AIIM

JULY 6, 2023

Research Indicates Digital Transformation Has Stalled After we received the survey responses for the AIIM 2023 State of the Intelligent Information Management Industry Report , I spoke to the report’s authors, Dave Jones and Theresa Resek, about a concerning statistic. Enterprise digital transformation (DT) efforts have stalled. Dave later wrote in the report “ over 65% of organizations have achieved significant successes with DT, but that still leaves at least a third who have not.

Digital transformation 104

Digital transformation 104

Data Breach Today

JULY 6, 2023

Hacktivist-Led DDoS Attacks Also on the Rise, ENISA Says Ransomware continues to be the biggest threat to the European healthcare sector, but the region also is experiencing an uptick in distributed denial-of-service attacks tied to hacktivist groups, the European Union Agency for Cybersecurity warned.

Ransomware 279

Ransomware Cybersecurity 279

John Battelle's Searchblog

JULY 6, 2023

(AP Photo/Richard Drew) Apparently the open web has finally died. This the very same week Meta launches Threads , which, if its first day is any indication, seems to be thriving (10 million sign ups in its first few hours, likely 50 million by the time this publishes…). But before Threads’ apparent success, most writers covering tech had decided that the era of free, open-to-the-public, at scale services like Twitter, Reddit, and even Facebook/Insta is over.

IT 141

IT 141

Dark Reading

JULY 5, 2023

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

145

145

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Jamf

JULY 6, 2023

Learn how to seamlessly set up an identity provider (IdP) in your Jamf Account with our step-by-step guide, and take advantage of single sign-on authentication at the admin level.

Authentication 132

Authentication 132

Schneier on Security

JULY 3, 2023

Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement ­ and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage.

Privacy 122

Privacy Marketing Access Security 122

Hunton Privacy

JULY 3, 2023

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo issued a statement confirming that the U.S. has fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the “Framework”). In the statement, it was confirmed that the EU, Iceland, Liechtenstein and Norway, have been designated as “qualifying states” for purposes of implementing the redress mechanism established under Executive Order 14086, such designation to be become effective upon the adoption of an adequacy decis

Data Privacy 119

Data Privacy Privacy IT 119

Dark Reading

JULY 6, 2023

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.

127

127

Data Breach Today

JULY 4, 2023

Cloud Adoption in Financial Services has Soared - as Has Security Risk Financial services organizations face unique cloud security challenges, due to special regulatory, data security and privacy considerations that don't necessarily apply to other industries. Security and payments experts with overlapping skillsets unpack the challenges and how to deal with them.

Risk 265

Risk Financial Services Cloud Privacy 265

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

KnowBe4

JULY 6, 2023

Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also increased significantly.

98

98

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. On November 9, 2022, NYDFS published a first draft of the proposed Amendment and received comments from stakeholders over a 60-day period. The updated proposed Amendment will be subject to an additional 45-day comment period.

Cybersecurity 113

Cybersecurity IT Compliance Financial Services 113

Dark Reading

JULY 6, 2023

In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.

IT 134

IT 134

Data Breach Today

JULY 7, 2023

Latest Hacking, Vendor Incident Trends Emerging From the Federal Tally Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?

Data breaches 261

Data breaches Ransomware 261

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JULY 7, 2023

A researcher recently discovered that a Bangladesh government website leaks the personal data of citizens. The researcher Viktor Markopoulos discovered a Bangladeshi government website that was leaking the personal information of millions of Bangladesh citizens. According to TechCrunch, which first reported the news, the leaked data included full names, phone numbers, email addresses, and national ID numbers.

Government 98

Government e-Discovery Personal data Access 98

Hunton Privacy

JULY 6, 2023

On June 19, 2023, the UK Information Commissioner’s Office (“ICO”) recommended that organizations start using privacy enhancing technologies (“PETs”) to share personal information safely, securely and anonymously. The ICO also has issued new guidance on PETs which is aimed at those using large data sets in finance, healthcare, money laundering and cybercrime.

Privacy 107

Privacy Compliance Personal data Access 107

Dark Reading

JULY 5, 2023

You can't encrypt a file you can't open — Microsoft could dramatically impact ransomware by slowing it down.

Ransomware 126

Ransomware Encryption IT 126

Data Breach Today

JULY 5, 2023

Reported LockBit 3.0 Attack Locks Up Systems, Delays Shipping of Toyota Auto Parts Ransomware believed to originate from the Russian LockBit 3.0 group has locked up computer systems for the Port of Nagoya, Japan's largest cargo hub. The attack held up shipments of Toyota auto parts containers starting Tuesday, but port authorities expect to resume operations Thursday morning.

Ransomware 255

Ransomware 255

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

IT Governance

JULY 6, 2023

Welcome to our July 2023 catches of the month feature, in which we explore the latest phishing scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we look at the increase in a new form of phishing that uses QR codes, plus we discuss the latest the staggering findings of PhishLabs’ latest report.

Phishing 98

Phishing Education Government Personal data 98

Security Affairs

JULY 1, 2023

Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate, Akira is

Ransomware 98

Ransomware Encryption Libraries Education 98

Dark Reading

JULY 3, 2023

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

109

109

Data Breach Today

JULY 4, 2023

Cloud Adoption in Financial Services has Soared - as Has Security Risk Financial services organizations face unique cloud security challenges, due to special regulatory, data security and privacy considerations that don't necessarily apply to other industries. Security and payments experts with overlapping skillsets unpack the challenges and how to deal with them.

Risk 240

Risk Financial Services Cloud Privacy 240

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

IT Governance

JULY 4, 2023

IT Governance found 79 publicly disclosed security incidents in June 2023, accounting for 14,353,113 breached records. You can find the full list below, divided into four categories: cyber attacks, ransomware, data breaches, and malicious insiders and miscellaneous incidents. Also be sure to check out our new page, which provides a complete list of data breaches and cyber attacks for 2023.

Data breaches 96

Data breaches Ransomware Government Insurance 96

Security Affairs

JULY 6, 2023

Cisco warns of a high-severity vulnerability in Nexus 9000 series switches that can allow attackers to read or modify encrypted traffic. Cisco disclosed a high-severity vulnerability, tracked as CVE-2023-20185 (CVSS Score 7.4), in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode. An unauthenticated, remote attacker can exploit the flaw to read or modify encrypted traffic. “This vulnerability is due to an issue with the implementati

Encryption 97

Encryption Security IT Information Security 97

Dark Reading

JULY 3, 2023

Attribution for the cyberattack on Dozor-Teleport remains murky, but the effects are real — downed communications and compromised data.

Communications 114

Communications 114

Data Breach Today

JULY 6, 2023

Also: MOVEit Victims Confirm Attack, Ukrainian Government FB Page Hacked This week, Charming Kitten targeted nuclear experts; over 130,000 solar energy monitoring systems are exposed; organizations confirmed a breach due to the MOVEit zero-day; Russian hackers took over a Ukrainian government agency's Facebook page; and a WordPress plug-in gave admin privileges to users.

Government 157

Government 157

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Schneier on Security

JULY 7, 2023

For four decades, Alaskans have opened their mailboxes to find checks waiting for them, their cut of the black gold beneath their feet. This is Alaska’s Permanent Fund, funded by the state’s oil revenues and paid to every Alaskan each year. We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI.

IT 95

IT Risk Government Artificial Intelligence 95

Security Affairs

JULY 6, 2023

StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269 , (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem.

Data structuring 97

Data structuring Security IT Information Security 97

Dark Reading

JULY 7, 2023

Malware spoofed file management applications thanks to elevated permissions, enabling exfiltration of sensitive data with no user interaction, researchers find.

103

103