Canonical released Ubuntu 24.10 Oracular Oriole, which brings notable advancements, including an updated kernel, new toolchains, and the GNOME 47 desktop environment, along with significant enhancements in software security. “Oracular Oriole sets a new pace for delivering the latest upstream…
Category: EN
New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution
GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the…
What is Digital Assurance and Why It’s Crucial in Today’s Business Landscape
Today’s businesses must navigate evolving technologies, customer expectations, and security threats. Digital assurance is emerging as a pillar of this transformation, ensuring that enterprises can mitigate risks, deliver reliable systems, and create long-term business value. Digital assurance is a key…
News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability
Austin, TX, Oct. 10th, 2024, CyberNewswire — SpyCloud, the leader in Identity Threat Protection, announced that its SaaS Investigations solution has been enhanced with identity analytics that illuminate the scope of digital identities and accelerate successful outcomes of complex investigations…
Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation…
North Korean sponsored hackers target tech job seekers with phoney job interviews. Cyber Security Today for Friday, October 11, 2024
Cybersecurity Today: Data Breaches and Malware Threats In this episode of Cybersecurity Today, host Jim Love discusses the hacking incidents involving the Internet Archive and Fidelity, exposing millions of users’ data. Highlights include the Internet Archive breach attributed to the…
Protecting Privacy in a Data-Driven World: What should you look for in a DLP Solution?
The latest data loss involving MC2 Data, a background check company, saw sensitive information of more than 100 million people in the US leaked which has put the lives of millions on the line for computer-related crimes such as identity…
Nokia claims Cyber Vulnerabilities in the Telecom Sector
According to a recent report by Nokia Threat Intelligence, the global telecom industry, with a particularly alarming focus on North America, is facing significant vulnerabilities to cyber attacks. These threats are increasingly being exacerbated by the use of Generative AI…
The New Geopolitical Weapon: The Impact of Cyberattacks Against Critical Infrastructure
Electricity, transportation, water, communications – these are just some of the systems and assets that keep the world functioning. Critical infrastructure, a complex interconnected ecosystem, is what props entire countries up and is vital for the functioning of society and…
Data loss incidents impact patient care
92% of healthcare organizations experienced at least one cyber attack in the past 12 months, an increase from 88% in 2023, with 69% reporting disruption to patient care as a result, according to Proofpoint. Healthcare organizations struggle to mitigate risks…
The “Mongolian Skimmer” Uses Unicode to Conceal Its Malicious Intent
Researchers at Jscrambler have uncovered a new skimming campaign dubbed the “Mongolian Skimmer.” This malware, initially detected through intelligence shared by Sansec, distinguishes itself through its use of unusual Unicode characters to obfuscate JavaScript code. Although at first glance, this…
Podcast Episode Rerelease: So You Think You’re A Critical Thinker
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> This episode was first released in March 2023. With this year’s election just weeks away, concerns about disinformation and conspiracy theories are on the rise. We covered this issue in a…
FBI created a cryptocurrency so it could watch it being abused
It worked – alleged pump and dump schemers arrested in UK, US and Portugal this week The FBI created its own cryptocurrency so it could watch suspected fraudsters use it – an idea that worked so well it produced arrests…
DORA regulation’s nuts and bolts
The frequency, sophistication, and impact of cyber-attacks on financial institutions have been rising. Given the economic system’s interconnected nature, disruptions in one institution can have cascading effects on the broader financial market, leading to systemic risks. Regulators have responded with…
31 Million Records Exposed Online by Sports Technology Company TrackMan
A whopping almost 32 million records and around 110 TB of data belonging to tech users from Trackman were left exposed to the internet. The database exposed user names, email addresses, device information, IP addresses, and security tokens. They were…
The Hidden Price of DevSecOps: How Security Tasks Are Sapping Developer Productivity and Jeopardizing Competitive Edge
Developers are spending significantly more time, and companies are spending 28K per developer each year on security-related tasks, such as manual application scan reviews, context switching, and secrets detection, among other things. This was revealed by JFrog, the Liquid Software company…
Unlocking the power of cryptographic agility in a quantum world
In this Help Net Security interview, Glen Leonhard, Director of Key Management at Cryptomathic, discusses the role of cryptographic agility in mitigating risks posed by quantum computing. Cryptographic agility enables organizations to seamlessly transition to post-quantum algorithms without disrupting existing…
A Holistic Approach to Security: 6 Strategies to Safeguard Against DDoS Attacks
Distributed Denial-of-Service (DDoS) attacks flood target networks with an overwhelming number of requests all at once, resulting in a denial of service that can shut down internet connectivity across all verticals. They are particularly troublesome since attacks continually evolve to…
Generative AI software and features are being shoehorned in across all industries
Generative AI software and features are being shoehorned in across all industries, and come with both typical and unique security concerns. By establishing a flexible software security review framework, organizations can improve security posture and avoid being overwhelmed by countless…
Scammers target Airbnb and Booking.com users
ESET researchers discovered that the organized scammer network Telekopye has expanded its operations to target users of popular accommodation booking platforms like Booking.com and Airbnb. They have also increased the sophistication of their victim selection and of targeting the two…