Data Breach Today
JUNE 16, 2023
Gamaredon Spreads Custom Backdoor Through Thumb Drives A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
The Last Watchdog
JUNE 16, 2023
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations. Related: Supply-chain hack ultimatum The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JUNE 16, 2023
New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
Dark Reading
JUNE 16, 2023
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
JUNE 16, 2023
Agency Alleges 1Health Deceived Consumers About How It Handled Sensitive Data A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JUNE 16, 2023
Forrester's Brian Wrozek on Poison AI Data, Cloud Complexity, Nation-State Threats The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.
Hunton Privacy
JUNE 16, 2023
On June 15, 2023, the UK Information Commissioner’s Office (“ICO”) called for businesses to address the privacy risks posed by generative artificial intelligence (“AI”) before “rushing to adopt the technology.” Stephen Almond, the ICO’s Executive Director of Regulatory Risk, said: “Businesses are right to see the opportunity that generative AI offers.
Data Breach Today
JUNE 16, 2023
Ransomware Attackers Sent $10M to Mining Services in Q1 2023, Up From $10K in 2018 Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage. More criminals are laundering their ill-gotten gains by re-minting the digital money through mining to sanitize funds and bypass controls imposed by more highly regulated financial institutions.
Dark Reading
JUNE 16, 2023
This new role safeguarding cloud deployments requires an exceedingly rare set of technical and soft skills.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JUNE 16, 2023
Fortified Health Security's Kate Pierce on Challenges for Small Healthcare Entities Cybercriminals are increasingly preying on small hospitals, often in rural communities, knowing that security defenses at these facilities are often much weaker than those at larger institutions, said Kate Pierce, a former longtime CIO and CISO at a 25-bed community hospital in Vermont.
Dark Reading
JUNE 16, 2023
Mobile users in the Middle East and Africa often download moneylending apps that ask for excessive permissions — an all too common issue in an area where mobile-only is the norm and cyber awareness is low.
Data Breach Today
JUNE 16, 2023
Venture Capital Firm Promises $51M Cash Infusion in Exchange for Alexander Leaving C5 Capital extended struggling threat detection firm IronNet a financial lifeline contingent on retired four-star Gen. Keith Alexander stepping down as CEO of the company he founded. The venture capital firm will inject $51 million if IronNet hires ex-Houghton Mifflin Harcourt CEO Linda Zecher.
Collibra
JUNE 16, 2023
A data schema is like a blueprint for a building. Similar to the way a blueprint outlines the design and specifications of a building, a schema defines the structure and organization of data. It gives a complete picture of your data warehouse or data lake, with details such as name, type, and format of data. What happens when these details change? Or when you lose one of the puzzle pieces from the complete picture?
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JUNE 16, 2023
How Automated API Discovery Tools Can Save You Time and Effort Manual API discovery is impossible due to the sheer number of APIs available, their constant changes, poor documentation, different formats and protocols, and different authentication and security requirements. Given these challenges, the solution is to use automated API discovery tools.
Security Affairs
JUNE 16, 2023
An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico. MalwareHunterTeam researchers first shared the hash for a GravityRAT sample via a tweet.
Dark Reading
JUNE 16, 2023
To properly secure DNS infrastructure, organizations need strong security hygiene around DNS infrastructure and records management as well as closely monitoring and filtering DNS traffic.
Security Affairs
JUNE 16, 2023
Progress Software addressed a third vulnerability impacting its MOVEit Transfer application that could lead to privilege escalation and information disclosure. Progress Software disclosed a new SQL injection vulnerability impacting its MOVEit Transfer application, it is the third issue fixed by the company after: CVE-2023-35036 (June 9, 2023) CVE-2023-34362 (May 31, 2023) “Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential un
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Schneier on Security
JUNE 16, 2023
I’m just back from the sixteenth Workshop on Security and Human Behavior , hosted by Alessandro Acquisti at Carnegie Mellon University in Pittsburgh. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The fifty or so attendees include psychologists, economists, computer security researchers, criminologists, sociologists, political scientists, designers, lawyer
Security Affairs
JUNE 16, 2023
British multinational oil and gas company Shell has confirmed that it has suffered a ransomware attack conducted by the Clop group. Oil and Gas giant Shell has confirmed that it is one of the victims of the recent large-scale ransomware campaign conducted by the Clop gang exploiting a MOVEit zero-day vulnerability Threat actors are actively exploiting the zero-day vulnerability, tracked as CVE-2023-34362 , to steal data from organizations worldwide.
Dark Reading
JUNE 16, 2023
Threat groups created a fake security company, "High Sierra," with faux exploits and fake profiles for security researchers on GitHub and elsewhere, aiming to get targets to install their malware.
Security Affairs
JUNE 16, 2023
DoJ charged a Russian national with conspiring to carry out LockBit ransomware attacks against U.S. and foreign businesses. The Justice Department announced charges against the Russian national Ruslan Magomedovich Astamirov (20) for his role in numerous LockBit ransomware attacks against systems in the United States, Asia, Europe, and Africa. The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
IG Guru
JUNE 16, 2023
The AI Cloud is built around Einstein, the company's flagship AI for CRM, that currently drives more than a trillion predictions per week across Salesforce's applications. It also features what Salesforce calls “a new benchmark for enterprise-grade secure generative AI” — the Einstein GPT Trust Layer, designed to bridge the trust gap associated with generative AI by ensuring that large-language models (LLMs) don’t hold onto sensitive customer data.
WIRED Threat Level
JUNE 16, 2023
The ransomware gang Clop exploited a vulnerability in a file transfer service. The flaw is now patched, but the damage is still coming into focus.
Dark Reading
JUNE 16, 2023
This first-ever event, hosted by the Security Industry Association and ASIS International and designed to advance, connect, and empower women in security, gathered hundreds of industry leaders in Nashville June 12-13, 2023.
IBM Big Data Hub
JUNE 16, 2023
Moving forward, all IBM DB2 on Cloud instances in Toronto and Sao Paulo must be moved to the multi-zone regions (MZRs). Multi-zone regions are a modernized approach to resource deployment that provide better resiliency, availability and consistent cloud services across different zones. They also provide higher interconnect speed between data centers for your resources.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
JUNE 16, 2023
The new privileged access management and secrets management capabilities tackles access issues and secret sprawl across the cloud environment.
Hunton Privacy
JUNE 16, 2023
On June 12, 2023, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted a response to the U.S. National Telecommunications and Information Administration’s (“NTIA’s”) Request for Comments (“RFC”) on Artificial Intelligence (“AI”) Accountability. The NTIA’s RFC solicited comments on AI accountability measures and policies that can demonstrate trustworthiness of AI systems.
Dark Reading
JUNE 16, 2023
Organizations need to prepare for security threats as summer holidays approach.
Expert insights. Personalized for you.
281 
Let's personalize your content