Data Breach Today
DECEMBER 22, 2023
Hackers Crippled Systems, Stole Patient Data From ESO Solutions Hackers carried out a double-extortion ransomware attack on medical software company ESO Solutions, exposing personal details and healthcare information of 2.7 million U.S. patients and encrypting some of the company's systems. Double-extortion attacks also exfiltrate data.
Security Affairs
DECEMBER 22, 2023
The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. The company refused to pay the ransom and the ransomware gang threatened to leak the alleged stolen documents, including project data, clients’ and partners’ info, and NDAs. “We’ve obtained 100 GB of data of N
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 22, 2023
Attackers Masquerade as Hotels to Steal Clients' Payment Card Data, Experts Warn Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
IT Governance
DECEMBER 22, 2023
DORA’s supply chain security requirements IT Governance’s research for November 2023 found that 48% of the month’s incidents originated from the supply chain (i.e. were third-party attacks). For Europe , this number rises to 61%. Admittedly, it only takes a comparatively small number of supply chain attacks to skew the number of incidents. It’s in their nature for one attack to compromise potentially hundreds or even thousands of organisations.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
DECEMBER 22, 2023
Arion Kurtaj Was a Member of Lapsus$ Group That Also Hacked Nvidia and Revolut British prosecutors have sentenced a teenager behind high-profile hacks while he was part of the now-inactive Lapsus$ hacking group. Arion Kurtaj, from Oxford, will remain in medical care after doctors declared he was unfit to stand for trial owing to severe autism.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 22, 2023
Majority of Connected Medical Devices Contain Critical Vulnerabilities, FBI Says A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S. that can result in "potential catastrophic impact to hospital operations and patient care.
Security Affairs
DECEMBER 22, 2023
A member of the Lapsus$ cyber extortion group, Arion Kurtaj, has been sentenced to an indefinite hospital order. The UK Southwark Crown Court has sentenced Arion Kurtaj , a prominent member of the international cyber extortion gang Lapsus$ , to an indefinite hospital order. Over the years, the Lapsus$ gang compromised many high-profile companies such as NVIDIA , Samsung , Ubisoft , Mercado Libre, Vodafone , Microsoft , Okta , and Globant.
Data Breach Today
DECEMBER 22, 2023
FalseFont Backdoor Enables Attackers to Remotely Connect to a Compromised System Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
Schneier on Security
DECEMBER 22, 2023
Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information from sources on the web to assist users in creation of their documents. We show that attackers can prepare websites that, when a user adds them as a source, manipulate the LLM into sending private information to the attacker or perform other malicious activities.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
KnowBe4
DECEMBER 22, 2023
I just found a great post by Morgan Wright, chief security advisor of SentinelOne. Here is a quick summary and a link to the full article is at the bottom. The recent attacks on water authorities like Aliquippa and St. Johns River have cast a spotlight on the vulnerability of critical infrastructure.
WIRED Threat Level
DECEMBER 22, 2023
Members of the US Congress touted improvements to children’s privacy protections as an urgent priority. So why didn’t they do anything about it?
Hunton Privacy
DECEMBER 22, 2023
On December 20, 2023, the FTC issued a Notice of Proposed Rulemaking (“Notice”), which would bring long-anticipated changes to the children’s online data privacy regime at the federal level in the U.S. The Notice sets forth several important proposals aimed at strengthening the Children’s Online Privacy Protection Act Rule (“COPPA Rule”). The COPPA Rule has not been updated since 2012.
WIRED Threat Level
DECEMBER 22, 2023
I tried to sell a futon on Facebook Marketplace and nearly all I got were scammers.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
John Battelle's Searchblog
DECEMBER 22, 2023
I will not forsake you. But I might not call as often as I used to. I don’t often write about personal things here, but the two most-read posts of this past year were Mastering The Rudiments , about my journey with learning the drums, and Unretirement , a personal reflection on my career. I wrote both of those back in May – a shoulder month between seasons.
Schneier on Security
DECEMBER 22, 2023
Ben Rothke chose A Hacker’s Mind as “the best information security book of 2023.
IG Guru
DECEMBER 22, 2023
CMP Guidance The post ICRM Reminders first appeared on IG GURU.
Schneier on Security
DECEMBER 22, 2023
It’s squid parts from college dissections , so it’s not a volume operation. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Expert insights. Personalized for you.
296 
Let's personalize your content