Newspaper giant Lee Enterprises says nearly 40,000 Social Security numbers leaked in ransomware attack

/in

Lee Enterprises notified regulators in Maine of the impact on customer data after a ransomware attack in February that caused significant disruptions.

The Record from Recorded Future News – ​Read More

CrowdStrike’s former CTO on cyber rivalries and how automation can undermine security for early-stage startups

/in

“One of the biggest vulnerabilities in companies is actually humans,” Crowdstrike co-founder and former CTO Dmitri Alperovitch told TechCrunch in this week’s episode of Equity. “The more you automate, the more opportunities there are for people to find vulnerabilities in your system.” With the $50 billion Chinese AI market potentially slipping out of reach for […]

Security News | TechCrunch – ​Read More

OpenAI hits 3M business users and launches workplace tools to take on Microsoft

/in

OpenAI reaches 3 million paying business users with 50% growth since February, launching new workplace AI tools including connectors and coding agents to compete with Microsoft.Read More

Security News | VentureBeat – ​Read More

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

/in

Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce instances for large-scale data theft and subsequent extortion.
The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with

The Hacker News – ​Read More

Data breach at newspaper giant Lee Enterprises affects 40,000 people

/in

The ransomware attack paralyzed newspaper printing and disrupted operations at media outlets across the country for weeks.

Security News | TechCrunch – ​Read More

Beware of Device Code Phishing

/in

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.

darkreading – ​Read More

Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers

/in

A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.

The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.

SecurityWeek – ​Read More

Nearly 3,000 North Face website customer accounts breached as retail incidents continue

/in

The parent company of apparel brand The North Face sent data breach notification letters to about 3,000 customer accounts, saying attackers used the technique known as credential stuffing.

The Record from Recorded Future News – ​Read More

Mistral AI’s new coding assistant takes direct aim at GitHub Copilot

/in

Credit: VentureBeat made with Midjourney

Mistral AI launches enterprise coding assistant with on-premise deployment to challenge GitHub Copilot, targeting corporate developers with data sovereignty and AI model customization.Read More

Security News | VentureBeat – ​Read More

Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era

/in

Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications.
Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks

The Hacker News – ​Read More