Troy Hunt
OCTOBER 4, 2023
Imagine you wanted to buy some s**t on the internet. Not the metaphorical kind in terms of "I bought some random s**t online", but literal s**t. Turds. Faeces. The kind of thing you never would have thought possible to buy online until. Shitexpress came along. Here's a service that enables you to send an actual piece of smelly s**t to "An irritating colleague.
Data Breach Today
OCTOBER 3, 2023
Multiple Organizations Victimized Over the Weekend Ransomware hackers are using a critical flaw in a DevOps tool days developer JetBrains issued a critical security update to patch its TeamCity build management and continuous integration server. Servers such as TeamCity are high-value targets since they manage source code, keys and secrets.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
OCTOBER 2, 2023
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners to phishing and other social engineering attacks.
The Last Watchdog
OCTOBER 2, 2023
Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades. Related: MSFT CEO calls for regulating facial recognition tech Tesla’s visionary insights from 1900 hinted at the potential, and today, we bask in the glow of interconnected networks supporting our digital lives.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Thales Cloud Protection & Licensing
OCTOBER 2, 2023
Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. As we are well and truly in the digital-first age, the need for robust cybersecurity measures is glaringly evident. Though significant, the early days' threats vastly differed from today's sophisticated cyberattacks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
SEPTEMBER 30, 2023
Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.
The Last Watchdog
OCTOBER 4, 2023
Something simply must be done to slow, and ultimately reverse, attack surface expansion. Related: What Cisco’s buyout of Splunk really signals We’re in the midst of driving towards a dramatically scaled-up and increasingly connected digital ecosystem. Companies are obsessed with leveraging cloud-hosted IT infrastructure and the speedy software development and deployment that goes along with that.
WIRED Threat Level
OCTOBER 6, 2023
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.
Data Breach Today
OCTOBER 3, 2023
McLaren Health Care Ransomware Incident Among Latest Alleged Alphv/BlackCat Attacks Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
OCTOBER 5, 2023
NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politically motivated threat actor called SiegedSec has breached its systems and leaked unclassified documents online. “NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites,” reads a statement issued by s NATO official to media outlets.
The Last Watchdog
OCTOBER 5, 2023
Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information from Google and dozens of privacy-breaching websites. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.
WIRED Threat Level
OCTOBER 4, 2023
Elon Musk’s brain-chip startup conducted years of tests at UC Davis, a public university. A WIRED investigation reveals how Neuralink and the university keep the grisly images of test subjects hidden.
Data Breach Today
OCTOBER 5, 2023
2020 Ransomware Incident Affected 13,000 Customers, Millions of Individuals Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
OCTOBER 4, 2023
The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space.
The Last Watchdog
OCTOBER 5, 2023
Worcester, Mass., Oct. 5, 2023 – Today, the Healey-Driscoll Administration kicked off Cybersecurity Month in Massachusetts with the announcement of $1,136,911 in funding to develop a new cybersecurity training center at MassBay Community College and support the existing center at Bridgewater State University. The grants are part of the state’s SOC/Range Initiative, a program managed by MassTech’s MassCyberCenter that aims to help build a diverse generation of cybersecurity professionals thro
Security Affairs
OCTOBER 4, 2023
Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employees and their family members about a data breach that exposed their personal information. Sony notified about 6,800 individuals, it confirmed that the security breach was the result of the exploitation of the zero-day vulnerability CVE-2023-34362 in the MOVEit Transfer platform.
Data Breach Today
OCTOBER 5, 2023
The Question is Also One for the Legal Team to Own, Says Uber's Former CSO Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
OCTOBER 6, 2023
The information leaked in the breach involves personally identifiable information as well as genetic ancestry data, potential relatives, and geolocations.
Schneier on Security
OCTOBER 3, 2023
Turns out pumps at gas stations are controlled via Bluetooth, and that the connections are insecure. No details in the article, but it seems that it’s easy to take control of the pump and have it dispense gas without requiring payment. It’s a complicated crime to monetize, though. You need to sell access to the gas pump to others.
Security Affairs
OCTOBER 1, 2023
Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.
Data Breach Today
OCTOBER 6, 2023
Micro Focus Falls From Leaders Ranking as Static App Testing Vendors Embrace Gen AI Veracode, Synopsys and Checkmarx remain atop Forrester's static application security testing list, while Micro Focus fell from the leaderboard after the OpenText buy. Firms have gone beyond evaluating the security of code itself and now assess the safety of the infrastructure the code is running on.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
OCTOBER 2, 2023
Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.
Jamf
OCTOBER 6, 2023
Apple’s latest operating systems offer new and improved security and privacy features for your device fleet. Read more to learn about these features and how they affect the end user.
Security Affairs
OCTOBER 4, 2023
Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild. Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. The flaw CVE-2023-22515 is a privilege escalation vulnerability that affects Confluence Data Center and Server 8.0.0 and later.
Data Breach Today
OCTOBER 4, 2023
Uno's Design Wisdom Will Accelerate Rollout of Okta's First-Ever Consumer Product Okta bought a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer identity market. Okta was impressed by Uno's experience in building consumer-first, design-focused and easy-to-use password management and personal identity tools.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
OCTOBER 5, 2023
A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.
WIRED Threat Level
OCTOBER 4, 2023
New research has found that some streaming devices and dozens of Android and iOS apps are secretly being used for fraud and other cybercrime.
Security Affairs
OCTOBER 3, 2023
Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The BunnyLoader malware loader is written in C/C++ and is sold on various forums for $250 for a lifetime license.
Expert insights. Personalized for you.
132 
Let's personalize your content