“Vulnerabilities that are known to work are a good first bet for a threat actor to try. Attackers are using them because they’re still working.” Bombarding SMBs with exploits for possibly unpatched flaws was simply the easiest way to find the laggards among organizations whose patching routines are not always rigorous. The bigger question, then,…
Read MoreAlthough 55% of organizations are currently piloting or using a generative AI (GenAI) solution, securely deploying the technology remains a significant focus for cyber leaders. A recent ISMG poll of business and cybersecurity professionals revealed that some of the top concerns around GenAI implementation include data security or leakage of sensitive data, privacy, hallucinations, misuse…
Read MoreThe U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including AT&T, Sprint, T-Mobile and Verizon — for illegally sharing access to customers’ location information without consent. The fines mark the culmination of a more than four-year investigation into the actions of the major carriers. In…
Read More‘While bidding farewell is bittersweet, I am thrilled to announce my transition to Juniper Networks, where I am eager to embark on the next wave of innovation with AI at the forefront,’ says new Juniper Networks Area Vice President of Enterprise Sales Chad Romero. Juniper Networks has hired away another Cisco sales veteran as it…
Read MoreA new cluster of activity tracked as “Muddling Meerkat” is believed to be linked to a Chinese state-sponsored threat actor’s manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023. A notable aspect of Muddling Meerkat’s activity is the manipulation of MX (Mail Exchange) records by injecting…
Read MoreThe Federal Communications Commission (FCC) has fined the largest U.S. wireless carriers almost $200 million for sharing their customers’ real-time location data without their consent. FCC’s forfeiture orders finalize Notices of Apparent Liability (NAL) issued against AT&T, Sprint, T-Mobile, and Verizon in February 2020. The fines imposed on Monday include $12 million for Sprint and $80 million for T-Mobile (the two carriers have merged since the investigation began), more…
Read More10web — form_maker_by_10web_-_mobile-friendly_drag_&_drop_contact_form_builder The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user’s display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…
Read MoreApr 29, 2024NewsroomMobile Security / Hacking Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from…
Read MoreDouglas Brush, a special master with the US federal courts and the chief visionary officer for Accel Consulting who is not working on the Marriott case, said this twist from Marriott has potentially serious implications for the enterprise. Beyond Marriott, it illustrates some of the dangers associated with any false claims in a breach case.…
Read More‘One of the things we’ve been really pushing out there is becoming that chief AI strategist … just like a virtual CISO, we’re that virtual person that is out there coming in to assess, making sure you get all your ducks in a row. And then as you go down that path, really handholding you,…
Read More