Data Breach Today
DECEMBER 27, 2023
Attacks Exposed Millions of Records, Severely Disrupted Care and More Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
Krebs on Security
DECEMBER 29, 2023
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
DECEMBER 27, 2023
AIIM Research shows the number of content systems in organizations is on the rise Organizations everywhere face the challenge of managing an ever-increasing volume of content. From documents and files to multimedia assets and web content, CRMs and ERPs, the pressing need for more broadly encompassing information management has become paramount. According to the AIIM 2023 State of the IIM Industry Report , it is evident that organizations are adopting an increasing number of content systems to ha
Security Affairs
DECEMBER 28, 2023
Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globally, observed multiple actors on the Dark Web releasing substantial data leaks. Over 50 million records containing PII of consumers from around the world have been leaked.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
DECEMBER 26, 2023
Agency Set to Bolster Space Cybersecurity Efforts Across Public and Private Sectors Ground control to the space industry: Take your static cybersecurity practices and upgrade them to a dynamic model. So says NASA's first-ever security best practices guide for space communications, part of an effort to make mission security requirements more accessible.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
KnowBe4
DECEMBER 28, 2023
With so much of an attack riding on a cybercriminals ability to gain access to systems, applications and data, experts predict the trend of rising impersonation is only going to get worse.
Security Affairs
DECEMBER 25, 2023
The threat actor UAC-0099 is exploiting a flaw in the WinRAR to deliver LONEPAGE malware in attacks against Ukraine. A threat actor, tracked as UAC-0099, continues to target Ukraine. In some attacks, the APT group exploited a high-severity WinRAR flaw CVE-2023-38831 to deliver the LONEPAGE malware. UAC-0099 threat actor has targeted Ukraine since mid-2022, it was spotted targeting Ukrainian employees working for companies outside of Ukraine.
Data Breach Today
DECEMBER 27, 2023
Cyber Israel Warns of a Wave of Phishing Attempts Cyberspace aggression against Israel has intensified since the onset of war in the Gaza Strip, changing from online vandalism to attacks aimed at disruption and sowing fear, says Israel's cybersecurity agency. A prominent attack vector is phishing emails.
WIRED Threat Level
DECEMBER 28, 2023
From Sam Altman and Elon Musk to ransomware gangs and state-backed hackers, these are the individuals and groups that spent this year disrupting the world we know it.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Jamf
DECEMBER 27, 2023
Check valuable insights on how to effectively manage security risks and maintain a healthy work-life balance with BYOD in small business. Read now to learn more.
Security Affairs
DECEMBER 29, 2023
The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). One of the key significant improvements are support of more software clients (including browser-based cryptocurrency wallets), upgraded credit card (CC) grabber, and additional advanced mechanisms for password storage dump on var
Data Breach Today
DECEMBER 29, 2023
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
WIRED Threat Level
DECEMBER 27, 2023
Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Schneier on Security
DECEMBER 27, 2023
Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more.
Security Affairs
DECEMBER 29, 2023
Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported. Albania’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed that cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania. The telecom carrier disclosed the cyber attack with a post published on Facebook, the company also added that the cyber attack did not interrupt its services. “Today, we identi
Data Breach Today
DECEMBER 29, 2023
Attackers Have Been Exploiting App Installer to Evade Malware Defenses in Windows Microsoft has deactivated a tool designed to simplify the installation of Windows applications after hacking groups began exploiting the functionality to distribute malware loaders, leading to infections involving backdoors and ransomware.
KnowBe4
DECEMBER 28, 2023
A new report from the U.K. government’s Joint Committee on the National Security Strategy (JCNSS) outlines both just how likely an attack on critical national infrastructure is and where they are vulnerable.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Schneier on Security
DECEMBER 26, 2023
Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police.
Security Affairs
DECEMBER 23, 2023
The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Xeinadin has over 60,000 clients across the UK and Ireland. In 2021, a significant endorsement came from Exponent, one of the leading private equity investors in the UK, propelling the firm to become one of the top 20 accountancy firms in the count
Data Breach Today
DECEMBER 29, 2023
Media Giant Alleges 'Billions of Dollars in Statutory and Actual Damages' The New York Times is suing OpenAI and its chief backer Microsoft for copyright infringement, alleging that OpenAI used without permission "millions" of its copyrighted articles to train the large language models used by ChatGPT and by extension Bing Chat and Copilot.
KnowBe4
DECEMBER 29, 2023
The year 2024 is shaping up to be a pivotal moment in the evolution of artificial intelligence (AI), particularly in the realm of social engineering. As AI capabilities grow exponentially, so too do the opportunities for bad actors to harness these advancements for more sophisticated and potentially damaging social engineering attacks. Let's explore the top 10 expected AI developments of 2024 and their implications for cybersecurity. 1.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Schneier on Security
DECEMBER 29, 2023
Wow : To test PIGEON’s performance, I gave it five personal photos from a trip I took across America years ago, none of which have been published online. Some photos were snapped in cities, but a few were taken in places nowhere near roads or other easily recognizable landmarks. That didn’t seem to matter much. It guessed a campsite in Yellowstone to within around 35 miles of the actual location.
Security Affairs
DECEMBER 28, 2023
Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. An attacker can trigger the vulnerability, tracked as CVE-2023-51467 , to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) The issue resides in the login functionality and results from an incomplete patch for the P
Data Breach Today
DECEMBER 28, 2023
Deal Follows Court Ruling That Cleared the 4-Year-Old Class Action Claim for Trial Google reached a preliminary settlement in a class action lawsuit that alleged the tech giant had misled consumers about their privacy protections when using the private browsing Incognito mode of its Chrome web browser. The settlement came on the heels of a court ruling clearing the case for trial.
KnowBe4
DECEMBER 28, 2023
A newly-discovered technique misusing SMTP commands allows cybercriminals to pass SPF, DKIM and DMARC checks, empowering impersonated emails to reach their intended victim.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Troy Hunt
DECEMBER 23, 2023
It's that time of the year again, time to head from the heat to the cold as we jump on the big plane(s) back to Europe. The next 4 weekly updates will all be from places of varying degrees colder than home, most of them done with Scott Helme too so they'll be a little different to usual. For now, here's a pretty casual Christmas edition, see you next week from the other side 🙂 References Sponsored by: Unpatched devices keeping you up at night?
Security Affairs
DECEMBER 29, 2023
Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of a new cyber espionage campaign carried out by the Russia-linked group APT28 (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ”). The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks.
Data Breach Today
DECEMBER 28, 2023
Also: Yakult Australia Admits to Experiencing 'Cybersecurity Incident' This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
Expert insights. Personalized for you.
300 
Let's personalize your content