September 13, 2024 at 03:01PM DNA testing company 23andMe has agreed to a $30 million settlement in response to a lawsuit involving a data breach affecting 6.4 million customers. The settlement includes cash payments and enhanced security measures. The breaches were due to unauthorized access and credential-stuffing attacks, leading to leaked data and subsequent class-action … Read more
September 9, 2024 at 10:16AM Today’s organizations face a range of sophisticated cyber threats, including brute force attacks. While lacking finesse, these attacks rely on persistence and can leave well-defended systems vulnerable. Various brute force techniques are used, exploiting weak password practices and predictable patterns. To defend against these attacks, organizations should enforce robust password … Read more
August 8, 2024 at 10:06AM AI technology is increasingly vital for businesses but presents challenges in data privacy and bias. Collaborative efforts from security, governance, and privacy teams are crucial in implementing safeguards. Security teams should focus on infrastructure hardening, alerting, monitoring and employee training. Governance teams should evaluate ethical implications and educate employees. Privacy … Read more
July 2, 2024 at 10:07AM Schools and libraries globally face a rise in cybersecurity threats, with 29% of U.S. K-12 schools having been attacked, according to the Center for Internet Security. Johnathan Kim, from Woodland Hills School District, discusses the challenges and vulnerabilities schools encounter, emphasizing the need for robust cybersecurity measures and staff education … Read more
February 14, 2024 at 11:39AM North Korean hackers breached the personal emails of a South Korean President’s staff member before his Europe trip. The cyberattack only affected the staff member’s personal account, and security protocols were violated by using commercial email services for official duties. Yoon’s office detected the breach in advance and ensured overall … Read more
January 3, 2024 at 10:08AM The rise in corporate espionage underscores the need to safeguard sensitive corporate information. Implementing five key strategies can help prevent and mitigate such risks: insist on nondisclosure agreements, know and control trade secrets, perform due diligence, train employees, and promptly investigate suspected activity. This multifaceted approach enhances protection against corporate … Read more
October 14, 2023 at 02:48AM Microsoft plans to eliminate NT LAN Manager (NTLM) in Windows 11, focusing instead on strengthening the Kerberos authentication protocol. New features in Windows 11 include Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos. NTLM has vulnerabilities that make it susceptible to … Read more