AIIM
FEBRUARY 27, 2024
In my role as The Info Gov Guy™, I consult with clients from up and down their organizational charts: in records, IT, legal, HR, marketing, etc. What this tells me is that their employers don’t consider their information to be a core business asset – which is odd because they do acknowledge their success depends completely on their ability to quickly find and retrieve current, accurate, and properly safeguarded information.
Krebs on Security
FEBRUARY 28, 2024
Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
MARCH 1, 2024
In January, I served as a panelist during a three-part series on mergers and acquisitions in the association space. Hosted by the ASAE Executive Management Advisory Council, the series explored what non-profit organizations need to consider before, during, and after mergers and acquisitions. The panelists were mainly executives and legal professionals, so the fascinating conversations focused very much on strategy, governance, finances, and human capital.
Data Breach Today
MARCH 1, 2024
Calls Grow to Block Browser-Based Password Storage as Malware Comes Calling Saving passwords in browser-based password managers or via "remember my details" website options might make for simple and fast log-ins for employees, but they also give attackers an easy way to lift legitimate credentials, oftentimes via highly automated, information-stealing malware, experts warn.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
The Last Watchdog
FEBRUARY 27, 2024
Brea, Calif. Feb. 27, 2024 — The current large surge in cyber threats has left many organizations grappling for security so ThreatHunter.ai is taking decisive action. Recognizing the critical juncture at which the digital world stands, ThreatHunter.ai is now offering their cutting-edge cybersecurity services free of charge to all organizations for 30 days, irrespective of their current cybersecurity measures.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
FEBRUARY 29, 2024
A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow.
Data Breach Today
FEBRUARY 29, 2024
Agent Robert K. Tripp on FBI's Approach to Deepfakes, Nation-State Election Threats The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K. Tripp, "We're no longer considering threats as a what-if situation; it's happening now.
WIRED Threat Level
MARCH 1, 2024
Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.
The Last Watchdog
FEBRUARY 27, 2024
Zurich, Switzerland, Feb. 27, 2024 — Chipmaking has become one of the world’s most critical technologies in the last two decades. The main driver of this explosive growth has been the continuous scaling of silicon technology (widely known as the Moore’s Law). But these advances in silicon technology are slowing down, as we reach the physical limits of silicon.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
FEBRUARY 25, 2024
A cyber attack hit the Royal Canadian Mounted Police (RCMP), the federal and national law enforcement agency of Canada. The Royal Canadian Mounted Police (RCMP), the federal and national law enforcement agency of Canada, confirmed that it was the target of a cyber attack. RCMP also notified the Office of the Privacy Commissioner (OPC). The police have launched an investigation into the cyber attack and urged its staff to stay vigilant. “The situation is evolving quickly but at this time, t
Data Breach Today
FEBRUARY 28, 2024
UNC5325 Can Remain in Hacked Devices Despite Factory Reset and Patches Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
WIRED Threat Level
FEBRUARY 27, 2024
Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man.
Hunton Privacy
FEBRUARY 29, 2024
On February 21, 2024, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into a resolution agreement and corrective action plan with Green Ridge Behavioral Health LLC (“GRBH”) stemming from the organization’s failure to comply with the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (“HIPAA”) and subsequent failure to protect against a 2019 ransomware attack that impacted the personal health information (“PHI”) of more
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
FEBRUARY 29, 2024
North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February Patch Tuesday update.
Data Breach Today
FEBRUARY 29, 2024
Also: Bitcoin Fog Case Testimony; Axie Infinity Co-Founder Hack This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA office, and Aleo was breached.
WIRED Threat Level
FEBRUARY 27, 2024
Two months ago, the FBI “disrupted” the BlackCat ransomware group. They're already back—and their latest attack is causing delays at pharmacies across the US.
Schneier on Security
FEBRUARY 26, 2024
Apple announced PQ3 , its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There’s a lot of detail in the Apple blog post , and more in Douglas Stabila’s security analysis. I am of two minds about this. On the one hand, it’s probably premature to switch to any particular post-quantum algorithms.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
MARCH 1, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Data Breach Today
FEBRUARY 26, 2024
New CSF Adds 'Governance' to Core Functions Cybersecurity guidance for the private sector published by the U.S. National Institute of Standards and Technology in 2014 has received its first major update. The revised Cybersecurity Framework focuses on governance and says cybersecurity threats are a major source of enterprise risk.
WIRED Threat Level
FEBRUARY 29, 2024
As Chinese automakers prepare to launch in the US, the White House is investigating whether cars made in China could pose a national security threat.
IBM Big Data Hub
FEBRUARY 29, 2024
As more countries, companies and individuals seek energy sources beyond fossil fuels, interest in renewable energy continues to rise. In fact, world-wide capacity for energy from solar, wind and other renewable sources increased by 50% in 2023. More than 110 countries at the United Nations’ COP28 climate change conference agreed to triple that capacity by 2030, and global investment in clean energy transition hit a record high of USD 1.8 trillion in 2023.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
MARCH 1, 2024
German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforcement operation led to the seizure of the largest German-speaking cybercrime marketplace. “Under the direction of the North Rhine-Westphalia Cybercrime Central and Contact Office (ZAC NRW), an investigative commission at the Düsseldorf Police Headquarters has been collecting evidence for years about
Data Breach Today
MARCH 1, 2024
Jay Chaudhry Says Palo Alto Offering Free Products to New Platform Users Won't Work Zscaler CEO Jay Chaudhry said Palo Alto Networks' strategy of offering free products to new platform customers will "unravel over time" as firewalls become shelfware. Legacy vendors find themselves "in a defensive position" as the role of firewalls shrinks and demand for zero trust security grows.
eSecurity Planet
FEBRUARY 26, 2024
Critical vulnerabilities have been discovered across multiple systems, including Microsoft Exchange Servers, the Bricks Builder Theme for WordPress, VMware, ScreenConnect, Joomla, and Apple Shortcuts. Urgent patching and prompt updates can protect systems from unauthorized access, data breaches, and potential exploitation by threat actors. Organizations must prioritize implementing effective security measures and conducting frequent audits.
IBM Big Data Hub
FEBRUARY 28, 2024
Sourcing is getting smarter. To start, many organizations have already pivoted from a tactical to a strategic sourcing mindset—which can make all the difference when it comes to gaining and retaining a competitive advantage. Why? Because organizations with strategic sourcing mindsets look beyond price and cost savings-centered supplier selection initiatives.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 27, 2024
New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recently disclosed vulnerabilities , tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software.
Data Breach Today
FEBRUARY 29, 2024
Is LockBit a Kremlin Sock Puppet? Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?
KnowBe4
FEBRUARY 28, 2024
I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now.
Expert insights. Personalized for you.
159 
Let's personalize your content