Protecting Tomorrow’s World: Shaping the Cyber-Physical Future

November 29, 2024 at 06:21AM The webinar “Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025” examined the integration of digital and physical realms, addressing emerging technologies, security concerns, and strategies for businesses. Key trends impact the evolving threat landscape, emphasizing the need for robust security measures, proactive threat detection, and comprehensive cyber-physical preparedness … Read more

Microsoft says it’s not using your Word, Excel data for AI training

November 27, 2024 at 01:57PM Microsoft has denied allegations that it collects user data from Microsoft 365 applications, such as Word, Excel, and PowerPoint, for training its artificial intelligence models. **Meeting Takeaways:** – Microsoft has refuted allegations regarding the use of data from Microsoft 365 applications (Word, Excel, PowerPoint) for training its AI models. – … Read more

Data broker leaves 600K+ sensitive files exposed online

November 27, 2024 at 01:07PM Over 600,000 sensitive files, including personal criminal histories, were exposed online by SL Data Services in an unprotected database. Security researcher Jeremiah Fowler reported the issue, highlighting risks of phishing and social engineering. Although the database was eventually closed, the exposed information could severely impact individuals and their associates. ### … Read more

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours

November 27, 2024 at 11:17AM Cloudflare faced a significant incident on November 14, 2024, losing 55% of customer logs due to a bug in its log collection service. A misconfiguration in the Logfwdr system led to log discard errors, overwhelming Buftee, the buffering system. Cloudflare has since implemented measures to prevent future incidents. ### Meeting … Read more

Man accused of hilariously bad opsec as alleged cybercrime spree detailed

November 26, 2024 at 03:42PM Nicholas Michael Kloster, 31, appeared in court for alleged cybercrimes, including breaking and entering, credit card abuse, and manipulating computer systems of two companies shortly after his employment. Prosecutors claim he caused $5,000 in damages to a nonprofit and faces charges related to computer access and damage. Trial is scheduled … Read more

US Takes Down Stolen Credit Card Marketplace PopeyeTools

November 22, 2024 at 08:04AM The US Department of Justice seized PopeyeTools, a marketplace for trading stolen credit card information, and charged three administrators. The site, operational since 2016, had over 227,000 stolen identities and generated $1.7 million. Additionally, $283,000 in cryptocurrency was seized from one administrator’s account. **Meeting Takeaways:** 1. **Seizure of PopeyeTools**: The … Read more

Data is the new uranium – incredibly powerful and amazingly dangerous

November 20, 2024 at 02:21AM At a roundtable of CISOs, concerns shifted from funding to data management challenges. While data visibility has increased, so have security risks. As data becomes ubiquitous, CISOs worry that the cost of managing it may outweigh its benefits, likening it to “yellowcake”—potentially valuable yet hazardous if mismanaged. ### Meeting Takeaways: … Read more

We Can Do Better Than Free Credit Monitoring After a Breach

November 19, 2024 at 09:44AM The text discusses the persistent issue of data breaches in cybersecurity, highlighting the author’s experiences. It calls for companies to improve both pre- and post-breach practices, including timely notifications and proactive tools for consumers. Additionally, it suggests implementing industry regulations and financial accountability for companies to better protect consumer data. … Read more

CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws

November 19, 2024 at 02:03AM Recently patched vulnerabilities in Progress Kemp LoadMaster and VMware vCenter Server are being actively exploited. CISA added CVE-2024-1212, a critical flaw, to its Known Exploited Vulnerabilities catalog. Other vulnerabilities in VMware include CVE-2024-38812 and CVE-2024-38813, with remediation recommended by December 9, 2024, for federal agencies. **Meeting Takeaways – November 19, … Read more

AnnieMac Data Breach Impacts 171,000 People

November 18, 2024 at 06:41AM AnnieMac Home Mortgage has announced a data breach affecting over 171,000 individuals due to a hacker attack. This incident raises concerns about data security and customer privacy. **Meeting Notes Takeaways:** 1. **Company Involved**: AnnieMac Home Mortgage 2. **Incident**: Data compromise due to a hacker attack 3. **Impact**: Over 171,000 individuals … Read more