The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud. The study examined the views of more than 8,000 adult consumers, split…
Tag: EN
Understanding cyber risks beyond data breaches
While some may associate cyber risks primarily with technology and data breaches, they can also lead to brand or reputational harm, reduced productivity, and financial losses. This Help Net Security round-up presents excerpts from previously recorded videos featuring security experts…
Nissan infosec in the spotlight again after breach affecting more than 50K US employees
PLUS: Connected automakers put on notice; Cisco Talos develops macOS fuzzing technique; Last week’s critical vulns Infosec in brief Nissan has admitted to another data loss – this time involving the theft of personal information belonging to more than 50,000…
Financial Institutions Now Required to Disclose Breaches Within 30 Days
The 30-Day Deadline The Securities and Exchange Commission (SEC) is demanding financial institutions to report security vulnerabilities within 30 days of discovering them. Why the Change? On Wednesday, the SEC adopted revisions to Regulation S-P, which controls how consumers’ personal…
ISC Stormcast For Monday, May 20th, 2024 https://isc.sans.edu/podcastdetail/8988, (Mon, May 20th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, May 20th, 2024…
USENIX Security ’23 – Guarding Serverless Applications with Kalium
Authors/Presenters: Deepak Sirone Jegan, Liang Wang, Siddhant Bhagat, Michael Swift Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim…
Why data breaches have become ‘normalized’ and 6 things CISOs can do to prevent them
It’s crucial that CISOs and their teams ensure employees are aware of vulnerabilities, and build a system resilient to breaches. This article has been indexed from Security News | VentureBeat Read the original article: Why data breaches have become ‘normalized’…
Cybercriminals Exploit Windows Quick Assist in Latest Ransomware Campaign
A recent wave of cyberattacks has seen financially motivated criminals leveraging Windows Quick Assist, a built-in remote control and screen-sharing tool, to deploy Black Basta ransomware on victim networks. Microsoft has investigated these attacks since mid-April 2024, identifying the…
Deepfakes and AI’s New Threat to Cyber Security
With its potential to manipulate reality, violate privacy, and facilitate crimes like fraud and character assassination, deepfake technology presents significant risks to celebrities, prominent individuals, and the general public. This article analyses recent incidents which bring such risks to…
North Korean Hacker Group Kimsuky Deploys New Linux Malware ‘Gomir’ via Trojanized Software Installers
North Korean hacker group Kimsuky has unveiled a new Linux malware named “Gomir,” a variant of the GoBear backdoor. This development marks a significant advancement in the group’s cyber espionage tactics. Kimsuky, linked to North Korea’s military intelligence, the…
Banco Santander Reports Data Breach, Reaffirms Transaction Security
There was a malicious incident reported by Bank Santander that involved an individual who had accessed the data of one of its service providers. The malicious incident resulted in a data breach, which affected the bank’s customers and posed…
Healthcare firm WebTPA data breach impacted 2.5 million individuals
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people.…
Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North…
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware…
AI’s Energy Appetite: Challenges for Our Future Electricity Supply
The dramatic growth in GenAI and AI adoption is bringing increased demand for energy to power data centers. Where is this heading? How can we navigate a sustainable energy future with exploding technology usage? The post AI’s Energy Appetite: Challenges…
Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam
The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were…
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email…
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide
The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500…
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials
Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost attack method. Phishing attacks can be easily scaled to target a large number of individuals, increasing the likelihood of success.…
How Attackers Distribute Malware to Foxit PDF Reader Users
Threat actors are exploiting a vulnerability in Foxit PDF Reader’s alert system to deliver malware through booby-trapped PDF documents, according to researchers at Check Point. The researchers have identified several campaigns targeting Foxit Reader users with malicious PDF files.…