cyber_security_channel | News and Media

Telegram-канал cyber_security_channel - Cyber Security News

42585

Be Cyber Aware. Our vacancies channel: @CyberSecurityJobs Our chat: t.me/cybersecuritynewschat LinkedIn: https://www.linkedin.com/company/securitynews/ Facebook: https://www.facebook.com/BreakingCyberSecNews 📩 Cooperation: @cybersecadmin

Subscribe to a channel

Cyber Security News

⚡️Popular Social Media Platform TikTok Has Been Fined €345 Million by European Regulators for a Series of Lapses in Its Settings That Could Put Children At Risk

Used by 134 million people monthly in Europe alone, TikTok is one of the world’s most popular social media platforms.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

The remaining four vulnerabilities added by CISA to its KEV list impact Owl Labs’ Meeting Owl video conferencing product.

The device, shaped like an owl, features a 360° conference camera, a mic, and a speaker, and the vendor says it gets smarter over time.

The Meeting Owl vulnerabilities were discovered last year by researchers at Swiss cybersecurity firm Modzero.

They include inadequate encryption, missing authentication, hardcoded credentials, and improper authentication issues.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Companies Explore Ways to Safeguard Data in the Age of LLMs

"Data loss prevention became much more of an issue because there's suddenly... these large language models with the capability to index data in a very, very efficient manner," he says.

"People who were just sending documents around ... now, the chances of that data landing into a large language model are much higher, which means it's going to be much easier to find the sensitive data".

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Cybersecurity Tabletop Board Game Pits Hackers vs. Defenders

The game would come with a generic incident response binder – "a playbook detailing exactly what to do to deal with and recover from the disaster".

It addresses malware propagation, file and operations recovery, insurance and payment negotiation advice, and how to communicate with the public and stakeholders, according to the campaign's FAQ.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

What Cybersecurity Gets Wrong

Further, Williams notes, the integration of cybersecurity staff with various skill sets can be quite difficult.

“I have silos of expertise,” he says. “I don’t have very many people who actually can knit it together.

I see very few fleet commanders, people who can actually manage more than just a ship, that can manage a task force.

Once you find one, the truth of the matter is they’re jumping off to startups to make the big time instead of hanging around in corporations”.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Greater Manchester Police Hack Follows Third-Party Supplier Fumble

This incident is nearly identical to a hack that impacted London's Metropolitan Police in August in which officers were warned that their information such as names, ranks, and ID numbers had been stolen when hackers broke into the IT systems of a contactor that printed warrant cards and staff passes.

Around 47,000 officers were affected, including those that were undercover or assigned to the royal family.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems

MGM Resorts properties include the Mandalay Bay (the site of the Black Hat security conference), Bellagio, MGM Grand, Aria, Luxor and the Cosmopolitan.

The incident began sometime on Sunday and affected hotel reservation systems throughout the United States and other IT systems that run the casino floors.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

A Second Major British Police Force Suffers a Cyberattack in Less Than a Month

The federation that represents officers in Greater Manchester said it is working with the police force to limit the damage.

“Our colleagues are undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe,” said Mike Peake, chair of the Greater Manchester Police Federation.

“To have any personal details potentially leaked out into the public domain in this manner — for all to possibly see — will understandably cause many officers concern and anxiety.”

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities

Because it's such a tedious task, and because everybody's attacking the same target, it's only natural that healthy-sized online communities have formed around the practice to share tips and tricks.

Members of these jailbreak communities scratch one another's backs, helping each other to make ChatGPT to crack and do things the developers intended to prevent it from doing.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

The Microsoft Streaming Service Proxy is part of the enterprise-facing Microsoft Stream video communications service.

Microsoft credited the discovery of the flaw to IBM X-Force security researcher Valentina Palmiotti and its internal threat-intelligence and malware-hunting teams.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Securiti has embraced all of these tenants since it launched its solution over four years ago.

Our belief is that honoring privacy rights ultimately comes down to safeguarding the data of each individual, and that can not be done without a comprehensive and accurate understanding of all of the personal data within an organization’s data landscape.

This is why the market needs to move beyond traditional manual approaches and surveys, which are prone to errors, exposing organizations to compliance risks and excessive operational costs.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs

The aviation incident is not the first instance of Iranian APTs targeting the interests of the US federal government.

Last year, an Iranian government-sponsored group used the Log4Shell vulnerability to breach the US Federal Civilian Executive Branch systems and leave malware.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Heap buffer overflow issues occur when an application writes more data to a heap-allocated memory buffer than what the buffer can hold.

Such vulnerabilities can be exploited to crash an application and potentially achieve arbitrary code execution.

As usual, Google has refrained from disclosing details on the bug. The company does not provide information on the observed exploitation either.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

⚡️TikTok Fined $367 Million for How it Handled Children’s Data

Ireland’s Data Protection Commission (DPC) announced a €345 million (around $367 million) fine on TikTok for how the company processes the data of children.

The fine follows an investigation by the DPC announced in 2021 that looked at TikTok’s compliance with Europe’s General Data Protection Regulation (GDPR) laws.

The probe focused on a few TikTok features: default account settings; “Family Pairing” settings; and age verification.

After consulting with the European Data Protection Board, the DPC found that TikTok set children’s accounts to public by default when they signed up on the platform.

That meant that kids’ videos were publicly viewable by default and that comments, duets, and Stitch features were also enabled by default.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

2023 Database Encryption Market Is Booming Worldwide | Industry Research Report

In this report, we uncover the key driving force behind the keyword market's expansion.

We provide a detailed analysis of this essential element, enabling you to align your strategies with market dynamics effectively.

It profiled the outlook of key manufacturers, where significant locales and regions are thought about, trailed by an estimate by type.

Aside from worldwide creation and income forecast, this part gives creation and income figures by region.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Q&A: Survey Sheds Light On Why Automation Is a Key Solution for the Cyber Skills Gap

North America [survey] responders said: ‘We’re automating more, we’re using more AI, we’re using more process automation to make sure we do the heavy lifting with machines and then only present to the people with what they’re very good at… making judgments,” she said.

“In the other parts of the world, the top answer to that question of how you’re tackling cybersecurity skill shortage was: ‘We’re trying to provide higher wages and better benefits to the existing people.’ 

I think the world is moving towards the former, which is let’s do as much as we can with AI and machines and automation.”

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

What Does Closed-Door Meeting With AI Industry Leaders Mean for Business?

“There was a lot of care to make sure the room was a balanced conversation, or as balanced as it could be,” Deborah Raji, a researcher at the University of California, Berkeley who specialized in algorithmic bias and attended the meeting, told the AP.

Note: "TechRepublic contacted Senator Schumer’s office for a comment about this AI summit, and we have not received a reply by the time of publication".

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Delaware Joins States With Comprehensive Consumer Data Privacy Laws

While not entirely dissimilar from other recently enacted consumer data privacy laws, the Delaware law does create another set of procedures for businesses to comply with in connection with their collection and use of consumer personal information.

If you have concerns about your business and its use of personal information or how the Delaware Personal Data Privacy Act affects you or your business, please contact the data privacy professionals at Clark Hill, PLC.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Massive Phishing Attack Targeting 40+ Prominent Companies

Check Point Research discovered a phishing attack targeting over 40 Colombian companies using the "Remcos" malware, a Remote Access Trojan, allowing attackers to infect victims' systems, steal data, install malware, and hijack user accounts.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

How to Mitigate Cybersecurity Risks From Misguided Trust

Furthermore, blindly trusting that all employees have the same level of security maturity is also a big mistake.

Whether employees will act responsibly towards a security threat depends on several factors.

These include knowledge and awareness about the threat, alertness when the threat approaches, and commitment to protecting the organization.

Just because you're aware of the stop sign, it doesn't guarantee you'll stop.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Software Giant Retool Announces Customer Account Breach After Targeted Social Engineering Attack

After allowing for signup, the attacker mimicked the voice of the worker and ended up calling IT team members in a specific manner.

This tricked them and provided more MFA codes that enabled the addition of controlled devices held by attackers toward a targeted account.

Now, the blame is being shoved in Google’s face because of its Authenticator sync feature.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Dutch Football Association Admits Paying LockBit in ‘April Fools’ Ransomware Attack

People who were involved in disciplinary matters with the KNVB, such as sanctions, in the 21-year period between 1999 and 2020 may also have had their name, address, contact details, and other information found in their disciplinary files stolen by the ransomware actors.

This could apply to players, coaches, and KNVB staff.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Check Point: Hackers Are Dropping USB Drives at Watering Holes

I spoke with Pete Nicoletti, global chief information security officer for the Americas at Check Point Software, about some other top-line findings from the report.

Nicoletti, who has more than 30 years in the field, said AI is a game changer, and that out of Check Point Software’s 70-plus engines, AI and machine learning drives 40 of them.

The following transcript of my interview with Nicoletti has been edited for length and clarity.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Zero Trust is About More Than Security – It's the Foundation for Digital Transformation

Fundamentally, zero trust represents a paradigm shift away from virtual private network (VPN) and firewall-laden security practices, Howe says, which traditionally sees devices within an organization's network as being trustworthy.

We’ve seen glaring issues in the long established ‘castle and moat’ approach in recent years, especially during the shift to remote and hybrid work practices with distributed workforces using devices in a range of locations.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Professional Sports: The Next Frontier of Cybersecurity?

High-profile sporting events come together quickly, so it’s important that security teams have clear visibility and control across their entire digital estates.

This includes everything from attendees' personal devices to the team or venue's Web and social media presence, registration and ticketing platforms, mass notification systems, electronic signage, and more.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

'Anonymous Sudan' Sets Its Sights on Telegram in DDoS Attack

Though it's unclear as to why the group was banned on Telegram, SOCRadar speculated that it could be related to its attack on X or its use of bot accounts.

The group is primarily motivated by religious and political causes, but it seems as though its attack on Telegram is simply a retaliatory action or a cry for attention, SOCRadar noted.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Being Flexible Can Improve Your Security Posture

Those people who are alert, self-aware, and flexible enough to reconsider their approach from time to time are the lucky ones, in my opinion.

If you read my articles regularly, it probably won't surprise you that I believe there is an important security lesson we can learn from this.

Let's examine six areas in which being flexible, rather than stubborn, can help us improve our security postures.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Dymocks Warns Shoppers of Possible Dark Web Data Breach

The company apologised and said it was unsure how many customers were impacted and promised to update those affected.

Customers were warned their email addresses, phone numbers, postal addresses, genders and dates of birth could form part of the breached data.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices

Organizations have been advised by the vendor to stop using the outdated product and upgrade to MODULYS GP2 (M4-S-XXX), which should not be impacted by the security flaws.

Businesses still using the vulnerable product could be exposing themselves to significant risks, as the security holes can allow an attacker who has knowledge of how the system works to modify its behavior and prevent it from functioning properly.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

North Korean Hackers Steal $41 Million Crypto from Online Casino

It all started on a seemingly ordinary Monday when Stake, the crypto casino with the golden touch (and a nod from Drake himself), began showing signs of distress.

Outbound transactions were spiraling out of control, and something smelled fishier than a seafood market on a hot summer day.

@Cyber_Security_Channel

Читать полностью…
Subscribe to a channel