Custom search

This Week on TCE Cyberwatch: AI Rise, Government Crackdowns, and Global Cybercrime

The digital world continues to spin at breakneck speed, and this week's TCE Cyberwatch brings you the latest updates on

CyberNews

Google trial wraps, judge weighs landmark US antitrust claims

Google and the US Justice Department wrap up closing arguments over claims that parent company Alphabet unlawfully dominated web search and related advertising.

DarkReading

CISO Corner: Verizon DBIR Lessons; Workplace Microaggression; Shadow APIs

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: a Tech Tip on setting up DMARC, a DNS mystery from Muddling Meerkat, and a cybersecurity checklist for M&A transitions.

Security Magazine

Verizon 2024 Data Breach Report shows the risk of the human element

The 2024 Data Breach Investigations Report reveals the role that the human element plays in cyber threats, and security leaders are weighing in.

SecurityWeek

14 days ago

Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches

Verizon 2024 DBIR shows that vulnerability exploitation increased three times and confirmed data breaches doubled compared to 2023.

The Cyber Express

14 days ago

World Password Day: Top 10 Password Managers for Ultimate Digital Safety

In today's digital age, the necessity of strong and unique passwords has never been more critical. With cyber threats looming

Infosecurity News

15 days ago

Vulnerability Exploits Triple as Initial Access Point for Breaches

The growth of software supply chain attacks pushed vulnerability exploits to the third most used initial access method, Verizon found

CyberSecurity Dive

15 days ago

CVE exploitation nearly tripled in 2023, Verizon finds

Threat actors are going after critical security flaws in widely used applications, but human error is still at the root of business security woes.

DarkReading

Verizon DBIR: Basic Security Gaffes Cause Breach Surge

MOVEit drove a big chunk of the increase, but social engineering and failure to patch led to a doubling of data breaches since 2023, said Verizon Business.

SC Magazine

Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways

Vulnerability exploits, pure extortion and internal risks are on the rise, while AI threats fall short.

DarkReading

Wireless Carriers Face $200M FCC Fine As Data Privacy Waters Roil

Verizon, AT&T, and T-Mobile USA are being fined $200 million for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.

SecurityWeek

FCC Fines Wireless Carriers for Sharing User Locations Without Consent

The FCC slapped $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customer location data.

Infosecurity News

FCC Fines Carriers $200m For Selling User Location Data

Some of America’s biggest wireless carriers illegally sold customer location, says FCC

The Cyber Express

AT&T, Verizon, T-Mobile Slapped with $200 Million Fine Over Location Data Sharing

The Federal Communications Commission has fined the largest phone carriers in the country - AT&T, Sprint, T-Mobile and Verizon -

CyberNews

FCC slaps fines on wireless carriers for illegally selling location data

The largest US wireless carriers, AT&T, Sprint, T-Mobile, and Verizon, face nearly $200 million in fines.

The Hacker News

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024

The U.K. is the first country to ban default passwords on smart devices starting April 29, 2024. Manufacturers must provide unique passwords and secur

Security Affairs

The FCC imposes $200 million in fines on four US carriers

The FCC fined the largest U.S. wireless carriers $200 million for sharing customers' real-time location data without consent.

Bleeping Computer

17 days ago

FCC fines carriers $200 million for illegally sharing user location

The Federal Communications Commission (FCC) has fined the largest U.S. wireless carriers almost $200 million for sharing their customers' real-time location data without their consent.

Bleeping Computer

17 days ago

How to Protect Your Employees from Identity-Based Attacks

Identity-based attacks have become one of the most significant threats facing organizations today. Learn more from Specops Software on tactics used in these types of attacks and how to defend against them.

Krebs on Security

18 days ago

FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data

The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent.

The Record

18 days ago

FCC fines carriers $196 million for selling customer location data

T-Mobile, Verizon, AT&T and Sprint were caught peddling customers’ location data to so-called aggregators who then resold the information to third-party data brokers, the FCC said.

The Cyber Express

29 days ago

Cybersecurity Veteran Kim Larsen Appointed CISO of Keepit

Keepit, a global leader in SaaS data backup and recovery, has announced the appointment of Kim Larsen as its new

SC Magazine

Scammers offer cash to phone carrier staff to swap SIM cards

T-Mobile and Verizon workers report receiving text messages offering them up to $300 for each illegal SIM swap they complete.

Bleeping Computer

T-Mobile, Verizon workers get texts offering $300 for SIM swaps

Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps.

Bleeping Computer

How to make your web apps resistant to social engineering

There are things that you can do to make your web apps more resistant to social engineering. Learn more from Outpost24 on securing your web applications.

The Record

Sisense customers seek answers after breach announcement

“I was hoping for a more informative notification message than basically ‘reset your passwords,’” one Sisense customer said.

Security Affairs

US CISA published an alert on the Sisense data breach

Business intelligence software firm Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide

SecurityWeek

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets

CISA issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics services.

Bleeping Computer

CISA investigates critical infrastructure breach after Sisense hack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.

Bleeping Computer

CISA says Sisense hack impacts critical infrastructure orgs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.

The Record

Attack on data analytics company Sisense prompts alert from CISA

CISA urged all Sisense customers to reset credentials and data "potentially exposed to, or used to access, Sisense services." The company has a long list of prominent clients.

Bleeping Computer

US Health Dept warns hospitals of hackers targeting IT help desks

The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.

CyberNews

April 8th solar eclipse could strain electric grids, experts warn

The upcoming total solar eclipse on April 8th has sparked rumors of strained electric grids and jammed cellphone towers Is there any truth to the rumors?

Computerworld

Android 14 Upgrade Report Card: Predictable unpredictability

When it comes to Android upgrades, all device-makers are absolutely not equal — and this year's data reveals just how volatile their commitments can be.

Cyber Security News

Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest

The Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications […]

HACKRead

Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest

Silver Spring, United States / Maryland, April 3rd, 2024, CyberNewsWire

The Record

Automakers and FCC square off over potential regulations for connected cars

In recent letters obtained by Recorded Future News, automotive companies pushed back against inquiries from the FCC about whether everyday vehicles are so technologically advanced that they might be subject to new regulations.

The Record

AT&T confirms legitimacy of leak involving information of 73 million people

The data — which a hacker offered two weeks ago on a dark web market — appears to be from 2019 and earlier, the company said.

Security Affairs

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense.

CyberNews

FCC: internet providers to use new consumer labeling system

New FCC rules will require US broadband internet service providers to incorporate easy-to-read consumer labels detailing product costs and terms of service.

The Cyber Express

Empowering Excellence: The Cyber Express Celebrates the Top 100 Women in Cybersecurity

The world of cybersecurity has long been dominated by men, presenting women with numerous hurdles, from biases to systemic obstacles.

The Cyber Express

IntelBroker Interview: The Elusive Hacker in the Shadows Talks to The Cyber Express

IntelBroker, a shadowy figure in the cybersecurity world, has gained notoriety for a string of high-profile cyberattacks and subsequent data

SecurityWeek

AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack

AT&T says the massive outage to its US cellphone network on Thursday was not caused by a cyberattack as rumored.

CyberNews

AT&T services back up, cause of outage still unknown

AT&T wireless services are back up and running after an hours-long outage impacted thousands of Americans and triggered several federal agency investigations.

Bleeping Computer

Massive AT&T, Verizon, and T-Mobile outage impacts US customers

Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T have been complaining about lack of wireless service or interruptions on Thursday morning.

Bleeping Computer

Massive AT&T outage impacts US mobile subscribers

Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T have been complaining about lack of wireless service or interruptions on Thursday morning.

Ars Technica

70,000 AT&T customers are without service across the US

Cause of outage is unknown, but some suspect it's network-to-network "peering."

The Cyber Express

UAE Telecom Giant ETISALAT Hit by LockBit, $100K Demanded for Data Release

ETISALAT, the state-owned Emirates Telecommunications Group Company PJSC in the UAE, is reportedly grappling with a ransomware assault attributed to

Cyber Security News

10 Best Secure Network As a Service for MSP Providers - 2024

Secure Network As a Service for MSP: 1. Perimeter 81 2. Cloudflare 3. Netskope 4. VMware 5. Palo Alto Networks 6. Aarna Networks.

Bleeping Computer

FCC orders telecom carriers to report PII data breaches within 30 days

Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements.

DataBreaches

Verizon insider data breach affects over 63,000 employees

Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees. According...

SecurityWeek

Verizon Discloses Internal Data Breach Impacting 63,000 Employees

Verizon is informing 63,000 employees that their personal information was exposed in an internal data breach.

The Cyber Express

Verizon Faces Yet Another Data Breach: 63,000 Employees Affected

Verizon, one of the largest telecommunication giants in the United States, finds itself embroiled in yet another data breach saga,

CSO

Verizon employee compromises personal data of 63,000 colleagues

The compromised personal information includes names, addresses, Social Security Number or other national identifier, gender, union affiliation, date of birth, and compensation information.

SC Magazine

Internal Verizon breach exposed personal data of 63K employees

The company said there was no evidence PII spilled outside the organization after a staff member gained unauthorized access to a file.

DarkReading

Verizon Employee Data Exposed in Insider Threat Incident

Tens of thousands of workers are affected by a fellow employee dipping into files that include everything from SSNs and names to union status and compensation data.

Bleeping Computer

Verizon insider data breach hits over 63,000 employees

Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information.

CyberNews

Verizon employee inadvertently leaks data of 63 thousand colleagues

Verizon, one of the largest American telecommunications companies, has disclosed a data breach impacting 63,206 individuals.

Cyber Security News

The Security Dimensions of Adopting LLMs

The incredible capabilities of LLM (Large Language Models) enable organizations to engage in various useful activities.

The Record

4 months ago

FCC presses carmakers, wireless providers to protect domestic abuse survivors from stalking tools

The agency requested information on how the companies help survivors to "disconnect from abusers" and their handling of geolocation data.

DarkReading

4 months ago

10 Years After Yahoo, What’s Changed? (Not Much)

Yahoo customers suffered the largest data breaches in history by some measures. But a decade on, experts warn, we still haven't learned our lesson.

PCMag

Google Maps Location Data to Be Stored on Your Device, Not the Cloud

If you later choose a cloud backup for your location history, it will be encrypted end-to-end so no one, not even Google, can access it without your involvement.

The Record

FCC reminds mobile phone carriers they must do more to prevent SIM swaps

The FCC warning comes on the heels of a Cyber Safety Review Board report about the Lapsus$ cybercrime group.

SecurityWeek

Apple Commissions Data Breach Study to Highlight Need for End-to-End Encryption

A study commissioned by Apple shows that 2.6 billion personal data records were compromised in breaches in the past two years.

CyberNews

Report: Apple and Paramount consider bundling streaming services

In a bid to attract and keep picky subscribers, Apple and Paramount are discussing the possibility of offering consumers a bundle of their respective streaming services.

The Cyber Express

General Electric Data Breach: Hacker Claims Sale of Leaked GE Information

The notorious hacker, operating under the alias IntelBroker, has purportedly claimed to have successfully sold a collection of allegedly stolen

The Record

Google network displayed ads on sanctioned websites, report shows

The Google Search Partners network showed ads from corporations and government agencies on sites belonging to sanctioned Iranian and Russian entities, according to a report from Adalytics.

The Hacker News

How Hackers Phish for Your Users' Credentials and Sell Them

Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea

CSO

GE investigates alleged data breach into confidential projects: Report

General Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker.

CyberNews

6 months ago

Netflix, Warner Bros partner with Verizon to offer discounted streaming bundle

Verizon is planning to offer the ad-supported versions of Netflix and Warner Bros Discovery's Max streaming services for a combined $10 a month instead of around $17.

Bleeping Computer

6 months ago

Your end-users are reusing passwords – that’s a big problem

Password reuse is a difficult vulnerability for IT teams to get full visibility over. Learn more from Specops Software on how to mitigate the risk of compromised credentials.

Infosecurity News

6 months ago

Forrester: GenAI Will Lead to Breaches and Privacy Fines in 2024

Analyst warns that risks of using the technology will become apparent

Bleeping Computer

7 months ago

Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day

More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198.

Bleeping Computer

7 months ago

Nigerian man pleads guilty to attempted $6 million BEC email heist

Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire fraud and money laundering through business email compromise (BEC).

The Record

7 months ago

T-Mobile denies rumors of a breach affecting employee data

T-Mobile attributed a leak, which didn't affect company data, to an April attack on an independent retailer.

Bleeping Computer

MGM Resorts ESXi servers allegedly encrypted in ransomware attack

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.

Bleeping Computer

MGM casino's ESXi servers allegedly encrypted in ransomware attack

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.

CSO

ImmuniWeb releases Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknesses

The automated solution features DAST, SAST, and SCA scanning capacities.

Ars Technica

T-Mobile unveils $100 phone plan, topping AT&T and Verizon’s highest prices

T-Mobile isn't trying to beat AT&T and Verizon on price anymore.

The Hacker News

What's the State of Credential theft in 2023?

83% of breaches in 2023 fueled by stolen credentials! Uncover the latest attacker tactics and fortify your defenses against this escalating threat.

CyberSecurity Dive

Lock your doors to Kerberos golden ticket attacks

Golden Ticket attacks hit the Key Distribution Service Account of the KDC, here's how to stop them.

SecurityWeek

Don’t Expect Quick Fixes in ‘Red-Teaming’ of AI Models. Security Was an Afterthought

Current AI models are simply too unwieldy, brittle and malleable, academic and corporate research shows.

SecurityWeek

Automated Security Control Assessment: When Self-Awareness Matters

Automated Security Control Assessment enhances security posture by verifying proper, consistent configurations of security controls.

The Record

US ‘lagging behind’ on Border Gateway Protocol security practices, CISA and FCC chiefs say

The U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently.

Infosecurity News

Industry Coalition Calls For Enhanced Network Resilience

Alliance wants to improve visibility and patching

CSO

Network Resilience Coalition launches to improve patch, vulnerability management

Coalition aims to enhance hardware and software security with founding members including cybersecurity vendors Cisco and Fortinet as well as BT Group and VMware

Bleeping Computer

Threat Actors are Targeting Your Web Applications – Here’s How To Protect Them

Orgs must take proactive measures to safeguard their web applications and eliminate weak points. Learn more from Outpost24 on these threats, attack strategies, and the steps you can take to protect your web applications.

Infosecurity News

How Cyber Threat Intelligence Practitioners Should Leverage Automation and AI

The Cyber Threat Intelligence Summit discussed how automation and generative AI could help CTI practitioners tackle the overload of data they have to process

Ars Technica

Microsoft 365’s Copilot assistant for businesses comes with a hefty price tag

Copilot runs $30 per user per month on top of your existing Microsoft 365 plan.

Ars Technica

AT&T stock fell to 29-year low on Friday and sank another 6.7% today

AT&T, Verizon, Frontier, and Lumen all get hammered after lead-cable reports.

DarkReading

Mobile Cyberattacks Soar, Especially Against Android Users

The number of malware samples is up as attackers aim to compromise users where they work and play: Their smartphones.

CyberSecurity Dive