The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. Related: SMBs too often pay ransom Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks

Cybersecurity 200

Cybersecurity Data breaches Compliance Phishing 200

KnowBe4

SEPTEMBER 28, 2023

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

Phishing 107

Phishing Security awareness Cybersecurity Security 107

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord.

Ransomware 238

Ransomware Phishing Access Authentication 238

Data Breach Today

SEPTEMBER 25, 2023

2,050 Organizations Affected After Data Stolen From Secure File-Sharing Software The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week. National Student Clearinghouse warned that data tied to nearly 900 colleges and universities had been stolen from its MOVEit server.

Data breaches 312

Data breaches Ransomware Security IT 312

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

The Last Watchdog

SEPTEMBER 27, 2023

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business. Related: Why ‘observability’ is rising to the fo re Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

Cybersecurity 214

Cybersecurity Analytics Marketing Security 214

Data Matters

SEPTEMBER 28, 2023

Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.

Cybersecurity 166

Cybersecurity Compliance Risk Privacy 166

Data Breach Today

SEPTEMBER 26, 2023

Two Online Threat Actors Claim Responsibility Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors. Sony is saying little other than "we are currently investigating the situation, and we have no further comment at this time.

Data breaches 301

Data breaches 301

The Last Watchdog

SEPTEMBER 27, 2023

London, UK and Austin, Tex., Sept. 27, 2023 — Organisations around the world are rushing to build API (application programming interface) marketplaces to foster greater connectivity between them and their partners and users. Global spend on API marketplaces is set to reach $50b by 2030 and helping organizations make them a success, DigitalAPICraft is today announcing their partnership with Google and the appointment of HSBC exec Marco Tedone as CTO as they scale the business.

Cloud 130

Cloud Government Communications Risk 130

Security Affairs

SEPTEMBER 29, 2023

Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software. A critical zero-day vulnerability, tracked as CVE-2023-42115 (CVSS score 9.8), affects all versions of Exim mail transfer agent (MTA) software. A remote, unauthenticated attacker, can exploit the vulnerability to gain remote code execution (RCE) on Internet-exposed servers.

Authentication 133

Authentication Risk Security IT 133

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Matters

SEPTEMBER 26, 2023

The European Commission issued the Financial Data Access Act (FIDA) proposal in June this year. FIDA will create a legislative framework that aims to "bring payments and the wider financial sector into the digital age" by facilitating the sharing of and access to customer financial data (whether of businesses or consumers). The post New EU FIDA Proposal: How Does This Affect GDPR?

GDPR 158

GDPR Privacy Access 158

Data Breach Today

SEPTEMBER 26, 2023

Director Jen Easterly: Password Managers, Automatic Software Updates Key to Defense CISA Director Jen Easterly urged citizens to boost their defenses by choosing strong passwords, opting for multi-factor authentication, reporting phishing and enabling automatic software updates. Easterly said users should choose passwords that are complex and unique to each sensitive account.

Passwords 295

Passwords Phishing Authentication 295

WIRED Threat Level

SEPTEMBER 27, 2023

SoundThinking is purchasing parts of Geolitica, the company that created PredPol. Experts say the acquisition marks a new era of companies dictating how police operate.

Security 127

Security 127

Security Affairs

SEPTEMBER 27, 2023

A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top-tier mobile exploits. The company is willing to pay up to $20,000,000 for zero-day exploits for iPhone and Android devices. Due to high demand on the market, we're increasing payouts for top-tier mobile exploits.

Marketing 127

Marketing Sales Government Security 127

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

The Last Watchdog

SEPTEMBER 27, 2023

New York, NY, Sept. 27, 2023 – ACM, the Association for Computing Machinery has released “ TechBrief: Generative Artificial Intelligence.” It is the latest in the quarterly ACM TechBriefs series of short technical bulletins that present scientifically grounded perspectives on the impact and policy implications of specific technological developments in computing.

Risk 100

Risk Education Artificial Intelligence Government 100

Data Breach Today

SEPTEMBER 28, 2023

Also, New Malware Targets New Bitwarden Users This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.

Ransomware 291

Ransomware Insurance 291

Schneier on Security

SEPTEMBER 26, 2023

Totally expected, but still good to hear : Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “backdoors” into its end-to-end encryption. “We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betrayin

Encryption 121

Encryption Privacy IT 121

Security Affairs

SEPTEMBER 26, 2023

Researchers discovered that Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months, the Cybernews research team has discovered. This increases the risk of passengers’ personal information, such as emails, names, or addresses, ending up in the wrong hands.

Phishing 124

Phishing Access Security Privacy 124

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

The Last Watchdog

SEPTEMBER 27, 2023

Los Angeles, Calif., Sept. 27, 2023 — Citing organized crime statutes, attorneys with Wisner Baum have filed the first RICO class action alleging that H&R Block, Meta, and Google jointly schemed to install spyware on the H&R Block site, scraping customers’ private tax return information for profit. The suit comes on the heels of a July 2023 congressional report which found “a shocking breach of taxpayer privacy” when tax preparation companies shared millions of customers’ personal a

Healthcare 100

Healthcare Privacy Data Privacy Marketing 100

Data Breach Today

SEPTEMBER 29, 2023

End Comes Just 25 Months After Threat Detection Firm Went Public At $1.2B Valuation The firm founded by retired four-star Gen. Keith Alexander and once valued at $1.2 billion has officially turned off the lights. IronNet Friday ceased business operations and terminated remaining employees after probing strategic alternatives and finding additional sources of liquidity unavailable.

289

289

Dark Reading

SEPTEMBER 26, 2023

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware.

Security 129

Security 129

Security Affairs

SEPTEMBER 24, 2023

Researchers discovered a previously undocumented sophisticated backdoor, named Deadglyph, used by the Stealth Falcon group for espionage in the Middle East ESET researchers discovered a very sophisticated and unknown backdoor, named Deadglyph, employed by the Stealth Falcon group for espionage in the Middle East. Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns.

Libraries 124

Libraries Encryption Security IT 124

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

The Last Watchdog

SEPTEMBER 26, 2023

Washington, DC, Sept.26, 2023 — The Internet Infrastructure Coalition (i2Coalition) launched the VPN Trust Initiative (VTI) in 2020 to establish a baseline for how virtual private network (VPN) providers should operate. The goal is to help avoid oversights, misunderstandings, or vague legislation that could invite abuses of power and short-sighted legislation of helpful technology.

Privacy 100

Privacy Risk Encryption Authentication 100

Data Breach Today

SEPTEMBER 29, 2023

'There's a 10-out-10 severity bug you need to patch right now!' Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero day in the company's MOVEit file transfer software in a hack affecting tens of millions.

Security 284

Security IT 284

Dark Reading

SEPTEMBER 27, 2023

Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.

131

131

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site. Clarion Japan is the Japanese subsidiary of Clarion Co., Ltd., a global manufacturer of audio and video equipment for cars and other vehicles.

Manufacturing 124

Manufacturing Ransomware Data breaches Risk 124

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

WIRED Threat Level

SEPTEMBER 25, 2023

Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.

Artificial Intelligence 116

Artificial Intelligence Privacy Security 116

Data Breach Today

SEPTEMBER 29, 2023

AWS & CrowdStrike Cybersecurity Startup Accelerator Will Incubate Early-Stage Firms CrowdStrike has joined forces with Amazon Web Services to familiarize themselves with more Israeli cyber startups earlier in their development lifecycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.

Cybersecurity 284

Cybersecurity 284

Dark Reading

SEPTEMBER 28, 2023

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Government 127

Government Cybersecurity IT 127