DarkReading.com

"How AI is enhancing security in ride sharing."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 29 November 2024, 2302 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

160K followers44 articles per week#security#tech

24

Most popular

How AI Is Enhancing Security in Ridesharing

by Rachita Naik / 6h

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

Ransomware Gangs Seek Pen Testers to Boost Quality

2 TTPs

•

by Robert Lemos, Contributing Writer / 9h

Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

Blue Yonder hit by ransomware attack

•

20by Jai Vijayan, Contributing Writer / 4d

The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.

Nov 27, 2024

'Operation Undercut' Adds to Russia Malign Influence Campaigns

by Jai Vijayan, Contributing Writer / 2d

Just like Russia's Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.

Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday

6 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2d

•

Magento checkout pages hit by skimmer

A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card form or extracting data directly from payment fields.

How Learning to Fly Made Me a Better Cybersecurity CEO

by Yochai Corem / 2d

The lessons I've learned soaring through the skies have extended far beyond the runway.

Russian Script Kiddie Assembles Massive DDoS Botnet

17 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

News Desk 2024: The Rise of Cybersecurity Platforms

by Becky Bracken, Senior Editor, Dark Reading / 2d

Enterprise cybersecurity teams tell Omdia's Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model — but they are finding that tricky to pull off.

News Desk 2024: Can GenAI Write Secure Code?

by Becky Bracken, Senior Editor, Dark Reading / 2d

GenAI's 30%-50% coding productivity boost comes with a downside — it's also generating vulnerabilities. Veracode's Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

Microsoft Finally Releases Recall as Part of Windows Insider Preview

Microsoft Recall feature enters preview

•

2d

The preview version now includes multiple security-focused additions Microsoft had promised to add, such as SecureBoot, BitLocker, and Windows Hello.

Nov 26, 2024

Israel Defies VC Downturn With More Cybersecurity Investments

by Robert Lemos, Contributing Writer / 2d

With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.

8 Tips for Hiring and Training Neurodivergent Talent

by Joan Goodchild / 3d

Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to help these employees succeed?

'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor

3 TTPs

•

by Nate Nelson, Contributing Writer / 3d

•

CVE-2024-9680

The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.

Geico, Travelers Fined $11.3M for Lax Data Security

Valid Accounts (Enterprise T1078)

•

by Dark Reading Staff / 3d

•

GEICO Travelers fined 11M$ data breach

New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic.

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

7 TTPs

•

by Nate Nelson, Contributing Writer / 3d

The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.

AWS Rolls Out Updates to Amazon Cognito

by Jennifer Lawinski, Contributing Writer / 3d

Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable authentication solutions for their applications.

OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts

4 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 3d

Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.

CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls

3d

Protection ranged from 0.38% to 50.57% for security effectiveness.

CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce

3d

Findings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs

My Car Knows My Secrets, and I'm (Mostly) OK With That

by Kyle Hanslovan / 3d

Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision.

Nov 25, 2024

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

5 TTPs

•

by Becky Bracken, Senior Editor, Dark Reading / 4d

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.

Phishing Prevention Framework Reduces Incidents by Half

by Robert Lemos, Contributing Writer / 4d

The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.

Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network

14 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 4d

•

Russian hackers breach US Wi-Fi

In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.

Closing the Cybersecurity Career Diversity Gap

by Theresa Payton / 4d

Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.

End of feed