A third-party vendor of 3CX, a popular Voice over Internet Protocol (VoIP) comms provider, left an open server and exposed sensitive 3CX data. The issue went under the company’s radar, even though it was recently targeted by North Korean hackers.…
DOJ launches cyber unit with national security focus as China, Russia threats mount
The unit will focus on "nation-state threat actors," as concerns over Chinese espionage and Russia-linked ransomware grow steadily. This article has been indexed from Cybersecurity Read the original article: DOJ launches cyber unit with national security focus as China, Russia…
An Analyst View of Gartner Security & Risk Management Summit 2023
As a former Gartner analyst, it was interesting to be on the other side, listening as others explored the impact of CEO and CIO priorities on security. This article has been indexed from Dark Reading Read the original article: An…
IT Security News Daily Summary 2023-06-20
Passwords out, passkeys in: are you ready to make the switch? Netskope Enables Secure Enterprise Use of ChatGPT and Generative AI Applications Cymulate Announces Security Analytics for Continuous Threat Exposure Management eSentire’s AI Investigator Chatbot Aids Human Response to Security…
Passwords out, passkeys in: are you ready to make the switch?
With passkeys poised for prime time, passwords seem passé. What are the main benefits of ditching one in favor of the other? The post Passwords out, passkeys in: are you ready to make the switch? appeared first on WeLiveSecurity This…
Netskope Enables Secure Enterprise Use of ChatGPT and Generative AI Applications
ChatGPT usage growing 25% monthly in enterprises, prompting key decisions to block or enable based on security, productivity concerns. This article has been indexed from Dark Reading Read the original article: Netskope Enables Secure Enterprise Use of ChatGPT and Generative…
Cymulate Announces Security Analytics for Continuous Threat Exposure Management
New product provides customers with an attacker’s view of their cyber resilience aligned to business context. This article has been indexed from Dark Reading Read the original article: Cymulate Announces Security Analytics for Continuous Threat Exposure Management
eSentire’s AI Investigator Chatbot Aids Human Response to Security Incidents
The tool trained on the company’s investigative cybersecurity services data set, and provides natural language responses to client queries, to improve response and remediation efforts. This article has been indexed from Dark Reading Read the original article: eSentire’s AI Investigator…
Vacant White House cyber post draws concern amid global software breach
In the aftermath of a global cyberattack exposing personal data on millions of Americans, calls are growing for the White House to fill the top slot at the Office of the National Cyber Director. This article has been indexed from…
Mayors: There’s a mental health crisis in every city
It is causing drug overdoses and homelessness in cities across America. But with the debt deal to freeze spending, it is uncertain whether federal help is coming. This article has been indexed from GCN – All Content Read the original…
Oreo cookie maker says crooks gobbled up staff info
50K-plus employees’ personal info swiped after law firm rolled Mondelez International has warned 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker giant.… This…
Jordanian Cyber Leaders Kick Off Cybersecurity Framework Development
The nation of Jordan begins work on a national cybersecurity framework to align with international practices and better mitigate threats. This article has been indexed from Dark Reading Read the original article: Jordanian Cyber Leaders Kick Off Cybersecurity Framework Development
100K+ Infected Devices Leak ChatGPT Accounts to the Dark Web
Infostealers are as alive as ever, wantonly sweeping up whatever business data might be of use to cybercriminals, including OpenAI credentials. This article has been indexed from Dark Reading Read the original article: 100K+ Infected Devices Leak ChatGPT Accounts to…
NineID Raises $2.6M to Build a Secure Bridge Between the Digital and Physical Worlds of Corporate Security
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: NineID Raises $2.6M to Build a Secure Bridge Between the Digital…
New Tsunami botnet targets Linux SSH servers
Researchers warn of an ongoing Tsunami DDoS botnet campaign targeting inadequately protected Linux SSH servers. Researchers from AhnLab Security Emergency response Center (ASEC) have uncovered an ongoing hacking campaign, aimed at poorly protected Linux SSH servers, to install the Tsunami…
Modern Access Control Explained
There is a lot of confusion around modern authorization. In this post, I lay out the differences between authentication and authorization and review the evolving challenge of application authorization. I then describe the two approaches to cloud-native access control and…
How to Get Started With Istio in Kubernetes in 5 Steps
Applications nowadays are distributed as microservices all over the cloud. Organizations use Kubernetes to manage these applications at scale, which has brought great flexibility and agility for development teams. However, microservices and multicloud applications have given rise to new challenges.…
Bipartisan bill proposes blue-ribbon panel to address AI risks, regulations
Rep. Ted Lieu, D-Calif., is leading the effort to give Congress the expertise it needs to understand and possibly regulate the risks posed by artificial intelligence. This article has been indexed from FCW – All Content Read the original article:…
Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps
Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits. The post Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps appeared first on SecurityWeek. This article has been indexed from…
Going On the Defensive: Turning the Tide on The Cybersecurity Vulnerabilities Of Smart Home Devices With Value-Added Services
By Craig Thole, SVP, Product Development and Operations at Assurant, Inc. While the rise of internet-enabled smart home devices generates the opportunity to create an advanced, intuitive smart home ecosystem, […] The post Going On the Defensive: Turning the Tide…
Communicating Cyber Risk
CISOs struggle with the board amidst an economic downturn. By Tim Fleming, Strategic Advisor, Silverfort Cyber risk is now nailed firmly to the board table. A seemingly never-ending procession of […] The post Communicating Cyber Risk appeared first on Cyber…
Data Governance – Data Privacy and Security – Part 1
In every organization, there may be multiple source systems for various needs. Depending on how big the organization is, the source systems may vary from one to more than 1,000. Organizations often centralize their data in one place, integrate it,…
Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric. The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors. “OT:ICEFALL demonstrates the…
Passwordless security gains ground for authentication
Government mandates on passwords and shifting authentication policy could accelerate the adoption of smartphone-enabled passkeys. This article has been indexed from GCN – All Content Read the original article: Passwordless security gains ground for authentication
Fresh Ransomware Gangs Emerge As Market Leaders Decline
The ransomware landscape is energized with the emergence of smaller groups and new tactics, while established gangs like LockBit see fewer victims. This article has been indexed from Dark Reading Read the original article: Fresh Ransomware Gangs Emerge As Market…
BlackCat Ransomware Group Claims to Have Stolen 80GB of Data from Reddit
The BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80GB of data from Reddit in a February cyberattack. Back in February, the social news aggregation platform Reddit experienced a security breach in which threat actors gained unauthorized…
Reddit confirms BlackCat gang pinched some data
Crooks demand $4.5m to keep ’80GB’ of corp info private – and no API price hikes Reddit this week confirmed ransomware gang BlackCat, aka AlphaV, broke into its corporate systems in February.… This article has been indexed from The Register…