implementing multi-factor authentication, supplier risk-management frameworks, and staff security training could help to reduce data breaches.

Data breaches 94

Data breaches Authentication Risk Cyber Attacks 94

Security Boulevard

SEPTEMBER 24, 2024

In what has become an annual ritual between Silicon Valley and the Beltway, a House subcommittee pressed a tech company over a glitch. And the company promised to do better. During a hearing Tuesday, federal lawmakers reacted with measured outrage at CrowdStrike Inc.’s software outage that wreaked havoc with key sectors of the global digital. The post CrowdStrike Gets Grilled By U.S.

Software 98

Software Cybersecurity Network Security 98

Security Affairs

SEPTEMBER 24, 2024

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware. The AI-generated malware was discovered in June 2024, the phishing message used an invoice-themed lure and an encrypted HTML attachment, utilizing HTML smuggling to avoid detection.

Artificial Intelligence 84

Artificial Intelligence Phishing Malware Encryption 84

The Hacker News

SEPTEMBER 24, 2024

The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China (PRC) and Russia.

Software 92

Software 92

Graham Cluley

SEPTEMBER 24, 2024

A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. In recent days Valencia Ransomware has posted on its dark web leak site's so-called "Wall of shame" links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer.

Ransomware 79

Ransomware Manufacturing Data breaches Malware 79

The Hacker News

SEPTEMBER 24, 2024

Antivirus vendor Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024, ahead of its formal exit at the end of the month. "Kaspersky antivirus customers received a software update facilitating the transition to UltraAV," the company said in a post announcing the move on September 21.

Software 91

Software Antivirus 91

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Zero Day

SEPTEMBER 24, 2024

The $149 Nothing Open earbuds have quickly become my favorite for exercise, thanks to their lightweight fit and great sound.

94

94

The Hacker News

SEPTEMBER 24, 2024

SaaS applications contain a wealth of sensitive data and are central to business operations. Despite this, far too many organizations rely on half measures and hope their SaaS stack will remain secure. Unfortunately, this approach is lacking and will leave security teams blind to threat prevention and detection, as well as open to regulatory violations, data leaks, and significant breaches.

87

87

Security Affairs

SEPTEMBER 24, 2024

American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its service outage. American interstate and international peer-to-peer payments and money transfer company MoneyGram confirmed that its services are currently unavailable due to a cyberattack. On September 22, the company informed its customers that it was experiencing a network outage impacting connectivity to a number of our systems.

Hacking 77

Hacking Ransomware Cybersecurity Information Security 77

Zero Day

SEPTEMBER 24, 2024

Along with making tools easier to access, Google is introducing new editing tools to save you time and effort while you create 'stunning' clips.

86

86

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Penetration Testing

SEPTEMBER 24, 2024

pgAdmin, the leading open-source management tool for PostgreSQL databases, has released an urgent security update to address a critical vulnerability affecting versions 8.11 and earlier. This flaw, identified as CVE-2024-9014... The post CVE-2024-9014 (CVSS 9.9): pgAdmin’s Critical Vulnerability Puts User Data at Risk appeared first on Cybersecurity News.

Risk 75

Risk Cybersecurity 75

WIRED Threat Level

SEPTEMBER 24, 2024

The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world.

Media 73

Media Government 73

Security Boulevard

SEPTEMBER 24, 2024

Microsoft outlined steps it's taken over the past year under its Security Future Initiative, which was launched late last year in the wake of a high-profile attack by Chinese attackers and only months before another serious breach by a Russia-link threat group. The post Microsoft Pushes Governance, Sheds Unused Apps in Security Push appeared first on Security Boulevard.

Government 73

Government Security Awareness Mobile Risk 73

Graham Cluley

SEPTEMBER 24, 2024

Two men have been arrested by the FBI and charged in relation to their alleged involvement in a scam which saw almost a quarter of a billion dollars worth of cryptocurrency stolen from a single victim. Two men arrested one month after $230 million of cryptocurrency stolen from a single victim. The men were allegedly less than careful hiding their behaviour - spending $500,000 a night in nightclubs, buying hundreds of bottles of champagne, gifting designer handbags (and even a pink Lamborgini) to

Cryptocurrency 73

Cryptocurrency Scams 73

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Zero Day

SEPTEMBER 24, 2024

NixOS is a rock-solid OS with a unique approach and an array of functionalities -- despite a bit of a learning curve.

93

93

SecureList

SEPTEMBER 24, 2024

Web tracking has become a pervasive aspect of our online experience. Whether we’re browsing social media, playing video games, shopping for products, or simply reading news articles, trackers are silently monitoring our online behavior, fueling the ceaseless hum of countless data centers worldwide. In this article, we’re going to explore various types of web trackers and present a detailed annual report that dissects their geographical distribution and organizational affiliations.

Advertising 71

Advertising Technology Marketing Media 71

Security Boulevard

SEPTEMBER 24, 2024

In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the well-known Log4Shell vulnerability as an example.

Technology 70

Technology Cyber threats 70

Heimadal Security

SEPTEMBER 24, 2024

Although job platforms and social networking sites work hard to combat fake listings, scammers consistently find new ways to bypass security measures. These fraudulent listings often go public, putting job seekers at serious risk. We reviewed 2,670 posts and comments from individuals who shared their experiences with employment scams on social media platforms throughout 2023 […] The post We analyzed 2,670 posts and comments from social media platforms.

Media 69

Media Scams Risk Cybersecurity 69

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

BH Consulting

SEPTEMBER 24, 2024

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. NIS2 in the nick of time The Irish Government has published the Heads of Bill for the NIS2 Directive (the Network and Information Security Directive EU 2022/2555, to give its full name). The National Cyber Security Bill 2024 is the legislative vehicle for transposing NIS2 into Irish law.

Energy and Utilities 69

Energy and Utilities Penetration Testing Banking Spyware 69

Security Boulevard

SEPTEMBER 24, 2024

With rapid advancements in technology, threat actor attack methodologies are now evolving at an unprecedented pace. Cybersecurity experts have recently warned of online HTTP headers phishing campaigns that are being launched to steal credentials. In this article, we’ll take a detailed look at these credential harvesting attacks and uncover tools being used.

Phishing 67

Phishing Technology Cybersecurity Scams 67

Penetration Testing

SEPTEMBER 24, 2024

In a recently uncovered report by Trend Micro, the notorious RansomHub ransomware group has been found to leverage a powerful new tool, EDRKillShifter, to disable endpoint detection and response (EDR)... The post RansomHub’s EDR-Killer: How Zerologon and EDRKillShifter Exploit Networks Without Detection appeared first on Cybersecurity News.

Ransomware 66

Ransomware Cybersecurity Malware 66

Zero Day

SEPTEMBER 24, 2024

The once venerable x86 chip has been pushed aside by scalable, energy-efficient, AI-optimized architectures from Arm, Nvidia, and Qualcomm. Here's what happens next.

Architecture 97

Architecture 97

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Penetration Testing

SEPTEMBER 24, 2024

In a concerning development for cybersecurity, developers of several notorious infostealers have announced that they have successfully bypassed Chrome’s App-Bound Encryption feature introduced in version 127. This advancement enables these... The post Infostealers Overcome Chrome’s App-Bound Encryption, Threatening User Data Security appeared first on Cybersecurity News.

Encryption 66

Encryption Cybersecurity Malware 66

The Hacker News

SEPTEMBER 24, 2024

Ransomware is no longer just a threat; it's an entire industry. Cybercriminals are growing more sophisticated, and their tactics are evolving rapidly. This persistent danger is a major concern for business leaders. But there's good news: you don't have to be defenseless. What if you could gain a strategic edge?

Ransomware 67

Ransomware 67

Graham Cluley

SEPTEMBER 24, 2024

In episode 17 of The AI Fix, our hosts meet the worst newsreaders in the world, Graham learns about Big Trak and is shocked by a food delivery robot, Mark explains why he won't be dressing as a pirate, ChatGPT angelically removes a peanut butter sandwich from a VCR, and everyone thinks they've got Ebola. Graham explains how his career in fashion came to an end, LinkedIn morphs into a feather-duster-wielding polyphase avatron with an insatiable appetite for B2B sales, and Mark delves into the int

B2B 71

B2B Artificial Intelligence 71

Zero Day

SEPTEMBER 24, 2024

Adding more utility, better cameras, and color may just be enough to cover the standard iPhone 16's shortcomings.

84

84

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity