In what seems to be a constant drip of headlines about large enterprises experiencing security incidents, the world most recently learned of a successful data infiltration of rideshare and delivery company Uber. In a blog update, Uber attributed the attack to the infamous Lapsus$ group that has made a name for itself over the past year with successful breaches of household names including Microsoft, Rockstar Games, Samsung, Nvidia, Ubisoft, and Okta.

In the context of digital onboarding, demographic features such as ethnicity, age, gender, socioeconomic circumstances, and even camera/device quality might affect the software’s capacity to match one face to a database of faces i.e. AI Bias. The quality and resilience of the underlying database in various sorts of surveillance might feed bias in the AI models. Biometrics are used in modern face recognition software to map facial traits from an image or video.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24.

All modern businesses must be prepared for a cyberattack. Cybercriminals can target your website, email network, API, or even your physical server — so is your security posture robust enough to withstand a sustained or advanced cyberattack? According to the Hiscox Cyber Readiness Report 2022, business cyber readiness scores have fallen by 2.6% over the last year. Mostly, this stems from a cybersecurity staff shortage, as well as declining governance and assurance.

As digital transformation opportunities are constantly expanding, cyber threats are becoming more dangerous day by day. And as a result of this, it’s getting increasingly harder to secure digital assets. Cybersecurity teams must constantly improve their nstrategy repertoire so that organizations do not face severe losses. Incident response strategies stand out as one of the most powerful weapons that can prevent cyber attacks.

In this article, you will learn about What is Microsoft Authenticode Code Signing Certificate? Do you need it? and How to Obtain MS Code Signing Certificate. Cyberattacks are one of the top threats to businesses. No matter if it was a decade ago or today, there is no report that says cyberattacks have decreased or something similar. Every year, various top firms present their findings about cybersecurity, and it is worse than last year.

Some organizations might think they’re saving money by not investing in proper cybersecurity solutions, but one data breach could bankrupt a company. In fact, the average cost of a data breach has reached an all-time high of $4.35 million, according to a 2022 report by IBM and the Ponemon institute. Companies must take measures to secure their data and avoid potentially dire financial consequences.

When you choose to work with a third party, there's always the risk that they will cause your business harm. The right tools can help you make better-informed decisions about the vendors you choose and spot problems before they occur. Third-party vendors are an important part of any business, but it's important for employers to understand what the risks are when working with these partners.

A focus of this year’s Cybersecurity Awareness Month theme – “See Yourself in Cyber” – are the simple actions that individuals and organizations can take to better protect themselves against cybercrime. Two of those steps are using strong passwords and enabling multi-factor authentication (MFA). It’s easy to see why.

Rclone is a data syncing tool often used by threat actors to exfiltrate data during a ransomware attack. Typically, the actors deploy Rclone after gaining remote access to the victim’s network. However, recently, Kroll experts have noted the use of Rclone in M365, using credentials stolen through network compromises or phishing attacks with minimal privileges to stealthily exfiltrate large amounts of SharePoint/OneDrive data.