Data Breach Today
JUNE 13, 2023
Akamai: Rapid Digitalization, Flawed Code Led to 14 Billion Attacks in Past Year Hackers hit the e-commerce industry with 14 billion attacks in 15 months, pushing it to the top of the list of targets for web application and API exploits. A new Akamai report blames digitalization and the wide range of vulnerabilities hackers can exploit in web applications.
Krebs on Security
JUNE 13, 2023
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JUNE 13, 2023
St. Margaret's Health Is Permanently Shutting Hospitals and Clinics A rural Illinois medical system will shut down on Friday partly due to fallout from a 2021 ransomware incident as the toll of a wave of extortionate malware exacts rising costs from the healthcare industry. "These problems have no end in sight," said Mike Hamilton of security firm Critical Insight.
Dark Reading
JUNE 13, 2023
Threat actors have grown increasingly sophisticated in applying social engineering tactics against their victims, which is key to this oft-underrated cybercriminal scam's success.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
JUNE 13, 2023
Online Music Streamer Will Appeal Decision From Swedish Data Protection Authority Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JUNE 13, 2023
Tesserent's $125.1M Business Will Extend Thales' Services Capabilities in Australia A French conglomerate will buy Australia's largest publicly traded cybersecurity company to expand its cyber service delivery capability in the high-growth Oceania market. The Tesserent deal will help Thales to accelerate its development road map and boost its footprint in Australia and New Zealand.
Security Affairs
JUNE 13, 2023
St. Margaret’s Health in Illinois is partly closing operations at its hospitals due to a 2021 ransomware attack that impacted its payment system. In February 2021a ransomware attack hit the St. Margaret’s Health in Illinois and forced the organization to shutdown of IT infrastructure at the Spring Valley hospital to contain the threat. The cyber attack did not impact the Peru branch because it relies on a separate infrastructure The payment system was taken offline for months, which caused delay
Data Breach Today
JUNE 13, 2023
Mihai Ionut Paunescu Provided 'Bulletproof Hosting' for Trojans Mihai Ionut Paunescu, who hosted "bulletproof" infrastructure for malware, received a prison sentence of 36 months. His sentencing concludes a 10-year effort by prosecutors against a trio of hackers who created and distributed the Gozi banking Trojan.
Security Affairs
JUNE 13, 2023
A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular hacking forum on June 10, 2023. Zacks is the leading investment research firm focusing on stock research, analysis, and recommendations.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Dark Reading
JUNE 13, 2023
While protecting critical infrastructure seems daunting, here are some critical steps the industry can take now to become more cyber resilient and mitigate risks.
Security Affairs
JUNE 13, 2023
Microsoft Patch Tuesday security updates for June 2023 fixed 69 flaws in its products, including six critical issues. Microsoft Patch Tuesday security updates for June 2023 fixed 69 vulnerabilities in multiple products, including Microsoft Windows and Windows Components; Office and Office Components; Exchange Server; Microsoft Edge (Chromium-based); SharePoint Server; NET and Visual Studio; Microsoft Teams; Azure DevOps; Microsoft Dynamics; and the Remote Desktop Client.
IBM Big Data Hub
JUNE 13, 2023
Can security teams keep up with attack surface risks without automated processes? Survey data indicates that the answer is no. In a 2023 survey of IT and cybersecurity professionals , nearly three-quarters (72%) said attack surface discovery alone takes more than 40 person-hours to complete. That does not include the additional time it takes for security teams to analyze the discovery data, prioritize actions and mitigate risks.
Security Affairs
JUNE 13, 2023
Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. “A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafte
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
WIRED Threat Level
JUNE 13, 2023
Fresh claims from a former US intelligence officer about an “intact” alien craft may get traction on Capitol Hill, where some lawmakers want to believe.
Security Affairs
JUNE 13, 2023
Malware researchers analyzed the application of Large Language Models (LLM) to malware automation investigating future abuse in autonomous threats. Executive Summary In this report we shared some insight that emerged during our exploratory research, and proof of concept, on the application of Large Language Models to malware automation, investigating how a potential new kind of autonomous threats would look like in the near future.
eSecurity Planet
JUNE 13, 2023
Microsoft’s Patch Tuesday for June 2023 addresses 78 vulnerabilities, a significant increase from last month’s total of 37. While six of the flaws are critical, Microsoft says none are currently being exploited in the wild. The six critical vulnerabilities are as follows: CVE-2023-24897 , a remote code execution vulnerability in.NET,NET Framework, and Visual Studio, with a CVSS score of 7.8 CVE-2023-29357 , an elevation of privilege vulnerability in Microsoft SharePoint Server, with
IG Guru
JUNE 13, 2023
Please join us for our next Chapter Meeting (via Webinar) on Wednesday, June 21, 2023 from 12:00 – 1:00 Pacific Standard Time. Planning your IG Compliance Roadmap Achieving IG compliance is a journey that can’t be completed without a roadmap.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
JUNE 13, 2023
Vendors and buyers both have the power to make the industry a better place. What's needed is more collaboration, mutual support, and respect.
Jamf
JUNE 13, 2023
App installers, already an indispensable tool for Apple admins to automate and streamline deployment and updates of third-party apps, has added new functionality Jamf Nation has been clamoring for: deployment via Self Service and end-user notification customization.
Dark Reading
JUNE 13, 2023
Threat actors have created over 3,000 domains, some as old as two years, to lure in customers to false, name brand websites for personal financial gain.
KnowBe4
JUNE 13, 2023
As government-sponsored and widespread vulnerability attacks continue to result in larger damages, cyber insurers are looking for opportunities to still meet demand without incurring risk.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Schneier on Security
JUNE 13, 2023
The New York Times has a long article on the investigative techniques used to identify the person who stabbed and killed four University of Idaho students. Pay attention to the techniques: The case has shown the degree to which law enforcement investigators have come to rely on the digital footprints that ordinary Americans leave in nearly every facet of their lives.
Security Affairs
JUNE 13, 2023
UK communications regulator Ofcom suffered a data breach after a Clop ransomware attack exploiting the MOVEit file transfer zero-day. UK’s communications regulator Ofcom disclosed a data breach after a Clop ransomware attack. The threat actors exploited the zero-day flaw ( CVE-2023-34362 ,) in MOVEit file transfer and access the infrastructure of the regulator.
KnowBe4
JUNE 13, 2023
CyberheistNews Vol 13 #24 | June 13th, 2023 [The Mind's Bias] Pretexting Now Tops Phishing in Social Engineering Attacks The New Verizon DBIR is a treasure trove of data. As we will cover a bit below, Verizon reported that 74% of data breaches Involve the "Human Element," so people are one of the most common factors contributing to successful data breaches.
Dark Reading
JUNE 13, 2023
The average cost of a data breach is $4.35 million. Understand the power of public key infrastructure (PKI) and its role in encrypting data and battling breaches.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
KnowBe4
JUNE 13, 2023
What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to improve your organization’s authentication methods?
Hunton Privacy
JUNE 13, 2023
On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”). The Guidance provides principles that banking organizations should consider when developing and implementing risk management practices for all stages in the life cycle of third-party relationships.
KnowBe4
JUNE 13, 2023
Ransomware attacks are as pervasive as ever, with new data demonstrating just how impactful the attacks really are.
Expert insights. Personalized for you.
277 
Let's personalize your content