The Last Watchdog

JULY 13, 2023

Pittsburgh, PA – July 13, 2023 – Security Journey, a best-in-class application security education company, has today announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of up to 85%.

Security 170

Security Education Communications Libraries 170

Data Breach Today

JULY 13, 2023

Also: MOVEit Targets Financial Institutions; Razer Checks on a Possible Breach This week, an IT security worker was sentenced for impersonating a ransomware gang, Deutsche Bank and other financial institutes were hit by Clop ransomware, USB drive malware attacks are on the rise in 2023, and a gaming company is investigating data breach claims and resetting users' sessions.

IT 147

IT Data breaches Ransomware Security 147

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. The data shows how perceptions around cyber and technology risks, from ransomware and other cyber-attacks to the threats posed by AI, are changing the global business risk landscape.

Risk 161

Risk Insurance Energy and Utilities Marketing 161

Data Breach Today

JULY 13, 2023

Rockwell Automation: Urgent Attention Is Needed to Protect Critical Infrastructure Rockwell Automation teamed-up with CISA to find two critical flaws that require immediate attention, citing a novel exploit capability attributed to advanced persistent threat actors known for targeting industrial systems and critical infrastructure.

130

130

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Matters

JULY 13, 2023

On May 18, 2023, the Federal Trade Commission (“FTC”) issued its 2023 Policy Statement on Biometric Information and Section 5 of the FTC Act (the “Policy Statement”) describing the agency’s concerns about these fast-proliferating technologies and articulating a set of compliance obligations for businesses that develop or use biometric technologies. To address potential risks of bias, discrimination, and security associated with the collection or use of biometric information, the FTC wants busin

Government 148

Government Risk Compliance Privacy 148

Troy Hunt

JULY 13, 2023

Each year since 2011, Microsoft has sent me a lovely email around this time: I've been fortunate enough to find a passion in life that has allowed me to do what I love and make a great living out of it all whilst contributing to the community in a meaningful and impactful way. In last year's MVP announcement blog post , I talked about one of my favourite contributions of all that year being the Pwned Passwords ingestion pipeline for the FBI.

Consumer Services 97

Consumer Services Passwords IT 97

Data Breach Today

JULY 13, 2023

Vulnerabilities Affect Network Security Products Security appliance manufacturers SonicWall and Fortinet fixed multiple critically rated vulnerabilities in their network security products this week. The fixes include authentication bypass flaws that could result in exposure of sensitive information. Regulators urge users to patch soon.

Manufacturing 130

Manufacturing Authentication Security 130

IT Governance

JULY 13, 2023

Red team cyber security assessments are a crucial way of giving organisations a practical understanding of their defence capabilities. In these exercises, the red team faces off against their counterparts, the blue team, in a battle to control a particular asset. That could be sensitive data, financial records, communication channels or the organisation’s infrastructure itself.

Phishing 96

Phishing Passwords Communications Security 96

Data Breach Today

JULY 13, 2023

Mobile Android OS Device Spoofing Tools Spotted in Russian Cybercriminal Forum Threat actors are using dedicated mobile Android OS device spoofing tools to defraud customers of online banking, payment systems, advertising networks and online marketplaces globally. Resecurity observed cybercriminals using spoofing tools to exploit stolen cookies and access victims' systems.

Access 130

Access 130

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

JULY 13, 2023

Apple re-released its Rapid Security Response updates for iOS and macOS after fixing browsing issues on certain websites caused by the first RSR. Apple has re-released its Rapid Security Response updates to address the CVE-2023-37450 flaw in iOS and macOS after fixing browsing issues on certain websites caused by the first RSR issued by the company.

Security 96

Security IT Information Security 96

IT Governance

JULY 13, 2023

This week, we discuss the new EU adequacy decision for the US, based on the Data Privacy Framework (plus Max Schrems’s inevitable reaction), and a proposed UK-US ‘data bridge’. We also look at fixes for three more vulnerabilities in Progress Software’s MOVEit Transfer app; plus this month’s Patch Tuesday and other security updates. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud.

Government 94

Government IT Data Privacy Security 94

Security Affairs

JULY 13, 2023

Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install updates to fix a zero-day vulnerability that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers. Zimbra Collaboration Suite is a comprehensive open-source messaging and collaboration platform that provides email, calendaring, file sharing, and other collaboration tools

Authentication 95

Authentication Cloud Security IT 95

Dark Reading

JULY 13, 2023

A black-hat alternative to GPT models specifically designed for malicious activities like BEC, malware, and phishing attacks is here, and will push organizations to level up with generative AI themselves.

Phishing 92

Phishing 92

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JULY 13, 2023

SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its Global Management System (GMS) firewall management and Analytics network management and reporting engine. The company fixed 15 vulnerabilities that were disclosed in a Coordinated Vulnerability Disclosure (CVD) report in conjunction with NCCGroup.

Analytics 94

Analytics Authentication Passwords Security 94

eSecurity Planet

JULY 13, 2023

ChatGPT and other generative AI tools have been used by cybercriminals to create convincing spoofing emails, resulting in a dramatic rise in business email compromise (BEC) attacks. Now security researchers have discovered a black hat generative AI tool called WormGPT that has none of the ethical restrictions of tools like ChatGPT, making it even easier for hackers to craft cyber attacks based on AI tools.

Phishing 89

Phishing Systems administration Cybersecurity Marketing 89

KnowBe4

JULY 13, 2023

Researchers at Check Point outline various forms of tailgating attacks. These attacks can allow threat actors to bypass physical security measures via social engineering.

Security 89

Security 89

Collibra

JULY 13, 2023

Whenever I speak with data scientists, the words “model” and “data” pop up all the time. When I challenge these smart model builders about the importance of good data assets, they wholeheartedly agree. They say, “Of course, data is very important.” Yet, when I push further, they often say it’s someone else’s job to look after the data.

Government 87

Government Data science Artificial Intelligence Analytics 87

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

JULY 13, 2023

Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious email activity was reported by an unnamed US Federal Civilian Executive Branch (FCEB) agency. Microsoft experts who investigated the suspicious activity discovered that China-linked threat actors have targeted the agency as part of a cyberespionage campaign targeting two dozen organizations.

Government 83

Government Authentication Cloud Access 83

Schneier on Security

JULY 13, 2023

The French police are getting new surveillance powers : French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5. […] Covering laptops, cars and other connected objects as well as phones, the measure would allow the geolocation of suspects in crimes punishable by at least five years’ jail.

Privacy 80

Privacy 80

eSecurity Planet

JULY 13, 2023

After Microsoft warned earlier this week that some drivers certified by the Windows Hardware Developer Program (MWHDP) are being leveraged maliciously, a Cisco Talos security researcher said the number of malicious drivers could number in the thousands. Talos researcher Chris Neal discussed how the security problem evolved in a blog post. “Starting in Windows Vista 64-bit, to combat the threat of malicious drivers, Microsoft began to require kernel-mode drivers to be digitally signed with

Passwords 80

Passwords Security IT Access 80

Dark Reading

JULY 13, 2023

Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites.

Security 90

Security 90

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Troy Hunt

JULY 13, 2023

Today was a bit back-to-back having just wrapped up the British Airways Magecart attack webinar with Scott. That was actually a great session with loads of engagement and it's been recorded to so look out for that one soon if you missed it. Anyway, I filled this week's update with a bunch of random things from the week. I especially enjoyed discussing the HIBP domain search progress and as I say in the video, talking through it with other people really helps crystalise things so I thin

IoT 72

IoT IT Security 72

Dark Reading

JULY 13, 2023

The vulnerability gap continues to persist, and IT and security teams can play a major role in reducing their attack surface.

Security 92

Security IT 92

IG Guru

JULY 13, 2023

Check out the article here. The post The SEC Provides 4 Million Reasons to Ensure Required Records Are Maintained via JD Supra first appeared on IG GURU.

Records Management 68

Records Management Risk 68

Dark Reading

JULY 13, 2023

Two fierce cloud security competitors are locked in a legal battle, as Orca accuses Wiz of ripping off its intellectual property.

Cloud 85

Cloud IT Security 85

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

OpenText Information Management

JULY 13, 2023

The energy sector, and closely related industries such as chemicals and metals and mining, are asset-intensive industries. This means that revenue is generated from assets and a significant amount of costs come from these assets. Being asset intensive also means that these industries are machine intensive. Rotating machinery, industrial instrumentation and meters, automated control valves, … The post Working smarter with Smart Checklists and Forms appeared first on OpenText Blogs.

Mining 52

Mining 52

Dark Reading

JULY 13, 2023

The draft AI Act represents a significant step in regulating AI technologies, recognizing the need to address the potential risks and ethical concerns.

Cybersecurity 77

Cybersecurity Risk 77

KnowBe4

JULY 13, 2023

PoisonGPT works completely normally, until you ask it who the first person to walk on the moon was.

IT 72

IT Security awareness Security 72