Data Breach Today
AUGUST 3, 2023
'BlueCharlie' Favors a New Domain Registrar and URL Structure A Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Its ability to adapt to public reporting suggests it will persist with "operations for the foreseeable future" and continue to evolve its tactics, Recorded Future warned.
Krebs on Security
AUGUST 3, 2023
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric , a security firm based in Amsterdam.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
AUGUST 3, 2023
'Crypto Couple' Ilya Lichenstein and Heather Morgan Plead Guilty Ilya "Dutch" Lichtenstein, 35, confessed in U.S. federal court to hacking billions of dollars from virtual currency exchange Bitfinex and laundering stolen funds with his 33-year-old wife, Heather Morgan. Lichtenstein pleaded guilty to conspiracy to commit money laundering.
The Last Watchdog
AUGUST 3, 2023
San Francisco and Cork, Ireland, Aug. 3, 2023 — Vaultree, a cybersecurity leader pioneering Fully Functional Data-In-Use Encryption (FFDUE), today announces a strategic integration with Tableau, a renowned platform for data visualization and business intelligence. This marks a monumental leap forward in secure financial and healthcare data analytics, enabling encrypted data to be safely analyzed and visualized for the first time, all while maintaining absolute data privacy and security.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
AUGUST 3, 2023
Russian Foreign Intelligence Campaign Targets Around 40 Organizations Globally A Russian espionage group attacked multiple organizations to steal credentials using Microsoft Teams chats that appear to originate from technical support. Microsoft on Wednesday attributed the campaign to a threat actor originating in the Russian Foreign Intelligence Service.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
AUGUST 3, 2023
Russia Likely Continues to Run Fake Groups, Although Regional Players Also at Work How much of a risk do hacktivists pose? Hacktivism's heyday was arguably a decade ago. While activists do keep using chaotic online attacks to loudly promote their cause, they're tough to distinguish from fake operations run by governments, including Russia and Iran.
Security Affairs
AUGUST 3, 2023
The OWASP Top 10 for LLM (Large Language Model) Applications version 1.0 is out, it focuses on the potential security risks when using LLMs. OWASP released the OWASP Top 10 for LLM (Large Language Model) Applications project , which provides a list of the top 10 most critical vulnerabilities impacting LLM applications. The project aims to educate developers, designers, architects, managers, and organizations about the security issues when deploying Large Language Models (LLMs).
Data Breach Today
AUGUST 3, 2023
A 2023 RSA Innovation Sandbox Contest Finalist Has Its First Major Funding Round A finalist in RSA Conference's prestigious Innovation Sandbox contest completed its first major funding round to extend its capabilities from code security to pipeline security. Endor Labs got $70 million to move beyond protecting open source software and get into locking down the CI/CD pipeline.
Security Affairs
AUGUST 3, 2023
Researchers discovered a bypass for a recently fixed actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). Rapid7 cybersecurity researchers have discovered a bypass for the recently patched actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). The new vulnerability, tracked as CVE-2023-35082 (CVSS score: 10.0), can be exploited by unauthenticated attackers to access the API in older unsupported versions of MobileIron Core (11.2 and below).
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
AUGUST 3, 2023
Shorter Average Contrast Duration, Deal Delays Force Fortinet to Cut Sales Forecast A delay in finalizing enterprise deals and a shorter average contract duration have forced Fortinet to lower its sales forecast going forward. The Silicon Valley-based platform security vendor said average contract length shortened from 29.5 months to 28 months in the fiscal quarter ended June 30.
Schneier on Security
AUGUST 3, 2023
If you ask Alexa, Amazon’s voice assistant AI system, whether Amazon is a monopoly, it responds by saying it doesn’t know. It doesn’t take much to make it lambaste the other tech giants , but it’s silent about its own corporate parent’s misdeeds. When Alexa responds in this way, it’s obvious that it is putting its developer’s interests ahead of yours.
Data Breach Today
AUGUST 3, 2023
Generative AI offers productivity gains, but if deployed without due security precautions, it can also open up the organization to new cybersecurity threats. Rodman Ramezanian discusses the pros and cons of different approaches to exploit generative AI safely from a cybersecurity perspective.
IT Governance
AUGUST 3, 2023
Vishing is a type of phishing scam that takes place over the phone. Vishing attempts to con potential victims into surrendering personal information such as passwords, card details and PINs, which can be used for identity theft. How does vishing work? In vishing scams, fraudsters use social engineering techniques to obtain victims’ information. Posing as someone from a trusted organisation, such as a bank, they will create a sense of urgency, pressuring the recipient into giving up their details
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
AUGUST 3, 2023
Also: Iranian Hackers Phish Israelis Over LinkedIn, Chatbot Jailbreak Occurs This week, pharma company Evotec downgraded its earnings after an April hack, Iranians pretended to be Israelis on LinkedIn, researchers jailbroke AI chatbots, a Ninja Forms WordPress plug-in flaw that can aid in data theft was discovered, and a DDoS attack in Kenya disrupted government services.
Security Affairs
AUGUST 3, 2023
CISA, the FBI, and NSA, along with Five Eyes cybersecurity agencies published a list of the 12 most exploited vulnerabilities of 2022. CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, have published a list of the 12 most exploited vulnerabilities of 2022. The knowledge of the 12 most exploited vulnerabilities of 2022 allows organizations to prioritize their patch management operations to minimize the attack s
Data Breach Today
AUGUST 3, 2023
Also: LeetSwap Hack, Digital Assets Regulatory Proposal in NDAA ISMG's roundup of digital assets-related cybersecurity incidents includes Kenya, France and Germany's probe into WorldCoin; July security incidents; Curve Finance and LeetSwap theft; the crypto amendment in the NDAA; and India's lack of crypto regulation.
KnowBe4
AUGUST 3, 2023
Researchers at BlueVoyant warn that attackers are increasingly adding an extra step to their phishing campaigns, impersonating third-parties to lend credibility to the scams.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
AUGUST 3, 2023
The well-known collective is taking on targeted advertising with the Veilid framework and says it wants to make the Internet accessible to everyone who fears being monetized.
WIRED Threat Level
AUGUST 3, 2023
Flaws in the Points.com platform, which is used to manage dozens of major travel rewards programs, exposed user data—and could have let an attacker snag some extra perks.
Dark Reading
AUGUST 3, 2023
The attack surface of a live event like this summer’s World Cup in Australia and New Zealand rivals that of a large multinational enterprise, or even a small city.
KnowBe4
AUGUST 3, 2023
Artificial Intelligence (AI) has come roaring to the forefront of today’s technology landscape. It has revolutionized industries and will modernize careers, bringing numerous benefits and advancements to our daily lives. However, it is crucial to recognize that AI also introduces unseen impacts that must be understood and addressed for your employees and your organization as a whole.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
AUGUST 3, 2023
Rare government, industry alignment on AI threats means we have an opportunity to make rapid strides to improve cybersecurity and slip the hold cybercriminals have on us.
eSecurity Planet
AUGUST 3, 2023
New AI-powered cybercrime tools suggest that the capability of AI hacking tools may be evolving rapidly. The creator of FraudGPT, and potentially also WormGPT , is actively developing the next generation of cybercrime chatbots with much more advanced capabilities. Daniel Kelley, a reformed black hat hacker and researcher at cybersecurity firm SlashNext, posed as a potential buyer and contacted the individual – “CanadianKingpin12” – who’s been promoting FraudGPT.
Dark Reading
AUGUST 3, 2023
Had Microsoft had adopted a more secure update path to mitigate the BlackLotus UEFI bootkit, it might already be eliminated, a CISA official says.
IBM Big Data Hub
AUGUST 3, 2023
In today’s fast-paced digital landscape, organizations need to ensure their cloud infrastructure is not only efficient and scalable but also compliant with various regulatory standards. IBM Cloud provides a powerful solution with its Infrastructure as Code (IaC) capabilities and the adoption of a shift-left approach to compliance. This blog explores how IBM Cloud’s IaC, when combined with shift-left compliance practices, can help organizations enhance their cloud infrastructure and m
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
AUGUST 3, 2023
A crawl, walk, run approach allows organizations to establish a governance, risk, and compliance (GRC) program that grows and matures with the business.
Jamf
AUGUST 3, 2023
With the help of Jamf and partner Spirit/21, Stuttgart Chamber Orchestra (SKO) is the first professional orchestra in Germany to take the leap from playing for paper sheet music to playing from iPads.
Dark Reading
AUGUST 3, 2023
The emerging threat has carried out 750 DDoS attacks and 78 website defacements in just one year to support its religious and political motives.
Expert insights. Personalized for you.
246 
Let's personalize your content