QNAP Rushes Patch for Code Execution Flaw in NAS Devices
QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability. The post appeared first on .
21-05-2024 15:59

Zoom Adding Post-Quantum End-to-End Encryption to Products
Zoom is announcing post-quantum end-to-end encryption on Meetings, with Phone and Rooms coming soon.  The post appeared first on .
21-05-2024 13:00

Insider Q&A: CIA’s Chief Technologist’s Cautious Embrace of Generative AI
CIA Director William Burns says AI tech will augment humans, not replace them. The agency’s first chief technology officer, Nand Mulchandani, is marshaling the tools. The post appeared first on .
21-05-2024 11:17

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw
CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.  The post appeared first on .
21-05-2024 10:58

How to Install a VPN on Your Router
Trying to figure out how to install a VPN on your router? Read our step-by-step guide to help you get started.
21-05-2024 10:34

EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems
The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act. The post appeared first on .
21-05-2024 10:25

OmniVision Says Personal Information Stolen in Ransomware Attack
Semiconductor giant OmniVision Technologies says personal information was stolen in a September 2023 ransomware attack. The post appeared first on .
21-05-2024 09:35

Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft
Google is invoking the 'monoculture' word in response to a scathing U.S. government report on Microsoft's inadequate cybersecurity practices. The post appeared first on .
20-05-2024 18:17

Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies
Linguistic Lumberjack (CVE-2024-4323) is a critical vulnerability in the Fluent Bit logging utility that can allow DoS, information disclosure and possibly RCE. The post appeared first on .
20-05-2024 15:00

Top ITSM Certifications for 2024
Learn about ITSM certifications and which ones are most important for various roles within the technology sector.
20-05-2024 13:00

CyberArk to Acquire Machine Identity Firm Venafi for $1.54 Billion
CyberArk agreed to acquire machine identity management Venafi from Thoma Bravo for $1.54 billion. The post appeared first on .
20-05-2024 13:00

Eric Goldstein Leaving CISA for Private Sector Role
CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years. The post appeared first on .
20-05-2024 12:32

2.4 Million Impacted by WebTPA Data Breach
Health insurance firm WebTPA says the personal information of 2.4 million individuals was compromised in a data breach. The post appeared first on .
20-05-2024 12:01

The 5 Best Encryption Key Management Software for 2024
What is the best encryption key management software for your business? Use our guide to compare the features of our top picks.
20-05-2024 12:00

Cybersecurity M&A Roundup for First Half of May 2024
Roundup of the cybersecurity-related merger and acquisition (M&A) deals announced in the first half of May 2024. The post appeared first on .
20-05-2024 11:46

Start-Ups: 10 Tips for Navigating the Headwinds Against High-Growth
These strategies can help cybersecurity startups navigate the current market dynamics, focusing on modern buyer behavior, updated KPIs, brand awareness, and effective sales and marketing alignment. The post appeared first on .
20-05-2024 11:02

MediSecure Data Breach Impacts Patient and Healthcare Provider Information 
MediSecure says data related to prescriptions distributed until November 2023 was compromised in a ransomware attack. The post appeared first on .
20-05-2024 10:48

American Radio Relay League Hit by Cyberattack
The American Radio Relay League (ARRL) has been targeted in a cyberattack that resulted in disruption and possibly a data breach. The post appeared first on .
20-05-2024 10:35

Antivirus Policy
Antivirus software is critical to ensure information security of organizational networks and resources. By establishing an antivirus policy, organizations can quickly identify and address malware and virus threats, as well as detect and appropriately res
19-05-2024 16:00

A Former OpenAI Leader Says Safety Has ‘Taken a Backseat to Shiny Products’ at the AI Company
Jan Leike, who ran OpenAI’s “Super Alignment” team believes there should be more focus on preparing for the next generation of AI models, including on things like safety The post appeared first on .
17-05-2024 18:54

User Outcry as Slack Scrapes Customer Data for AI Model Training
Slack reveals it has been training AI/ML models on customer data, including messages, files and usage information. It's opt-in by default. The post appeared first on .
17-05-2024 16:43

The who, where, and how of APT attacks – Week in security with Tony Anscombe
This week, ESET experts released several research publications that shine the spotlight on a number of notable campaigns and broader developments on the threat landscape
17-05-2024 16:09

In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack
Noteworthy stories that might have slipped under the radar: FBI is targeting Scattered Spider, Australia’s MediSecure hacked, new Wi-Fi attack. The post appeared first on .
17-05-2024 14:22

Black Basta Ransomware Struck More Than 500 Organizations Worldwide
Read about Black Basta ransomware’s impact and how to mitigate it. Plus, learn about recent ransomware trends.
17-05-2024 13:00

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products
CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw. The post appeared first on .
17-05-2024 12:52

Critical Flaw in AI Python Package Can Lead to System and Data Compromise
A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers. The post appeared first on .
17-05-2024 12:43

Get on Cybersecurity Certification Track With $145 Off These Courses
This $50 bundle can get you five courses to enable you to earn CompTIA, NIST and more leading cybersecurity certifications that will help you build a career.
17-05-2024 11:00

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data
The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages. The post appeared first on .
17-05-2024 10:57

Microsoft Quick Assist Tool Abused for Ransomware Delivery
The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment. The post appeared first on .
17-05-2024 10:47

Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms
The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme that generates revenue for North Korea. The post appeared first on .
17-05-2024 09:21

C/side Emerges From Stealth Mode With $1.7 Million Investment
C/side has emerged from stealth mode with $1.7 million in pre-seed funding from Scribble Ventures and angel investors The post appeared first on .
17-05-2024 09:02

Restore Damaged Files & Save Your Business for Only $50
Regardless of how badly your files, or their formats, are damaged, EaseUS Fixo can restore your office files, videos and photos, even in batches. Get a lifetime subscription for $49.99 at TechRepublic Academy.
17-05-2024 08:08

Alkira Raises $100 Million for Secure Network Infrastructure Platform
Network infrastructure as-a-service Alkira has raised $100 million in a Series C funding round led by Tiger Global Management. The post appeared first on .
16-05-2024 14:45

Legacy of Wisdom: Security Lessons Inspired by My Father
Honoring my father by translating his timeless life lessons into practical wisdom for the cybersecurity profession. The post appeared first on .
16-05-2024 13:37

Nissan Data Breach Impacts 53,000 Employees
Nissan North America determined recently that a ransomware attack launched last year resulted in employee personal information compromise. The post appeared first on .
16-05-2024 13:26

Cisco’s Splunk Acquisition Should Help Security Pros See Threats Sooner in Australia and New Zealand
Cisco’s Splunk acquisition was finalised in March 2024. Splunk’s Craig Bates says the combined offering could enhance observability and put data to work for security professionals in an age of AI threat defence.
16-05-2024 13:23

Android 15 Brings Improved Fraud and Malware Protections
Google is boosting fraud and malware protections in Android 15 with live threat detection and expanded restricted settings. The post appeared first on .
16-05-2024 11:09

Personal Information Stolen in City of Wichita Ransomware Attack
The City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack. The post appeared first on .
16-05-2024 10:56

Palo Alto Networks Announces Major Cybersecurity Partnership With IBM, Acquires QRadar SaaS Assets 
Palo Alto Networks and IBM announced a significant partnership to jointly provide cybersecurity solutions. The post appeared first on .
16-05-2024 10:15

Does a VPN Slow Down Your Internet Speed?
Can a VPN slow down your internet? Find out how VPNs can impact your internet speed with our article.
16-05-2024 10:09

Third Chrome Zero-Day Patched by Google Within One Week
Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day. The post appeared first on .
16-05-2024 08:36

BreachForums Shut Down in Apparent Law Enforcement Operation
The hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI. The post appeared first on .
16-05-2024 06:55

In First AI Dialogue, US Cites ‘Misuse’ of AI by China, Beijing Protests Washington’s Restrictions
China advocates for the United Nations to take a leading role in the global governance of AI, a move that could sideline the U.S. The post appeared first on .
16-05-2024 02:06

Thoma Bravo-Owned LogRhythm Announces Merger With Rival Exabeam 
Financial terms were not released but the price tag is expected to be hefty with Exabeam’s most recent valuation pegged at $2.5 billion. The post appeared first on .
15-05-2024 17:45

Santander Data Breach Impacts Customers, Employees
The Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider. The post appeared first on .
15-05-2024 12:15

400,000 Linux Servers Hit by Ebury Botnet 
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected. The post appeared first on .
15-05-2024 11:23

How to Set Up & Use a VPN on Android (A Step-by-Step Guide)
Trying to configure or set up a VPN on your Android? Learn how to get started with our step-by-step guide.
15-05-2024 11:10

900k Impacted by Data Breach at Mississippi Healthcare Provider
Singing River Health System says the personal information of roughly 900,000 individuals was stolen in an August 2023 ransomware attack. The post appeared first on .
15-05-2024 11:04

Unwanted Tracking Alerts Rolling Out to iOS, Android
Apple and Google have rolled out a new mobile feature that warns users of unwanted trackers moving with them. The post appeared first on .
15-05-2024 10:43

Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review
The group recommends that Congress draft emergency spending legislation to boost U.S. investments in artificial intelligence, including new R&D and testing standards to understand the technology's potential harms. The post appeared first on .
15-05-2024 10:01

ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric
Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products.  The post appeared first on .
15-05-2024 09:58

To the Moon and back(doors): Lunar landing in diplomatic missions
ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs
15-05-2024 09:15

Vermont Legislature Passes One of the Strongest Data Privacy Measures in the Country
Vermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information. The post appeared first on .
15-05-2024 02:05

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities
Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. The post appeared first on .
14-05-2024 18:28

Adobe Patches Critical Flaws in Reader, Acrobat
Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. The post appeared first on .
14-05-2024 17:05

7 Best Cloud Security Posture Management (CSPM) Tools for 2024
What is the best CSPM tool for your business? Use our guide to review our picks for the best cloud security posture management (CSPM) tools.
14-05-2024 15:00

SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver
SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day. The post appeared first on .
14-05-2024 13:53

VMware Patches Vulnerabilities Exploited at Pwn2Own 2024
VMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition. The post appeared first on .
14-05-2024 13:22

Hacker Conversations: Ron Reiter, and the Making of a Professional Hacker
Ron Reiter was a childhood hacker in Israel. He was recruited into the IDF’s elite Unit 8200 for his military service. Now he is CTO and co-founder of cybersecurity firm Sentra. The post appeared first on .
14-05-2024 13:05

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. The post appeared first on .
14-05-2024 11:44

Google Patches Second Chrome Zero-Day in One Week
Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week. The post appeared first on .
14-05-2024 11:35

Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft
14-05-2024 10:50

Student, Personnel Information Stolen in City of Helsinki Cyberattack
The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack. The post appeared first on .
14-05-2024 10:42

ESET APT Activity Report Q4 2023–Q1 2024
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2023 and Q1 2024
14-05-2024 10:41

MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure. The post appeared first on .
14-05-2024 09:57

FCC Warns of ‘Royal Tiger’ Robocall Scammers
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor. The post appeared first on .
14-05-2024 09:40

Zscaler Confirms Only Isolated Test Server Was Hacked
Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised. The post appeared first on .
14-05-2024 07:15

Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS
Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS. The post appeared first on .
13-05-2024 19:39

Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics
AI PCs could soon see organisations invest in whole fleets of new managed devices, but Absolute Security data shows they are failing to maintain endpoint protection and patching the devices they have.
13-05-2024 19:02

What Is the Dark Web?
The negative press, coupled with YouTube horror stories, has cemented the Dark Web’s reputation for illicit behavior. Today, the Dark Web is believed to be a platform where cybercriminals sell drugs, weapons, malicious software and piles of consumer and
13-05-2024 16:00

Quick Glossary: DevSecOps
The way software is developed has changed. DevSecOps is transforming the industry by incorporating security from the early stages and automating traditional processes to build better, faster and more secure software. Ray Fernandez, writing for TechRepubl
13-05-2024 16:00

The 6 Best Encryption Software Choices for 2024
This is a comprehensive list of best encryption software and tools, covering their features, pricing and more. Use this guide to determine your best fit.
13-05-2024 14:50

Black Basta Ransomware Hit Over 500 Organizations
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations. The post appeared first on .
13-05-2024 10:52

FBCS Collection Agency Data Breach Impacts 2.7 Million
Financial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach. The post appeared first on .
13-05-2024 09:50

$2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest 
The Chinese hacking contest Matrix Cup is offering big rewards for exploits targeting OSs, smartphones, enterprise software, browsers, and security products. The post appeared first on .
13-05-2024 09:43

How to talk about climate change – and what motivates people to action: An interview with Katharine Hayhoe
We spoke to climate scientist Katharine Hayhoe about climate change, faith and psychology – and ways to channel anxiety about the state of our planet into meaningful action
10-05-2024 19:44

In it to win it! WeLiveSecurity shortlisted for European Cybersecurity Blogger Awards
We’re thrilled to announce that WeLiveSecurity has been named a finalist in the Corporates – Best Cybersecurity Vendor Blog category of the European Cybersecurity Blogger Awards 2024
10-05-2024 17:36

In it to win it! WeLiveSecurity shortlisted for European Security Blogger Awards
We’re thrilled to announce that WeLiveSecurity has been named a finalist in the Corporates – Best Cybersecurity Vendor Blog category of the European Security Blogger Awards 2024
10-05-2024 17:36

Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
One of the largest healthcare systems in the United States is scrambling to contain a hack that's causing disruption and “downtime procedures” at hospitals around the country. The post appeared first on .
10-05-2024 13:33

How Can Businesses Defend Themselves Against Common Cyberthreats?
TechRepublic consolidated expert advice on how businesses can defend themselves against the most common cyberthreats, including zero-days, ransomware and deepfakes.
10-05-2024 13:00

In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved
Noteworthy stories that might have slipped under the radar: European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom portal.  The post appeared first on .
10-05-2024 12:02

It's a wrap! RSA Conference 2024 highlights – Week in security with Tony Anscombe
More than 40,000 security experts descended on San Francisco this week. Let's now look back on some of the event's highlights – including the CISA-led 'Secure by Design' pledge also signed by ESET.
10-05-2024 11:46

Exploited Chrome Zero-Day Patched by Google
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024. The post appeared first on .
10-05-2024 11:29

Develop Valuable Cyber Security Skills Over a Lifetime for Only $56
Not only do you get access to over 90 courses, but also career mentoring, skills evaluation, training on real cyber security projects, and much more.
10-05-2024 09:48

500,000 Impacted by Ohio Lottery Ransomware Attack
The Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals. The post appeared first on .
10-05-2024 09:37

RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco. The post appeared first on .
10-05-2024 08:34

Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity
Accenture Federal Services wins $789 million U.S. Navy SHARKCAGE cybersecurity contract. The post appeared first on .
09-05-2024 19:26

RSA Conference 2024: AI hype overload
Can AI effortlessly thwart all sorts of cyberattacks? Let’s cut through the hyperbole surrounding the tech and look at its actual strengths and limitations.
09-05-2024 18:41

Dell Says Customer Names, Addresses Stolen in Database Breach
Tech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident. The post appeared first on .
09-05-2024 17:04

Criminal Use of AI Growing, But Lags Behind Defenders
When not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems. The post appeared first on .
09-05-2024 14:48

LockBit Takes Credit for City of Wichita Ransomware Attack
The LockBit cybercrime group has taken credit for the recent ransomware attack that disrupted City of Wichita systems. The post appeared first on .
09-05-2024 13:31

Upgrade Your Cybersecurity With This VPN That’s Only $70 for Three Years
Windscribe VPN gives you tools to block ads, create a safe hotspot, spoof your location, and more for the 3 years for the best price online.
09-05-2024 13:00

CISA Announces CVE Enrichment Project ‘Vulnrichment’
CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes. The post appeared first on .
09-05-2024 12:26

BetterHelp Customers Begin Receiving Refund Notices From $7.8M Data Privacy Settlement, FTC Says
BetterHelp customers have started receiving refund notices from a $7.8 million data privacy settlement, the FTC says. The post appeared first on .
09-05-2024 11:40

F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager
F5 has patched two potentially serious vulnerabilities in BIG-IP Next that could allow an attacker to take full control of a device. The post appeared first on .
09-05-2024 09:57

RSA Conference 2024 – Announcements Summary (Day 3)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco. The post appeared first on .
09-05-2024 08:40

Zscaler Investigates Hacking Claims After Data Offered for Sale
Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access. The post appeared first on .
09-05-2024 07:34

Token Security Raises $7 Million Seed Funding for Machine-First Identity Security
Tel Aviv-based firm emerged from stealth with $7 million seed funding led by TLV Partners with participation from SNR and angel investors. The post appeared first on .
08-05-2024 18:04

Shields Up: How to Minimize Ransomware Exposure
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response. The post appeared first on .
08-05-2024 17:16

Data Classification Policy
In many ways, data has become the primary currency of modern organizations. It doesn’t matter whether you are a large business enterprise, SMB, government or non-profit, the collection, management, protection and analysis of data is a determining factor
08-05-2024 16:00

source : hackernews, securityweek, techrepublicsecurity, welivesecurity



Ads