Data Breach Today
JUNE 28, 2023
Researchers Say Routers, Access Points, Firewalls, VPNs Could Expose Federal Data Security researchers at Censys found hundreds of federally owned devices at 50 different agencies exposed to the internet, accessible through IPv4 addresses and loaded with potentially vulnerable MOVEit and Barracuda Networks' ESG software. The vulnerabilities violate new CISA policy, the firm said.
John Battelle's Searchblog
JUNE 28, 2023
Welcome to the hellscape of “Made for Advertising” sites This past Monday NewsGuard , a journalism rating platform that also analyzes and identifies AI-driven misinformation, announced it had identified hundreds of junk news sites powered by generative AI. The focus of NewsGuard’s release was how major brands were funding these spam sites through the indifference of programmatic advertising, but what I found interesting was how low that number was – 250 or so sites.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JUNE 28, 2023
Patient Information Left Unsecured on Network Server, HHS Says A firm that provides coding and billing services to healthcare entities has agreed to pay federal regulators a $75,000 fine and implement a corrective action plan in the wake of an exfiltration incident that compromised patient data contained in an unsecured network server.
eSecurity Planet
JUNE 28, 2023
Penetration tests are vital components of vulnerability management programs. In these tests, white hat hackers try to find and exploit vulnerabilities in your systems to help you stay one step ahead of cyberattackers. Because these tests can use illegal hacker techniques, pentest services will sign a contract detailing their roles, goals, and responsibilities.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
JUNE 28, 2023
Startup Helps Clients Control, Govern Corporate Data Without Remote Virtual Desktop Venn Software landed Series A funding to help businesses ensure the security and compliance of data on laptops they don't necessarily manage or own. The $29 million will enable firms to control and govern corporate data on worker-owned devices without forcing users to launch remote virtual desktops.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JUNE 28, 2023
Cleveland Safety-Net Healthcare Organization Says Employee 'Disciplined' for Breach A Cleveland-based healthcare system is notifying a not-yet-disclosed number of individuals about an incident involving unauthorized medical records access by an employee that continued for 15 years. The safety-net organization says the worker has been disciplined.
Security Affairs
JUNE 28, 2023
SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo Soko, collectively tracked as CVE-2023-28424 (CVSS score: 9.1) [ 1 ],[ 2 ], that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems. “The two package search handlers, Search and SearchFeed, implemented in pkg/app/handler/packages/search.go, are affected by a SQL injection
Data Breach Today
JUNE 28, 2023
Hackers Evolve Tactics to Focus on Espionage, Not Destruction, State Agency Says Cyberattackers have hit Ukraine's critical infrastructure over 3,000 times since the beginning of the Russian invasion in 2022, according to Ukraine's national incident response team, which warned that such attacks may continue for years even after the fighting on the ground is over.
Security Affairs
JUNE 28, 2023
Electromagnetic fault injection (EMFI) attacks on drones can potentially allow attackers to achieve arbitrary code execution and take over them. While the use of drones continues to grow, researchers from IOActive analyzed how to develop fault injection attacks against hardened Unmanned Aerial Vehicles (UAVs). The experts focused on achieving code execution on a commercially available drone, supporting significant security features (i.e. the use of signed and encrypted firmware, Trusted Executio
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JUNE 28, 2023
Cisco connected the world; who better to defend it? This is the mindset Carlos Diaz brings to the new Cisco XDR release, which he says is designed to make cybersecurity defenders' lives easier. The message that defenders should draw from this XDR solution, he says, is "Cisco knows me.
KnowBe4
JUNE 28, 2023
A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.
Data Breach Today
JUNE 28, 2023
Cash Will Allow Astrix to Bring Threat Detection, Secure Access to Third-Party Apps A finalist at this year's RSA Innovation Sandbox contest landed Series A funding to detect threats and secure access for nonhuman identities. The $25 million will enable Astrix Security to expand from managing access for nonhuman identities to understanding threats to services and applications.
Dark Reading
JUNE 28, 2023
The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JUNE 28, 2023
ENISA Chief Says Lack of Appropriate Funding Continues to Be a Challenge The European cyber agency continues to remain underfunded despite the surge in ransomware and other cyberthreats, the organization's chief said in a recent hearing. The ENISA chief called on the European Commission to hold regulatory consultations to address the existing policy gaps.
Dark Reading
JUNE 28, 2023
Generative AI chatbots like ChatGPT are the buzziest of the buzzy right now, but the cyber community is starting to mature when it comes to assessing where it should fit into our lives.
Data Breach Today
JUNE 28, 2023
Online Safety Bill Also Criticized by Leading Cybersecurity Experts and Academics Technology giant Apple has joined the chorus of voices calling on the British government to rethink its proposed Online Safety Bill legislation intended to increase public safety by monitoring people's private communications via client-side scanning.
Security Affairs
JUNE 28, 2023
Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The experts observed a massive spike in activity associated with this threat actor between May and June 2023.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
JUNE 28, 2023
With at least 13,000 compromised devices in the data leak, it is still unknown who the threat actor is or whether or not victims will be personally notified.
IBM Big Data Hub
JUNE 28, 2023
Slow productivity can be defined as working at a slower pace on fewer tasks at a time to increase workplace productivity and satisfaction. The trend toward slow productivity is for businesses and employees to rethink what productivity looks like and create an environment where quality of work is emphasized over quantity of work. In his book Rest: Why You Get More Done When You Work Less , Silicon Valley consultant Alex Soojung-Kim Pang describes taking a working sabbatical where he got an enormo
Dark Reading
JUNE 28, 2023
Developers' enthusiasm for ChatGPT and other LLM tools leaves most organizations largely unprepared to defend against the vulnerabilities that the nascent technology creates.
Schneier on Security
JUNE 28, 2023
The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy. (LetMeSpy claims to delete data after two months of account inactivity.) […] The database also contained over 13,400 location data points for several thousand v
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
JUNE 28, 2023
Saudi Arabia is one of the world's leaders in cybersecurity development and preparedness, according to the latest rankings.
Record Nations
JUNE 28, 2023
Homes and businesses are turning to digitization for better preservation and organization of their documents. Digital documents are easy to track, find, update, and share. Whether you have small or large volumes of files, you can digitize those documents quickly, and have them ready to use in no time. . Documents of all kinds can. How to Digitize Documents The post How to Digitize Documents appeared first on Record Nations.
Dark Reading
JUNE 28, 2023
With the National Cybersecurity Strategy planning to add real teeth into enforcement actions, software vendors have extra incentive to reduce applications' security debt.
KnowBe4
JUNE 28, 2023
In the most recent Cyber Threat report from the National Cyber Security Centre (NCSC), it is clear that UK law firms are a gold mine for cybercriminals.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
JUNE 28, 2023
New LLM-based projects typically become successful in a short period of time, but the security posture of these generative AI projects are very low, making them extremely unsafe to use.
WIRED Threat Level
JUNE 28, 2023
Scammers use a booking technicality, traveler confusion, and promises of dirt-cheap tickets to offer hot deals that are anything but.
Dark Reading
JUNE 28, 2023
The investment will allow enterprises to further secure non-human identities and safely leverage the soaring adoption of third-party apps and Generative AI services.
Expert insights. Personalized for you.
289 
Let's personalize your content