Data Breach Today
DECEMBER 5, 2023
Andariel Group Rented Server to Steal 1.2TB of Data, Extort $357,000 in Ransoms Seoul police have accused the North Korean hacker group Andariel of stealing sensitive defense secrets from South Korean defense companies and laundering ransomware proceeds back to North Korea. The hackers stole 1.2TB of data, including information on advanced anti-aircraft weapons.
AIIM
DECEMBER 5, 2023
AIIM debuted a new version of the Certified Information Professional (CIP) credential. As of November 27, 2023, AIIM is offering a new version of the exam, which reflects the skills needed for today’s information professionals.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 5, 2023
Credential-Stuffing Attack Led to Profile Scraping Genetics testing firm 23andMe says hackers, in a credential-stuffing attack this fall, siphoned the ancestry data of 6.9 million individuals. 23andMe disclosed the attack on Oct. 1, stating the attackers had scraped the profiles of 23andMe users who opted in to the company's DNA Relatives feature.
Schneier on Security
DECEMBER 5, 2023
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
DECEMBER 5, 2023
TSA Official Details How Agency Aims to Implement AI Systems Across Operations The Transportation Security Administration is exploring the possibilities of a future of U.S. travel "underpinned by AI advancements," according to the agency's deputy CIO, with next-generation technologies shaping new verification and threat detection efforts.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 5, 2023
'TSA Is Not the Right Agency to Lead' REAL ID Implementation, Security Experts Say Security experts testified to Congress that the National Institute of Standards and Technology is better placed than the Transportation Security Administration to lead national implementation efforts for security-enhanced identification cards ahead of a looming 2025 deadline for national compliance.
WIRED Threat Level
DECEMBER 5, 2023
23andMe has provided more information about the scope and scale of its recent breach, but with these details come more unanswered questions.
Data Breach Today
DECEMBER 5, 2023
Urgent Action Needed to Prevent Ransomware Attacks Involving Vulnerability Exploit A recent spike in ransomware attacks has prompted federal regulators and the American Hospital Association to issue urgent warnings to hospitals and other healthcare firms to prevent potential exploitation of the Citrix Bleed software flaw affecting some NetScaler ADC and NetScaler Gateway devices.
Security Affairs
DECEMBER 5, 2023
ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk for organizations. Over the past few years, threat actors have increasingly had access to cost-effective and efficient means and services to carry out such kinds of attacks.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 5, 2023
Hugging Face Fixes Flaw; Meta, Other Tech Giants Revoke Vulnerable Tokens Security researchers could access and modify an artificial intelligence code generation model developed by Facebook after scanning for API access tokens on AI developer platform Hugging Face and code repository GitHub. Tampering with training data is among the top threats to large language models.
Schneier on Security
DECEMBER 5, 2023
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.
Data Breach Today
DECEMBER 5, 2023
Zombie APIs are becoming more common, just because of the sheer number APIs and third-party vendors that organizations rely on. Joshua Scott, head of information security and IT at API platform Postman, says businesses need to identify "what is critical to the business and map backward.
IT Governance
DECEMBER 5, 2023
IT Governance’s research has found the following for November 2023: 470 publicly disclosed security incidents. 519,111,354 records known to be breached. The number of incidents is particularly high this month, partly because we’ve improved our incident-finding processes, but also partly because we’ve seen several big supply chain attacks this month.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
DECEMBER 5, 2023
The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about threat actors actively exploiting a critical vulnerability ( CVE-2023-26360 ) in Adobe ColdFusion to breach government agencies. The flaw is an Improper Access Control that can allow a remote attacker to execute arbitrary code.
Jamf
DECEMBER 5, 2023
JTL security researchers discover how Lockdown Mode on iOS can be manipulated by a threat actor on compromised or jailbroken iPhones to trick users into believing that their device is protected by Lockdown Mode when in reality when in fact, it's not.
Security Affairs
DECEMBER 5, 2023
Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft’s Threat Intelligence is warning of Russia-linked cyber-espionage group APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.
WIRED Threat Level
DECEMBER 5, 2023
Adversarial algorithms can systematically probe large language models like OpenAI’s GPT-4 for weaknesses that can make them misbehave.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
DECEMBER 5, 2023
On July 26, the U.S. Security & Exchange Commission (SEC) announced several new cybersecurity rules , taking affect mid-December 2023, that will significantly impact all U.S. organizations (and foreign entities doing business in the U.S.) that must follow SEC regulations.
IBM Big Data Hub
DECEMBER 5, 2023
As the retail industry witnesses a shift towards a more digital, on-demand consumer base, AI is becoming the secret weapon for retailers to better understand and cater to this evolving consumer behavior. With the rise of highly personalized online shopping, direct-to-consumer models, and delivery services, generative AI can help retailers further unlock a host of benefits that can improve customer care, talent transformation and the performance of their applications.
KnowBe4
DECEMBER 5, 2023
New data shows how the overwhelming majority of phishing attacks on financial institutions dwarf every other industry sector by as much as a factor of 30-to-1.
Data Matters
DECEMBER 5, 2023
On 27 November 2023, the Council adopted the final text of the Data Act which facilitates (and in certain cases, mandates) the access to (personal and non-personal) data. The Data Act was originally proposed by the European Commission in 2022. Alongside the EU Data Governance Act (which came into force in June 2022) the Data Act forms part of the EU’s Data Strategy which aims to “ make the EU a leader in a data-driven society ”.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
DECEMBER 5, 2023
Researchers at McAfee warn that attackers are increasingly utilizing PDF attachments in email phishing campaigns.
Daymark
DECEMBER 5, 2023
On October 30, 2023, the US Securities and Exchange Commission (SEC) announced fraud charges against SolarWinds and its former chief information security officer (CISO), alleging that “ SolarWinds’ public statements about its cybersecurity practices and risks were at odds with its internal assessments.” This comes on the heels of the SEC’s newly implemented rules for disclosures relating to cyber risk.
KnowBe4
DECEMBER 5, 2023
Top Four Security Tips for Cyber Safety on National Computer Security Day
IBM Big Data Hub
DECEMBER 5, 2023
Enhancing the customer experience through customer service is among the most important disciplines for any organization for one simple reason: without customers, organizations would fail overnight. Customer service, sometimes called customer care or customer support, relates to the activities organizations take to ensure their customers’ needs are being met.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
IG Guru
DECEMBER 5, 2023
Check out the post here. The post Privacy First: A Better Way to Address Online Harms via EFF first appeared on IG GURU.
CILIP
DECEMBER 5, 2023
Statement to Department for Communities on funding shortfall of approximately £1.75 million This statement is issued by CILIP, the Chartered Institute of Library and Information Professionals, the national body representing librarians and information professionals in Northern Ireland and the UK, in response to the lack of adequate funding for public library services.
Collibra
DECEMBER 5, 2023
Today, AI is reshaping industries with its unprecedented scale and transformative impact. At the heart of the AI revolution is the principle of ‘trusted data,’ a cornerstone for successful AI initiatives. Trusted data — characterized by its accuracy, reliability and integrity — is not just a requirement but a catalyst for transformative changes across organizations.
Expert insights. Personalized for you.
309 
Let's personalize your content