Data Breach Today
OCTOBER 5, 2023
Critical Privilege Escalation Bug Helps Create Admin Accounts Hackers have weaponized a zero-day in a popular workspace collaboration tool to create administrator accounts and gain unrestricted access to their on-premises instances of the software, Atlassian's Confluence Data Center and Server products, which serves millions of daily active users.
The Last Watchdog
OCTOBER 5, 2023
Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information from Google and dozens of privacy-breaching websites. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
OCTOBER 5, 2023
2020 Ransomware Incident Affected 13,000 Customers, Millions of Individuals Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
The Last Watchdog
OCTOBER 5, 2023
Worcester, Mass., Oct. 5, 2023 – Today, the Healey-Driscoll Administration kicked off Cybersecurity Month in Massachusetts with the announcement of $1,136,911 in funding to develop a new cybersecurity training center at MassBay Community College and support the existing center at Bridgewater State University. The grants are part of the state’s SOC/Range Initiative, a program managed by MassTech’s MassCyberCenter that aims to help build a diverse generation of cybersecurity professionals thro
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
OCTOBER 5, 2023
The Question is Also One for the Legal Team to Own, Says Uber's Former CSO Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
OCTOBER 5, 2023
Phishing Campaign Pushing Knight Ransomware Continues Despite FBI Disruption What do "bank transfer request.lnk" and "URGENT-Invoice-27-August.docx.lnk" have in common? Both are the names of malicious files being sent as part of a phishing campaign attributed to the Qakbot botnet group that's continued despite law enforcement disrupting Qakbot's operations in late August.
Dark Reading
OCTOBER 5, 2023
A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.
Data Breach Today
OCTOBER 5, 2023
Also, Apple and Qualcomm Issue Emergency Patches This week, Bitsight found a lot of internet-exposed industrial control systems, Apple issued new patches, Sony confirmed a data breach, Google and Yahoo tackled spam, Qualcomm patched three zero-days, Cisco revealed zero-day exploits in VPN, and the FBI warned of twin attacks.
Security Affairs
OCTOBER 5, 2023
Belgian intelligence agency State Security Service (VSSE) fears that Chinese giant Alibaba is spying on logistics to gather financial intelligence. The Belgian intelligence service VSSE revealed that is investigating potential cyber espionage activities carried out by Chinese firms, including the Alibaba Group Holding, at a cargo airport in Liege. According to the Financial Times , Alibaba has located its main European logistics centre at Liege Airport and the VSSE was working to “detect a
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
OCTOBER 5, 2023
Subsidiary IPO Will Split High-Growth IoT Unit From Low-Growth Cybersecurity Unit BlackBerry will split its $418 million cybersecurity business and $206 million IoT business into separate, independently operated entities following a strategic review that lasted five months. The split will help shareholders clearly evaluate the performance and future potential of each business.
Security Affairs
OCTOBER 5, 2023
The U.S. CISA added JetBrains TeamCity and Windows vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBrains TeamCity flaw CVE-2023-42793 (CVSS score: 9.8) and Windows bug CVE-2023-28229 (CVSS score: 7.0) to its Known Exploited Vulnerabilities Catalog. Below are the descriptions of the two vulnerabilities: CVE-2023-42793 JetBrains TeamCity Authentication Bypass Vulnerability.
Data Breach Today
OCTOBER 5, 2023
Also: Crypto Q3 Losses; China Companies Use Digital Assets to Distribute Drugs This week, the FTX hacker moved more than $100 million of funds as the trial of the company's former CEO begins; crypto losses in the third quarter of this year were $685.5 million; and the DOJ said that China uses crypto to hide funds and identities in its illicit drug operations.
Dark Reading
OCTOBER 5, 2023
Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
OCTOBER 5, 2023
Sen. Bill Cassidy Considering Sector Feedback on Recent RFI America's largest hospital lobbying group says Congress should pressure health regulators into retracting a warning that online trackers embedded into patient portals could violate medical privacy law. Sen. Bill Cassidy, R-La., is seeking feedback for potential improvements to HIPAA.
Dark Reading
OCTOBER 5, 2023
Nearly 100,000 ICS devices have been found open to the public Internet, potentially threatening physical safety globally. Here's how to quantify the risk.
Data Breach Today
OCTOBER 5, 2023
Bleach Manufacturing Giant Spent $25M Cleaning Up Huge Cyberattack in Initial Weeks Clorox said Wednesday an August cyberattack had caused a drop in the bleach manufacturing giant's sales and profits in the quarter ended Sept. 30. The company said organic sales will drop between 21% and 26% due to widespread disruption, order processing delays and product outages after the hack.
Dark Reading
OCTOBER 5, 2023
The previously undocumented data exfiltration malware was part of a successful cyber-espionage campaign against the Guyanese government, likely by the Chinese.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
OCTOBER 5, 2023
Join us to learn from Cisco about what new, modern and sophisticated threats look like today, and how these complex threats make it harder to succeed at effective threat detection and response
KnowBe4
OCTOBER 5, 2023
Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.
Dark Reading
OCTOBER 5, 2023
With these five steps, organizations can develop stronger security practices and make the inevitable breaches inconsequential.
KnowBe4
OCTOBER 5, 2023
The most often recommended piece of anti-phishing advice is for all users to “hover” over a URL link before clicking on it. It is great advice.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
OCTOBER 5, 2023
A campaign that's been active since April has already racked up nearly 75,000 downloads, stealing data and cryptocurrency in the process.
KnowBe4
OCTOBER 5, 2023
A new report shows staggering phishing trends using obfuscation techniques from this year that should make any organization feel worried.
Hunton Privacy
OCTOBER 5, 2023
On October 3, 2023, the UK Information Commissioner’s Office (“ICO”) published new Guidance on lawful monitoring in the workplace, designed to help employees comply with their obligations under the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (“DPA”). The Guidance aims to provide greater regulatory certainty, protect workers’ data protection rights, and help employers build trust with workers, customers and service users.
KnowBe4
OCTOBER 5, 2023
Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk management projected to be $215 billion in 2024.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Data Matters
OCTOBER 5, 2023
On September 29, 2023 — the last business day of its fiscal year — the U.S. Securities and Exchange Commission (SEC) issued the latest in a series of actions charging 10 firms with recordkeeping failures in connection with employees’ use of unapproved applications on personal devices to engage in communications relating to the firms’ business (known as “off-channel communications”). 1 The firms charged included broker-dealers, investment advisers, and dually registered broker-dealers and invest
KnowBe4
OCTOBER 5, 2023
F Cybersecurity Awareness Month this year, we’ve put together a set of resources you can use throughout the entire month of October.
Dark Reading
OCTOBER 5, 2023
The Predator spyware was distributed by dropping malicious links inside typosquatted facsimiles of news websites.
Expert insights. Personalized for you.
303 
Let's personalize your content