October 2024

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials – The Hacker News

October 20, 2024

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials.…

Cyber Hacker News

Acronym Overdose – Navigating the Complex Data Security Landscape – The Hacker News

October 19, 2024

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for…

Cyber Hacker News

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks – The Hacker News

October 19, 2024

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of…

Cyber Dark Reading

MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data – Dark Reading

October 18, 2024

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well. – Read More

Cyber Dark Reading

Time to Get Strict With DMARC – Dark Reading

October 18, 2024

Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.…

Cyber Dark Reading

CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches – Dark Reading

October 18, 2024

A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches. –…

Cyber Dark Reading

ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise – Dark Reading

October 18, 2024

The security firm is denying an assessment that its systems were compromised in Israel by pro-Palestinian cyberattackers, but acknowledged an attack on one of its partners. – Read More

Cyber Dark Reading

Vulnerabilities, AI Compete for Software Developers’ Attention – Dark Reading

October 18, 2024

This year, the majority of developers have adopted AI assistants to help with coding and improve code output, but most are also creating more vulnerabilities that take longer to remediate.…

CSO Online Cyber

3 key considerations when evaluating GenAI solutions for cybersecurity – CSO Online

October 18, 2024

At the start of this year, I shared my view that 2024 would be when security practitioners bridge the cyber divide – the use of artificial intelligence (AI) for cybersecurity…

IT news Legal IT Insider

Charting Change in Legal Podcast Episode 31 – Listen Here! – Legal IT Insider

October 18, 2024

In this 31st episode of Charting Change in Legal, Caroline Hill, editor and publisher of Legal IT Insider, and industry analyst Ari Kaplan discussed ClioCon; the importance of putting culture…

Cyber Dark Reading

Supply Chain Cybersecurity Beyond Traditional Vendor Risk Management – Dark Reading

October 18, 2024

Traditional practices are no longer sufficient in today’s threat landscape. It’s time for cybersecurity professionals to rethink their approach. – Read More

Cyber Hacker News

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data – The Hacker News

October 18, 2024

North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in…

Law Gazette Legal News

Data page – October 2024 – Law Gazette – Features

October 18, 2024

The latest data page figures, compiled by Moneyfacts, are now available. – Read More

Cyber Krebs

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Security

October 18, 2024

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking…

CSO Online Cyber

The Google Meet error you last saw could be someone trying to hack your system – CSO Online

October 18, 2024

Windows and Mac users are being targeted by a new social engineering campaign, ClickFix, that uses fake Google Meet landings for planting info-stealing malware onto victim systems. According to a…

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials – The Hacker News

Acronym Overdose – Navigating the Complex Data Security Landscape – The Hacker News

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks – The Hacker News

MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data – Dark Reading

Time to Get Strict With DMARC – Dark Reading

CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches – Dark Reading

ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise – Dark Reading

Vulnerabilities, AI Compete for Software Developers’ Attention – Dark Reading

3 key considerations when evaluating GenAI solutions for cybersecurity – CSO Online

Charting Change in Legal Podcast Episode 31 – Listen Here! – Legal IT Insider

Supply Chain Cybersecurity Beyond Traditional Vendor Risk Management – Dark Reading

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data – The Hacker News

Data page – October 2024 – Law Gazette – Features

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Security

The Google Meet error you last saw could be someone trying to hack your system – CSO Online

You Missed

OneSearch partners with 4Stamp to eliminate SDLT risk and streamline transactions – Legal Futures

8 (more) things law school doesn’t teach you – Legal Cheek

Exclusive: Legl strengthens global leadership team with trio of senior hires – Legal IT Insider

Warum Microsoft-365-Konfigurationen geschützt werden müssen – CSO Online