Collecting Cyber-News from over 60 sources

Tag: business

How companies can address bias and privacy challenges in AI models

Dec 16, 2024 6:42 AM

Tags: ai, business, ceo, privacy, strategy

In this Help Net Security interview, Emre Kazim, Co-CEO of Holistic AI, discusses the need for companies to integrate responsible AI practices into their business strategies … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/16/emre-kazim-holistic-ai-strategy/
Platforms are the Problem

Dec 15, 2024 3:42 PM

Tags: ai, breach, business, chatgpt, cloud, cyber, cybercrime, cybersecurity, data, defense, detection, finance, firewall, fraud, infrastructure, intelligence, LLM, network, saas, service, technology, threat, tool

A better path forward for cybersecurity Why is it that cybersecurity is struggling to keep pace with the rapidly evolving threat landscape? We spend more and more, tighten our perimeters, and still there are trillions of dollars being lost to cybercrime and cyber attacks. Setting aside the direct costs to individuals and businesses, and the…
Proactive Approaches to Identity and Access Management

Dec 15, 2024 5:05 AM

Tags: access, breach, business, data, iam, identity, leak

Why is Proactive Security Crucial in IAM? Have you ever weighed the impact of security breaches and data leaks on your business? Increasingly, organizations are finding tremendous value in adopting a proactive security approach, particularly in the realm of Identity and Access Management (IAM). This is the first and often most crucial line of defence……
SAP systems increasingly targeted by cyber attackers

Dec 14, 2024 5:05 AM

Tags: access, attack, authentication, business, cloud, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, data-breach, espionage, exploit, finance, group, hacker, intelligence, Internet, ransomware, remote-code-execution, russia, sap, service, software, technology, threat, unauthorized, update, vulnerability, zero-day

A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023.The vast majority (87%) of the Forbes…
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions

Dec 14, 2024 1:05 AM

Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-day

The brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
Auto parts giant LKQ says cyberattack disrupted Canadian business unit

Dec 14, 2024 1:05 AM

Tags: business, cyberattack, data, threat

Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/auto-parts-giant-lkq-says-cyberattack-disrupted-canadian-business-unit/
The 3 Most Common Misconceptions About Workplace Violence

Dec 13, 2024 10:05 PM

Tags: business

Learn how to overcome C-suite resistance to investing in workplace violence prevention programs, keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.””¦ First…
Researchers expose a surge in hacker interest in SAP systems

Dec 13, 2024 8:05 PM

Tags: access, attack, authentication, business, cloud, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, data-breach, espionage, exploit, finance, group, hacker, intelligence, Internet, ransomware, remote-code-execution, russia, sap, service, software, technology, threat, unauthorized, update, vulnerability, zero-day

A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023.The vast majority (87%) of the Forbes…
Executives see another CrowdStrike-level IT outage on the horizon

Dec 13, 2024 5:05 PM

Tags: business, crowdstrike, service

IT and business leaders admit to prioritizing security at the expense of service disruption readiness, a PagerDuty report found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tech-execs-crowdstrike-outage/735504/
Thales and Imperva Win Big in 2024

Dec 13, 2024 1:05 PM

Tags: access, api, application-security, attack, authentication, banking, business, ciso, cloud, communications, compliance, conference, control, cyber, cybersecurity, data, ddos, defense, encryption, firewall, gartner, group, guide, iam, identity, infosec, insurance, intelligence, malicious, mfa, microsoft, monitoring, privacy, risk, saas, service, software, strategy, threat, usa

Thales and Imperva Win Big in 2024 madhav Fri, 12/13/2024 – 09:36 At Thales and Imperva, we are driven by our commitment to make the world safer, and nothing brings us more satisfaction than protecting our customers from daily cybersecurity threats. But that doesn’t mean we don’t appreciate winning the occasional award. In the year…
How to turn around a toxic cybersecurity culture

Dec 13, 2024 11:05 AM

Tags: access, advisory, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, governance, group, guide, healthcare, jobs, password, phishing, risk, sans, service, strategy, technology, threat, training, vulnerability, zero-trust

A toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk.In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They don’t…
ISC2 Survey Reveals Critical Gaps in Cybersecurity Leadership Skills

Dec 13, 2024 11:05 AM

Tags: business, cybersecurity, skills, training

ISC2 research has found that cybersecurity leaders have limited skills and training in areas like communication, strategic mindset and business acumen First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/isc2-gaps-cybersecurity-leadership/
7 Must-Have Salesforce Security Practices

Dec 13, 2024 5:05 AM

Tags: business

Explore the Salesforce security practices that are essential to your business and understand how AppOmni can empower Salesforce customers across industries. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/7-must-have-salesforce-security-practices-2/
Bitdefender adds business applications sensor to GravityZone XDR

Dec 12, 2024 10:05 PM

Tags: business, edr

First seen on scworld.com Jump to article: www.scworld.com/brief/bitdefender-adds-business-applications-sensor-to-gravityzone-xdr
A Year in Data Security: Five Things We’ve Learned From 2024

Dec 12, 2024 10:05 PM

Tags: business, cybersecurity, data
Security researchers find deep flaws in CVSS vulnerability scoring system

Dec 12, 2024 9:05 PM

Tags: access, apt, breach, business, citrix, control, cve, cvss, cybersecurity, ddos, exploit, finance, flaw, framework, Hardware, metric, privacy, risk, service, software, threat, vulnerability

The industrywide method for assessing the severity of vulnerabilities in software and hardware needs to be revised because it provides potential misleading severity assessment, delegates at Black Hat Europe were told Thursday.The Common Vulnerability Scoring System (CVSS) makes use of various metrics to quantify vulnerability severity. A presentation at Black Hat by cybersecurity experts from…
Cohesity CEO On Closing The Veritas Acquisition, Competing With Veeam, Rubrik, And More

Dec 12, 2024 8:05 PM

Tags: business, ceo, veeam

Cohesity plans to take advantage of the new Veritas business it just purchased to out-innovate and out-grow what Poonen calls its “honorable competitors.” First seen on crn.com Jump to article: www.crn.com/news/storage/2024/cohesity-ceo-on-closing-the-veritas-acquisition-competing-with-veeam-rubrik-more
PEC “invoice scam” Stealing time, money, and trust from businesses

Dec 12, 2024 7:05 PM

Tags: business, credentials, email, malicious, risk

PEC stands for “Posta Elettronica Certificata” – a type of legally binding “certified email” used in Italy. It’s also a hub of abuse targeting business owners. In this article, we share a real-life case of criminals stealing PEC credentials to send malicious emails, causing significant loss of time and money, and explore the risks of…
A Critical Guide to PCI Compliance

Dec 12, 2024 6:05 PM

Tags: access, best-practice, breach, business, cloud, compliance, container, control, credit-card, data, data-breach, detection, encryption, finance, gartner, governance, guide, Hardware, ibm, monitoring, network, PCI, ransomware, risk, service, software, strategy, threat, tool, unauthorized

A Critical Guide to PCI Compliance madhav Thu, 12/12/2024 – 13:28 You are shopping online, adding items to your cart, and you’re ready to pay with your credit card. You expect that when you hit “Checkout,” your payment details will be safe. This sense of trust exists thanks largely to PCI DSS”, the Payment Card…
How Much Will Cybercrime Cost Your E-Commerce Business This Season?

Dec 12, 2024 6:05 PM

Tags: business, cybercrime, malicious

The 2024 holiday season has seen explosive growth in e-commerce, with transaction volumes more than doubling from 5.1 billion in 2023 to 10.4 billion this year. While this highlights the strength of online shopping, it also points to a parallel increase in malicious activity. Reports indicate that 34.62% of transactions in 2024 were flagged as……
Notorious Nigerian cybercriminal tied to BEC scams extradited to U.S.

Dec 12, 2024 5:05 PM

Tags: business, cybercrime, email, fraud, scam

Abiola Kayode, a 37-year-old Nigerian national, has been extradited from Ghana to the United States to face charges of conspiracy to commit wire fraud. Kayode, who was on the FBI’s Most Wanted cybercriminal list, is charged with participating in a business email compromise (BEC) scheme and romance fraud from January 2015 to September 2016, defrauding…
A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite

Dec 12, 2024 1:05 PM

Tags: authentication, business, cybersecurity, finance, group, hacker, infection, insurance, law, service, threat, tool, unauthorized

Global Doughnut and coffee chain owner Krispy Kreme, famous for its “original glazed doughnuts,” has a “portion of their IT systems” disrupted by a cyberattack.In an SEC filing on Wednesday, the global doughnut business said it suffered a cybersecurity incident that has hampered part of its online business in the US.”Krispy Kreme shops globally are…
The 7 most in-demand cybersecurity skills today

Dec 12, 2024 12:05 PM

Tags: access, ai, api, application-security, attack, backup, best-practice, breach, business, cloud, compliance, computing, control, cyber, cyberattack, cybersecurity, data, defense, encryption, exploit, framework, gartner, GDPR, google, governance, grc, group, hacker, Hardware, healthcare, incident response, infrastructure, injection, intelligence, jobs, LLM, malicious, mitigation, ml, network, penetration-testing, phishing, privacy, ransomware, risk, risk-analysis, risk-assessment, risk-management, saas, service, skills, social-engineering, software, spear-phishing, strategy, technology, threat, tool, training, update, vulnerability, zero-trust

Cybersecurity teams find themselves understaffed, overburdened, and rushing to keep up with a rapidly changing threat landscape, as cyberattackers continually devise new ways to attack organizations, and organizations accelerate their embrace of the latest technologies.As a result, security professionals must continually upskill themselves to ensure they keep pace with organizations’ latest skill demands. Unfortunately, deciding…
We must adjust expectations for the CISO role

Dec 12, 2024 11:05 AM

Tags: business, ciso, cybersecurity

Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/12/ciso-role-expectations/
Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Dec 12, 2024 5:05 AM

Tags: apt, business, china, cyber, cyberespionage, espionage, exploit, group, service, threat

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to a Chinese Advanced Persistent Threat (APT) group targeting large business-to-business IT service providers... First seen on securityonline.info Jump to article: securityonline.info/operation-digital-eye-chinese-apt-exploits-visual-studio-code-tunnels-in-high-stakes-espionage-campaign/
Comcast Business To Acquire Nitel For Network-as-a-Service, Security Push

Dec 11, 2024 9:06 PM

Tags: business, network, service

Comcast Business announced its planned acquisition of network-as-a-service vendor Nitel for undisclosed terms. First seen on crn.com Jump to article: www.crn.com/news/security/2024/comcast-business-to-acquire-nitel-for-network-as-a-service-security-push
Unfinished business for Trump: Ending the Cyber Command and NSA ‘dual hat’

Dec 11, 2024 9:06 PM

Tags: business, cyber

U.S. Cyber Command and the National Security Agency are jointly led by a single four-star officer. Donald Trump made moves to end that arrangement in 2020, and sources say the idea is circulating again as the president-elect transitions into a new administration.]]> First seen on therecord.media Jump to article: therecord.media/cyber-command-nsa-dual-hat-trump
GRC is a business enabler and now you can prove it

Dec 11, 2024 9:06 PM

Tags: business, grc

First seen on scworld.com Jump to article: www.scworld.com/native/grc-is-a-business-enabler-and-now-you-can-prove-it
Cardiac surgery device manufacturer falls prey to ransomware

Dec 11, 2024 9:06 PM

Tags: attack, breach, business, cyber, cyberattack, cybercrime, data, group, hacker, healthcare, ransom, ransomware, service, supply-chain

The healthcare industry has been increasingly in the crosshairs of cyberattackers this year, with ransomware near the top of the sector’s biggest cyber threats. Hackers are attacking IT systems and personal data, among other things, with the aim of manipulation or theft. But it’s not just hospitals that are affected by cyberattacks; their suppliers are under attack as well.…
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down

Dec 10, 2024 10:08 PM

Tags: business, group, phishing, scam

SpartanWarrioz, whose prolific phishing kit business took a hit when the group’s Telegram channel was shut down in November, is rebounding quickly, creating a new channel and courting former subscribers as it rebuilds its operations, Forta researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/scam-kit-maker-rebuilding-business-after-telegram-channel-shut-down/