Krebs on Security

JANUARY 30, 2024

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.

Passwords 305

Passwords Phishing Access Encryption 305

Data Breach Today

JANUARY 30, 2024

Manufacturer Confirms Systems Down, Data on Energy Consumption, Emission Accessed Schneider Electric confirmed a ransomware attack has locked up corporate systems of its Schneider Electric Sustainability Business division and accessed data. The company said it plans to resume operations in two business days after remediation is complete.

Ransomware 296

Ransomware Manufacturing Access IT 296

AIIM

JANUARY 30, 2024

I am so honored that nine of my colleagues at Islamic Development Bank (IsDB) have successfully been Certified as “Certified Information Professional” (CIPs) by AIIM.

175

175

Data Breach Today

JANUARY 30, 2024

Group Fakes Stolen Data, Has Ties to Ragnar Locker, Says Researcher Jon DiMaggio While ransomware groups rightly have a reputation for being morally and ethically bankrupt, many do play things straight with their victims. But RansomedVC is a notable exception. In some ways, it is "more dangerous" because of its expert ability to lie, according to researcher Jon DiMaggio.

Ransomware 293

Ransomware IT 293

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

The Last Watchdog

JANUARY 30, 2024

Silver Spring, Maryland, Jan. 30, 2024 — Aembit , the Workload Identity and Access Management (IAM) platform that enables DevOps and security teams to discover, manage, enforce and audit access between workloads, today announced the availability of a new integration with the industry-leading CrowdStrike Falcon® platform to give enterprises the ability to dynamically manage and enforce conditional access policies based on the real-time security posture of their applications and services.

Access 130

Access Security Cloud Compliance 130

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation. BleepingComputer first reported the attack that hit the Sustainability Business division of the company on January 17th.

Ransomware 129

Ransomware Data breaches Digital transformation Encryption 129

Data Breach Today

JANUARY 30, 2024

Rule Is a Bid to Deter Malicious Foreign Use of US IaaS Providers Cloud providers told the government they aren't very happy about a proposed regulation requiring them to verify the identity of foreign customers, but their complaints are unlikely to stop the U.S. Department of Commerce from proceeding with the rule.

Cloud 261

Cloud Government 261

The Last Watchdog

JANUARY 30, 2024

Each of us has probably sat through some level of cybersecurity awareness training during our professional lives. Related: Dangers of spoofed QR codes Stop and think before you click on a link within an email from an unexpected source. Don’t re-use a password across multiple sites. Beware over-sharing personal information online, especially on social media platforms.

Passwords 104

Passwords Communications Cybersecurity Risk 104

Data Breach Today

JANUARY 30, 2024

Litigation Alleges the Web Tracker Scraped Sensitive Patient Information A federal judge has again given the green light for a proposed consolidated class action lawsuit against Meta to proceed. The litigation claims the firm unlawfully collected patient data from the websites of hospitals and other providers through the use of its Pixel tracking tool.

Privacy 261

Privacy IT 261

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

JANUARY 30, 2024

Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC are available on the dark web, Resecurity warns. Resecurity conducted a thorough scan of the Dark Web and identified over 1,572 compromised customers of RIPE, Asia-Pacific Network Information Centre (APNIC), the African Network Information Centre (AFRINIC), and the Latin America and Caribbean Network Information Center (LACNIC), resulting from infostealer infections.

Passwords 127

Passwords Cybersecurity Cloud Access 127

Data Breach Today

JANUARY 30, 2024

State Attorney Alleges Lack of Layered Security to Stop Fraudulent Wire Tranfers The New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers. "If a bank cannot secure its customers' accounts, they are failing in their most basic duty," said Attorney General Letitia James.

Phishing 259

Phishing Security IT 259

Security Affairs

JANUARY 30, 2024

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. According to the researchers, at least two cybercrime gangs, CYBO CREW affiliates known as CyboDevil and UNIT8200, were offering the database for $3,000.

Sales 125

Sales Risk IT Data breaches 125

Data Breach Today

JANUARY 30, 2024

City of Trento Must Pay Regulators 50,000 Euros The Italian data protection regulator fined a midsize northern city 50,000 euros for deploying a pilot artificial intelligence public safety project financed by the European Union. Trento was a partner in three pilots that planned to use AI to detect threats.

Artificial Intelligence 259

Artificial Intelligence 259

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JANUARY 30, 2024

Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four security vulnerabilities in the GNU Library C (glibc) , including a heap-based buffer overflow tracked as CVE-2023-6246. GNU C Library (glibc) is a free software library that provides essential system services for Linux and other Unix-like operating systems.

Libraries 120

Libraries Access Security IT 120

Data Breach Today

JANUARY 30, 2024

Cyberespionage Hacking Group Volt Typhoon Targeting US Critical Infrastructure The FBI and the U.S. Department of Justice used a court order to disrupt a Chinese hacking operation that compromised thousands of internet-connected devices and targeted sensitive areas of U.S. critical infrastructure, according to media reports.

257

257

Collibra

JANUARY 30, 2024

Everyone knows: The cloud is the norm for companies that seek more scale, more savings, and better performance from their technology stack, especially as leveraging AI becomes more widespread. Your cloud journey is also an opportunity for your organization to redefine your approach to data. To accelerate the time-to-value of your cloud investment, drive data quality across your data ecosystem, and lay a solid foundation for trusted data (especially if you’re building generative AI applications

Cloud 102

Cloud Compliance Government Access 102

Security Affairs

JANUARY 30, 2024

Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems. Juniper Networks has released out-of-band updates to address two high-severity flaws , tracked as CVE-2024-21619 and CVE-2024-21620, in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.

Authentication 100

Authentication Access Cybersecurity IT 100

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Schneier on Security

JANUARY 30, 2024

It finally admitted to buying bulk data on Americans from data brokers, in response to a query by Senator Weyden. This is almost certainly illegal, although the NSA maintains that it is legal until it’s told otherwise. Some news articles.

IT 99

IT Data collection Metadata Data Privacy 99

Security Affairs

JANUARY 30, 2024

Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection authority regulator authority, known as “Garante per la protezione dei dati personali”, announced it has notified OpenAI that ChatGPT violated the EU data protection regulation GDPR.

Privacy 97

Privacy GDPR Personal data Data Privacy 97

KnowBe4

JANUARY 30, 2024

Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023.

Ransomware 100

Ransomware Security 100

Schneier on Security

JANUARY 30, 2024

GCHQ has released new images of the WWII Colossus code-breaking computer, celebrating the machine’s eightieth anniversary (birthday?). News article.

94

94

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

KnowBe4

JANUARY 30, 2024

Phishing attacks are increasingly using open redirects to evade detection by security filters, according to researchers at Trustwave.

Phishing 107

Phishing Security 107

Data Matters

JANUARY 30, 2024

Join Sidley and OneTrust DataGuidance for a reactionary webinar on the recently published, near-final text of the EU AI Act on February 5, 2024. This discussion with industry panelists will cover initial reactions to the text of the EU AI Act following finalization by EU legislators and examine the key points in the AI Act that businesses need to understand.

Privacy 97

Privacy 97

WIRED Threat Level

JANUARY 30, 2024

Aerial drones have changed the war in Ukraine. Now, both Russia's and Ukraine's militaries are deploying more unmanned ground robots—and the two are colliding.

Military 87

Military Security 87

IBM Big Data Hub

JANUARY 30, 2024

In the last post , we looked at creating a blueprint for a sustainable data center. Now we’ll look at how to get the most out of a modern data center. We don’t need to re-create the wheel all the time. Sometimes, we can look to others who have gone before us for inspiration and examples to help shape our vision for success. And, when we work with partners that have “been there, done that,” we can accelerate our success, taking our vision to a mission to reality.

Analytics 77

Analytics Cloud Manufacturing Retail 77

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

IG Guru

JANUARY 30, 2024

Check out the post here. The post ISO Draft International Standard 9706, focusing on the requirements for permanent paper intended for documents, has been canceled and has moved to stage 40.98 via LinkedIn first appeared on IG GURU.

Paper 63

Paper Records Management Archiving 63

OpenText Information Management

JANUARY 30, 2024

Here in Hong Kong, space is at an ultimate premium. At Haleon, we ensure that more than 200 pharmacies don’t waste shelf space by supplying a wide range of products, including oral health, vitamins, minerals and supplements, and over-the-counter medications such as pain relief, respiratory and digestive products, and more. We target 99% on time in … The post Haleon harnesses automated data capture to keep shelves stocked at pharmacies across Hong Kong appeared first on OpenText Blogs.

Cloud 62

Cloud 62

Information Governance Perspectives

JANUARY 30, 2024

A controversial new book reveals scandalous details behind a secret adoption arranged for the celebrated composer of The Addams Family by infamous attorney and former LA Clippers owner Donald Sterling in the 1970s. The poignant memoir features intimate stories about Hollywood luminaries from Michael Landon to Frank Sinatra and a behind-the-scenes peek at Tinseltown’s most legendary studio, Paramount Pictures.

Authentication 52

Authentication 52