Krebs on Security
APRIL 27, 2023
A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.
Weissman's World
APRIL 27, 2023
Many of our fears about Artificial Intelligence (AI) are absolutely terrifying! So, no surprise, it’s becoming a major talking point in the information profession. And while there’s definitely something to be worried about here., it probably isn’t what you think it is. It’ll take just 3 minutes for me to tell you what it is.… Read More » Worried About AI?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 27, 2023
Point32Health Says Its Harvard Pilgrim Health Care's IT Systems Remain Offline Point32Health, which provides health plans to millions of New Englanders and is Massachusetts' second-largest health insurer, is still struggling to recover 10 days after it identified a ransomware attack that forced the company to take many of its IT systems and functions offline.
WIRED Threat Level
APRIL 27, 2023
No matter what happens with generative AI, its disruptive forces are already beginning to play a role in the fast-approaching US presidential race.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
APRIL 27, 2023
Clop and LockBit Spotted Exploiting Unpatched Print Management Software An affiliate of the Russian-speaking Clop ransomware-as-a-service gang and the LockBit cybercrime group are each exploiting vulnerabilities in popular print management software. PaperCut began urging customers to update their software earlier this month after customer reports of suspicious activity.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 27, 2023
Feds Warn of Vulnerabilities Affecting Illumina's Universal Copy Service Software Federal authorities warn that hackers could take over genetic testing devices manufactured by Illumina, although neither the manufacturer nor the Food and Drug Administration has received reports of attacks. The vulnerabilities affect Illumina's Universal Copy Service software.
IT Governance
APRIL 27, 2023
The cost of living crisis is affecting us all. Energy bills are soaring, petrol prices have reached record highs and, as the BBC reported this week, even the humble cheese sandwich has been struck by inflation. Despite these rising costs, one area that remains unchanged is digital transformation. Organisations worldwide are investing in technologies at an unprecedented rate, with an IDC study published last year reporting that digital transformation spending is expected to hit $3.4 trillion (£2.
Data Breach Today
APRIL 27, 2023
Intel 471's Michael DeBolt on Why HUMINT is an Imperative, Not an Option Everyone has their favorite threat intelligence feeds, and information sharing is a must between public and private sectors. But don't overlook the power of cyber human intelligence, says Michael DeBolt of Intel 471. In fact, HUMINT is an imperative, not an option, he says.
Data Protection Report
APRIL 27, 2023
In December 2022, OpenAI released ChatGPT, a powerful AI-powered chatbot that could handle users’ questions and requests for information or content in a convincing and confident manner. The number of users signing up to use the tool increased very rapidly, with users using the tool to write letters, edit text, generate lists, prepare presentations and generate code, among a myriad of other things.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 27, 2023
Tony Bai of A-LIGN Discusses the Changes, Differences in the Two Standards Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Security Affairs
APRIL 27, 2023
RTM ransomware-as-a-service (RaaS) started offering locker ransomware that targets Linux, NAS, and ESXi systems. The Uptycs threat research team discovered the first ransomware binary attributed to the RTM ransomware-as-a-service (RaaS) provider. The new variant of the encryptor targets Linux, NAS, and ESXi hosts, it appears to be based on the source code of Babuk ransomware that was leaked online in 2021.
KnowBe4
APRIL 27, 2023
A new impersonation scam targets users of the popular pay platform under the guise of the victim having money coming to them and with the goal to obtain Zelle credentials.
Security Affairs
APRIL 27, 2023
Microsoft revealed that recent attacks against PaperCut servers aimed at distributing Cl0p and LockBit ransomware. Microsoft linked the recent attacks against PaperCut servers to a financially motivated threat actor tracked as Lace Tempest (formerly DEV-0950 ). The group is known to be an affiliate of the Clop ransomware RaaS affiliate, it has been linked to GoAnywhere attacks and Raspberry Robin infection.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Schneier on Security
APRIL 27, 2023
Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Jim Dempsey, one of the workshop organizers, wrote a blog post on the report: As a first step, our report recommends the inclusion of AI security concerns within the cybersecurity programs of developers and users.
KnowBe4
APRIL 27, 2023
New data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.
eSecurity Planet
APRIL 27, 2023
After two years of development, OpenAI launched GPT-4 last month, and it’s a major leap beyond GPT-3 and even ChatGPT. But in addition to vastly improved reasoning and visual capabilities, GPT-4 also retains many of ChatGPT’s security and privacy issues , in some cases even enhancing them. Here’s a look at some of those issues — including some that came up at this week’s RSA Conference in San Francisco.
Troy Hunt
APRIL 27, 2023
I stand by my expression in the image above. It's a perfectly accurate representation of how I looked after receiving the CityJerks breach, clicking on the link to the website then seeing what it actually was 😳 Fortunately, the published email address on their site did go through to someone at TruckerSucker (😳😳) so they're aware of the breach and that it's circulating broadly via a public hacking website.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
APRIL 27, 2023
A new survey points to an overconfidence around organization’s preparedness, despite admitting to falling victim to ransomware attacks – in some cases multiple times.
Dark Reading
APRIL 27, 2023
CISOs who have survived major cyber incidents recommend letting company ethos guide incident response.
IBM Big Data Hub
APRIL 27, 2023
While many organizations have established environmental, social and governance (ESG) goals and made ESG commitments, driven by purpose and emerging regulatory requirements, they face several challenges when making the transition from ambition to action. A recent IBM study found that global executives cite inadequate data (41%) as the biggest obstacle to their ESG progress, followed by regulatory barriers (39%), inconsistent standards (37%) and inadequate skills (36%).
Dark Reading
APRIL 27, 2023
Researchers observed downloads of installers for the APT's flagship backdoor, MgBot, when users at a Chinese NGO were updating legitimate applications.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
APRIL 27, 2023
The security issues raised by ChatGPT and similar tech are just beginning to emerge, but Rob Joyce says it’s time to prepare for what comes next.
IG Guru
APRIL 27, 2023
April 25, 2023 For the past 18+ months, the National Institute of Standards and Technology (NIST), in collaboration with the HHS Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide, from Revision 1 to Revision 2.
KnowBe4
APRIL 27, 2023
QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it.
Dark Reading
APRIL 27, 2023
The government needs to shift focus and reconsider how it thinks about securing our nation's digital and physical assets.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Data Matters
APRIL 27, 2023
On April 25, 2023, the UK government published the Digital Markets, Competition and Consumers Bill (the UK Bill). The Bill proposes wide-ranging reforms to UK competition and consumer law, including obligations for digital platforms designated with so-called “strategic market status” (SMS). The post New UK Digital Markets Regime: Key Differences With the EU Digital Markets Act appeared first on Data Matters Privacy Blog.
Dark Reading
APRIL 27, 2023
IT leaders need to ensure Kubernetes clusters don't become a gateway for cybercriminals.
The Guardian Data Protection
APRIL 27, 2023
David Davis among cross-party MPs with privacy concerns over prospective Palantir deal A former cabinet minister has warned that there could be a “battle royale” over a £480m NHS data software contract sought by the controversial US tech firm Palantir, whose chair has accused the UK health service of “making people sick”. David Davis, the Conservative former Brexit secretary who previously led the campaign against ID cards, said he was one of those with serious privacy concerns about Palantir’s
Expert insights. Personalized for you.
278 
Let's personalize your content