Should IT Professionals Be Liable for Ransomware Attacks?
Denmark-based Poul-Henning Kamp describes himself as the "author of a lot of FreeBSD, most of Varnish and tons of other Open Source Software." And he shares this message in June's Communications of the ACM. "The software industry is still the probl.....»»
‘A very rude introduction’: Trump attacks Black conference moderator
‘A very rude introduction’: Trump attacks Black conference moderator.....»»
Proficio launches ProBAS service to help organizations better prepare and respond to cyber attacks
Proficio has announced the roll out of its ProBAS Breach and Attack Simulation service. By rigorously testing an organization’s security defenses, ProBAS ensures they can prevent compromise events and detect attacks throughout the entire threat det.....»»
What science communicators could learn from marketing professionals
The new romantic comedy "Fly me to the Moon" tells the story of how, in the run up to the Apollo 11 mission, NASA hired a high-flying marketing specialist to bolster public support......»»
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner.....»»
Guest commentary: AI transforming the fleet management world
Fleet management professionals can benefit from tools that will easily give clarity into complex operations......»»
Ransomware and email attacks are hitting businesses more than ever before
Misconfigured systems and poor MFA implementations are to blame, Cisco Talos report says......»»
The cost of cybersecurity burnout: Impact on performance and well-being
This article includes excerpts from recent reports we covered, providing statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals. Most cybersecurity pros took time off due to mental health issues Hack.....»»
AI-generated deepfake attacks force companies to reassess cybersecurity
As AI-generated deepfake attacks and identity fraud become more prevalent, companies are developing response plans to address these threats, according to GetApp. In fact, 73% of US respondents report that their organization has developed a deepfake r.....»»
Nearly 90 percent of outside software rebooted after CDK cyberattacks, CEO Brian MacDonald says
CDK Global, working with outside experts, is continuing to investigate whether the June 19 ransomware event led to the theft of any personal information......»»
Shuffle Automation: Open-source security automation platform
Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process. It’s designed to integrate with Managed Security Service Providers (MSSP.....»»
FTC attacks Microsoft’s post-merger Game Pass price increases
Regulator says move is "exactly the sort of consumer harm" it warned about. Enlarge / Access to first-party games on launch day remains a major selling point for the Xbox Game Pass Ultimate tier. (credit: Microsoft) The.....»»
One-third of dev professionals unfamiliar with secure coding practices
Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux Foundation. Despite this, many developers lack the essential knowledge and sk.....»»
Fighting AI-powered synthetic ID fraud with AI
Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead.....»»
DDoS attacks see a huge rise as criminals get braver and more ambitious
Hackers are getting access to better tools, previously only reserved for state-sponsored actors, researchers say......»»
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Tre.....»»
Rite Aid confirms data breach following ransomware attack
Pharmacy giant confirms sensitive data was stolen, but health and payment information was not......»»
Exim vulnerability affecting 1.5M servers lets attackers attach malicious files
Based on past attacks, it wouldn’t be surprising to see active targeting this time, too. Enlarge More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts,.....»»
CDK CEO pledges to compensate dealers after ransomware event
CDK CEO Brian MacDonald promised to dealers in a letter that they would receive "some financial relief" for interruptions stemming from the June 19 cyberattacks......»»
Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files
Based on past attacks, It wouldn’t be surprising to see active targeting this time too. Enlarge More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, s.....»»
iPhone users targeted in new spyware attacks – here’s how to protect yourself
Following a warning issued to users in 92 countries last April that they might have suffered from a spyware attack on their iPhones, Apple has … The post iPhone users targeted in new spyware attacks – here’s how to protect yourself appeared.....»»