Data Breach Today
SEPTEMBER 28, 2023
Also, New Malware Targets New Bitwarden Users This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.
Data Matters
SEPTEMBER 28, 2023
Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 28, 2023
From Paying Ransoms to Rebuilding IT Systems, Here's What the Response Looked Like A medical center president and school district IT leader talked to lawmakers Wednesday about lessons learned from their experiences responding to harrowing ransomware attacks. 'The cyberattack was much harder than the pandemic by far,' said Vermont Medical Center President Stephen Leffler.
Security Affairs
SEPTEMBER 28, 2023
Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
SEPTEMBER 28, 2023
Affiliates Relied on Less Complex, Trackable Methods, It Says Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. Only a sliver transacted with a crypto mixer.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 28, 2023
VPN Service Behemoth Doubles Valuation In Just 17 Months Despite Economic Headwinds The maker of the world's most popular VPN service hauled in $100 million on a $3 billion valuation to accelerate growth through mergers and acquisitions. The Warburg Pincus-led investment will allow the Lithuania-based internet privacy and security vendor to expand its product offering.
Security Affairs
SEPTEMBER 28, 2023
US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.
Data Breach Today
SEPTEMBER 28, 2023
Limited Details Disclosed but Google said it is a Heap-based Buffer Overflow Bug Google rolled out an urgent Chrome browser security update to address a zero day actively exploited by a commercial spyware vendor. The high-severity bug is the fifth zero day patched by Chrome this year. Google did not provide details, only stating that it is aware of an exploit in the wild.
Security Affairs
SEPTEMBER 28, 2023
Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 28, 2023
Also: Web3 Lost $889M in Q3, Hackers Stole from HTX, Nansen, OpenSea This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.
Dark Reading
SEPTEMBER 28, 2023
CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.
Data Breach Today
SEPTEMBER 28, 2023
Proposed Class Action Claim Against Amerita Linked to Larger PharMerica Breach Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its parent company, PharMerica, which reported a breach affecting nearly 6 million individuals. Amerita recently reported its own breach that affected about 220,000 people.
KnowBe4
SEPTEMBER 28, 2023
Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
SEPTEMBER 28, 2023
So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.
KnowBe4
SEPTEMBER 28, 2023
Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.
Dark Reading
SEPTEMBER 28, 2023
The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.
KnowBe4
SEPTEMBER 28, 2023
Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
SEPTEMBER 28, 2023
A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.
KnowBe4
SEPTEMBER 28, 2023
The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.
Jamf
SEPTEMBER 28, 2023
In this episode of Jamf After Dark, Matt Woodruff, Senior Sales Engineer at Jamf, joins co-hosts Sean Rabbitt and Kat Garbis to discuss his time at Black Hat and the 2023 Security 360: Annual Trends Report.
KnowBe4
SEPTEMBER 28, 2023
The latest cyber claims report from Coalition , a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
SEPTEMBER 28, 2023
Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.
KnowBe4
SEPTEMBER 28, 2023
A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Dark Reading
SEPTEMBER 28, 2023
Artificial intelligence and machine learning aren't yet delivering on their cybersecurity promises. How can we close the gaps?
KnowBe4
SEPTEMBER 28, 2023
A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
SEPTEMBER 28, 2023
Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
KnowBe4
SEPTEMBER 28, 2023
Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM).
IBM Big Data Hub
SEPTEMBER 28, 2023
According to a recent IBV study , 64% of surveyed CEOs face pressure to accelerate adoption of generative AI, and 60% lack a consistent, enterprise-wide method for implementing it. An AI and data platform, such as watsonx, can help empower businesses to leverage foundation models and accelerate the pace of generative AI adoption across their organization.
Expert insights. Personalized for you.
291 
Let's personalize your content