Cyber Security News

20 Feb 2024 14:10

Malicious Campaign Impacts Hundreds of Microsoft Azure Accounts

Once the victim clicks on the malicious link, which installs a payload, the threat actors use a specific Linux user-agent to access a range of their victims’ native Microsoft365 apps as well as their ‘OfficeHome’ sign-in application.

@Cyber_Security_Channel

Cyber Security News

19 Feb 2024 05:58

Ransomware Groups Claim Hits on Hyundai Motor Europe and a California Union

According to the ransomware gang, it stole 308GB of data from the union, including employee information such as Social Security numbers, salary information, and financial documents.

@Cyber_Security_Channel

Cyber Security News

18 Feb 2024 08:49

'Coyote' Malware Begins Its Hunt, Preying on 61 Banking Apps

It may be a Brazil-focused threat to consumers for now, but as mentioned, there are clear reasons for organizations to be aware of Coyote.

For one, as Assolini warns, "the malware families that had success in tackling the Brazil market in the past have also expanded abroad.

That's why corporations and banks must be prepared to deal with it."

@Cyber_Security_Channel

Cyber Security News

17 Feb 2024 07:45

Verizon Employee Data Exposed in Insider Threat Incident

The service provider said it was reviewing its technical controls to prevent a repeat of the situation down the line, but Jim Alkove, co-founder and CEO of identity security startup Oleria and former chief trust officer at Salesforce.com, believes that it's equally important to be mindful of security mindset.

@Cyber_Security_Channel

Cyber Security News

16 Feb 2024 10:42

Microsoft Azure HDInsight Bugs Expose Big Data to Breaches

This new trio opens the door to performance issues and unauthorized administrative access, and all that comes with it: attackers reading, writing, deleting, and performing any other management operations over an organization's sensitive data.

@Cyber_Security_Channel

Cyber Security News

15 Feb 2024 16:54

Southern Water Reports Major Data Breach Impacting Hundreds of Thousands

The incident has been reported to the U.K.’s Information Commissioner’s Office, as Southern Water continues to assess the breach’s impact and work on bolstering its cybersecurity measures to prevent future attacks.

@Cyber_Security_Channel

Cyber Security News

14 Feb 2024 19:08

JetBrains Warns of New TeamCity Auth Bypass Vulnerability

JetBrains strongly advises all TeamCity On-Premises users to update their servers to 2023.11.3 to eliminate the vulnerability.

Tracked as CVE-2024-23917, this critical severity flaw impacts all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can be exploited in remote code execution (RCE) attacks that don't require user interaction.

@Cyber_Security_Channel

Cyber Security News

13 Feb 2024 11:59

Reports of Data Breach on Class Charts Platform

Class Charts is used by more than 180,000 teachers, its website states.

The company says it can “save teachers time and reduce workload with our data rich seating plans” and “improve pupil behaviour with our fast and effective behaviour management”.

@Cyber_Security_Channel

Cyber Security News

12 Feb 2024 18:17

9 Best SOC Tools to Strengthen Your Security Posture

This article will explore the most effective SOC solutions to help you make well-informed cybersecurity decisions and strengthen business defenses.

@Cyber_Security_Channel

Cyber Security News

11 Feb 2024 19:36

Three Ways to Create a SOC Powered by AI

We know that cybercriminals are savvy and are continuously shifting their tactics to evade detection by security teams. But last year, threat actors got a major leg up with the commercialization of generative AI.

Tools like ChatGPT made it even easier for cybercriminals to launch advanced attacks, including email attacks like business email compromise and vendor fraud.

@Cyber_Security_Channel

Cyber Security News

10 Feb 2024 06:08

Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

The fact that the targeted routers are privately owned highlights a security risk for IT pros trying to keep remote workers safe.

With IT members not overseeing the routers used at home, it is difficult to know whether employers may be using old or even end-of-life routers.

@Cyber_Security_Channel

Cyber Security News

09 Feb 2024 08:55

VajraSpy: A Patchwork of Espionage Apps

All the apps that were at some point available on Google Play had been uploaded there between April 2021 and March 2023.

The first of the apps to appear was Privee Talk, uploaded on April 1st, 2021, reaching around 15 installs.

Then, in October 2022, it was followed by MeetMe, Let’s Chat, Quick Chat, and Rafaqat رفاق, installed altogether over 1,000 times.

The last app available on Google Play was Chit Chat, which appeared in March 2023 and reached more than 100 installs.

@Cyber_Security_Channel

Cyber Security News

07 Feb 2024 19:02

🌐🎁 Are You Searching for a Reliable and Affordable VPN Platform?

Our partners at Orca VPN's are hosting a massive Giveaway!

↳ You can enter to win $500...

Access a world-class VPN service and a giveaway as a bonus!

How Does It Work?

⏬️

Cyber Security News

06 Feb 2024 15:16

Pennsylvania Courts’ Website Disrupted by DoS Attack

The Unified Judicial System of Pennsylvania is the state court system of the Commonwealth of Pennsylvania, administering the state’s judicial system.

This includes operating its IT systems and holding data on cases.

@Cyber_Security_Channel

Cyber Security News

05 Feb 2024 22:05

Considerations for Artificial Intelligence and Employment Law

When such an effect results from such neutral tests or selection procedures, it is known as disparate impact or adverse impact discrimination.

This type of discrimination is generally only an issue with predictive AI tools because that type of AI utilizes algorithms to recognize data patterns and make predictions – which can lead to biased results when the underlying algorithms are biased (even if inadvertently so).

@Cyber_Security_Channel

Cyber Security News

19 Feb 2024 14:01

💬🚀 SUCH — The Best Way To Streamline Your Telegram Interactions

SUCH is the ultimate feedback and support bot builder for:

— Bot Developers
— Channel Admins
— Business Owners
— Community Managers

Key Features:

👥 Teamwork
🌐 Web apps support
💻 User-friendly web interface
⚙️ Custom commands support
🤖 ChatGPT integration (coming soon!)

Create your Telegram bot today!

→ Try it out via this link.

-----

#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Cyber Security News

18 Feb 2024 19:37

⚡️Health Insurance Data Breach Affects Nearly Half of France’s Population, Privacy Regulator Warns

The CNIL warned that although policyholders’ contact data wasn’t affected by the breach, “it is possible that the breached data could be combined with other information from previous data breaches” to carry out further crimes.

@Cyber_Security_Channel

Cyber Security News

17 Feb 2024 17:21

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability

A local attacker with enough privileges to modify EFI variables or EFI partition data, such as by using a live Linux USB drive, could change boot order to load a vulnerable shim and execute privileged code without disabling secure boot.

@Cyber_Security_Channel

Cyber Security News

16 Feb 2024 22:25

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem

Prompt injection is like a malicious variant of the growing field of prompt engineering, which is simply a less adversarial form of crafting text inputs that get a GenAI system to produce more favorable output for the user.

Only in the case of prompt injection, the favored output is usually sensitive information that shouldn't be exposed to the user or a triggered response that gets the system to do something bad.

@Cyber_Security_Channel

Cyber Security News

15 Feb 2024 22:56

Check Point Debuts AI Copilot to Streamline and Automate Cybersecurity Management

Karpati said the vendor plans to integrate AI copilot functions into many of its core products in the future.

“Ultimately, Infinity AI Copilot will allow access to cross-product information, address inquiries and execute actions seamlessly across multiple consoles.”

Currently, Check Point’s threat prevention blocks over 3 billion attacks each year with 50 AI engines and 2 billion security decisions made daily, he added, one key aspect of the AI implementations is the collaborative sharing of threat insights across the platform to prevent attacks effectively.


@Cyber_Security_Channel

Cyber Security News

15 Feb 2024 06:01

OpenAI's ChatGPT Breaches Privacy Rules, Says Italian Watchdog

Italy was the first West European country to curb ChatGPT, whose rapid development has attracted attention from lawmakers and regulators.

Under the EU's General Data Protection Regulation (GDPR) introduced in 2018, any company found to have broken rules faces fines of up to 4% of its global turnover.

@Cyber_Security_Channel

Cyber Security News

13 Feb 2024 19:02

🌐🎁 Are You Searching for a Reliable and Affordable VPN Platform?

Our partners at Orca VPN's are hosting a massive Giveaway!

↳ You can enter to win $500...

Access a world-class VPN service and a giveaway as a bonus!

How Does It Work?

⏬️

Cyber Security News

13 Feb 2024 02:03

Cybersecurity Skills Gap Rises. Impacted Businesses Urged to Attract Talent With Education and Embrace AI

This could also mean that more cybersecurity professionals are available for hire.

But do they have the skills companies need?

Among respondents to the survey, 92% reported skills gaps at their organization, a gap that includes cloud computing security.

An inability to find people with the right skills, the struggle to keep employees who have those skills, and a shrinking hiring budget are the biggest causes cited for these skills gaps.

Indeed, 54% of respondents said that the cybersecurity skills shortage situation has been getting worse in recent years.

@Cyber_Security_Channel

Cyber Security News

12 Feb 2024 06:43

⚡️Google Agrees to Pay $350 Million to Settle Class Action Lawsuit Over Google+ User Data Leak

According to a document filed in the U.S. Court for the Northern District of California, people who purchased Google stock between April 23, 2018, and April 30, 2019, will be able to apply for a share of the settlement.

There will be a notification for eligible investors and Google has a portal with relevant information.

@Cyber_Security_Channel

Cyber Security News

10 Feb 2024 19:02

🌐🎁 Are You Searching for a Reliable and Affordable VPN Platform?

Our partners at Orca VPN's are hosting a massive Giveaway!

↳ You can enter to win $500...

Access a world-class VPN service and a giveaway as a bonus!

How Does It Work?

⏬️

Cyber Security News

09 Feb 2024 17:52

DraftKings Hacker Sentenced to 18 Months in Prison

Prior to his arrest, law enforcement searched Garrison’s house and found software typically used for credential stuffing on his computer.

Additionally, 700 individual config files used by the credential stuffing programs and 40 million username and password pairs were found.

@Cyber_Security_Channel

Cyber Security News

08 Feb 2024 19:06

Uber (NYSE:UBER) Faces €10 Million Fine for EU Data Privacy Breach

The DPA found that Uber had not specified in its terms and conditions how long it retained the data collected from drivers nor did it specify how secure the data was when it was sent to countries outside the European Economic Area (EEA).

The regulator also found that Uber had unnecessarily complicated the process for drivers to access their personal data.

@Cyber_Security_Channel

Cyber Security News

07 Feb 2024 02:43

Mercedes Source Code Exposed by Leaked GitHub Token

Impact from the data breach, the cybersecurity firm says, could have gone beyond this extensive intellectual property exposure, as it could have had significant financial implications, could have led to legal violations, and potential reputational damage.

@Cyber_Security_Channel

Cyber Security News

06 Feb 2024 09:01

CFOs urged to Reassess Privacy Budgets Amid Rising Data Privacy Concerns

The survey respondents identified several common privacy failures that organizations encounter.

These include the lack of or poor training (49%), failure to practice privacy by design (44%), and data breaches (42%).

These failures not only pose significant risks to data privacy but also hinder organizations’ ability to achieve compliance and maintain customer trust.

@Cyber_Security_Channel

Cyber Security News

05 Feb 2024 13:53

'Cactus' Ransomware Strikes Schneider Electric

Still, the company faces potential repercussions if its clients' business data gets leaked. According to Bleeping Computer, the Cactus ransomware gang — a relatively young yet prolific group — has claimed the attack.

(When Dark Reading reached out to Schneider Electric for corroboration, the company did not confirm nor deny this attribution).

@Cyber_Security_Channel