Trending Articles

article thumbnail

Breach Roundup: Barracuda Networks Recalls Hacked Appliances

Data Breach Today

Also: More on MOVEit, Motherboard Vulnerabilities, Bugs and Ransomware This week: Barracuda Networks recalls hacked email security appliances, the latest on MOVEit, and a Gigabyte motherboard firmware security vulnerability is exposed. Also, researchers detail a patched flaw in the Microsoft Visual Studio extension installer, and ransomware hits across the globe.

article thumbnail

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Krebs on Security

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks , as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely u

Security 246
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Sets Aside $425M For Anticipated GDPR Fine

Data Breach Today

Targeted Advertising on LinkedIn May Violate Europeans' Privacy Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.

GDPR 328
article thumbnail

The Significance of Diversity, Equity, and Inclusion in Information Management

AIIM

In honor of Pride Month in June, I wanted to share some thoughts about diversity, equity, and inclusion (DEI) in the information management industry. The Value of DEI in the Workplace Extensive research has already established the value of DEI in the workplace, with Boston Consulting Group finding that companies with diverse leadership teams report higher innovation revenue.

article thumbnail

Beware of Pixels & Trackers: A Client-Side Security Report

At the beginning of 2023, concern grew over pixels and trackers, which load into the browser as a part of the software supply chain, being used by data harvesting platforms to collect user data. The data is then transferred to the servers of the companies owning the pixels/trackers as a part of their advertising and marketing business. Aggressive data harvesting practices increase the likelihood and/or actual transfer of sensitive data, which may cause unintended consequences, including expensiv

article thumbnail

RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

The Last Watchdog

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

Cloud 140

More Trending

article thumbnail

Service Rents Email Addresses for Account Signups

Krebs on Security

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

Passwords 178
article thumbnail

Will Mandatory Generative AI Use Certifications Become the Norm in Legal Filings?

Hunton Privacy

On June 2, 2023, Judge Brantley Starr of the U.S. District Court for the Northern District of Texas released what appears to be the first standing order regulating use of generative artificial intelligence (“AI”)—which has recently emerged as a powerful tool on many fronts—in court filings. Generative AI provides capabilities for ease of research, drafting, image creation and more.

article thumbnail

RSAC Fireside Chat: Fusing ‘TIP’ and ‘SOAR’ to defend hybrid-cloud, multi-cloud networks

The Last Watchdog

When Threat Intelligence Platform ( TIP ) and Security Orchestration, Automation and Response ( SOAR ) first arrived a decade or so ago, they were heralded as breakthrough advances. Related: Equipping SOCs for the long haul TIP and SOAR may yet live up to that promise. I had an evocative discussion about this at RSA Conference 2023 with Willy Leichter , vice president of marketing, and Neal Dennis , threat intelligence specialist, at Cyware , which supplies a cyber fusion solution built around a

Cloud 124
article thumbnail

Sophisticated 'Impulse Project' Crypto Scam Sprawls With 1,000 Affiliate Sites

Dark Reading

Ready-to-defraud turnkey services from Russia's Impulse Team are offered on the cyber underground and have built a campaign that has operated undetected dating back to 2016.

136
136
article thumbnail

Why You Need to Use Case Studies in Sales and Marketing (and How to Start Now)

Case studies are proof of successful client relations and a verifiable product or service. They persuade buyers by highlighting your customers' experiences with your company and its solution. In sales, case studies are crucial pieces of content that can be tailored to prospects' pain points and used throughout the buyer's journey. In marketing, case studies are versatile assets for generating business, providing reusable elements for ad and social media content, website material, and marketing c

article thumbnail

Microsoft Attributes MOVEit Transfer Hack to Clop Affiliate

Data Breach Today

UK Payroll Provider Zellis' MOVEit Hack Affects British Airways, Boots and the BBC Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.

article thumbnail

Snowden Ten Years Later

Schneier on Security

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to. It was scared of UK law enforcement, and worried that this essay would reflect badly on it.

article thumbnail

FTC Issues Proposed Order Against Home Security Camera Company Ring

Hunton Privacy

On May 31, 2023, the Federal Trade Commission announced a proposed order against home security camera company Ring LLC (“Ring”) for unfair and deceptive acts or practices in violation of Section 5 of the FTC Act. According to the FTC’s complaint , Ring allegedly made false or misleading representations that it took reasonable steps to ensure that Ring home security cameras are a secure means to monitor private areas of consumers’ homes.

Security 118
article thumbnail

RSAC Fireside Chat: Dealing with the return of computing workloads to on-premises datacenters

The Last Watchdog

A cloud migration backlash, of sorts, is playing out. Related: Guidance for adding ZTNA to cloud platforms Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures. However, a “back-migration,” as Michiel De Lepper , global enablement manager, at London-based Runecast , puts it, is also ramping up.

Cloud 126
article thumbnail

Apache Cassandra® NoSQL for the Relational DBA

Unleash the power of NoSQL with "Apache Cassandra® NoSQL for the Relational DBA." Learn from Lewis DiFelice, an experienced Professional Services Consultant at Instaclustr, as he shares his journey transitioning from SQL to managing a 40-node Cassandra cluster. Gain insights into Cassandra's architecture, configuration strategies, and best practices.

article thumbnail

Cybersecurity Institute to Open in Saudi Arabia

Dark Reading

The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships.

article thumbnail

Highlights of Verizon Data Breach Investigations Report 2023

Data Breach Today

Report's Lead Author Shares Top Findings, Best Practices Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents.

article thumbnail

Court Dismisses IBM’s Breach of Contract Claim Against Micro Focus Finding the Claim to Lack Merit

OpenText Information Management

As I wrote earlier, IBM brought a lawsuit against Micro Focus alleging breach of contract and copyright infringement by Micro Focus Enterprise Suite products. Here is the blog I posted as to the technical aspects of the meritless claim. We confidently asserted then that IBM’s claims are legally and factually without merit. With respect to … The post Court Dismisses IBM’s Breach of Contract Claim Against Micro Focus Finding the Claim to Lack Merit appeared first on OpenText Blogs.

98
article thumbnail

Data Fragmentation No More: Reltio and Google Cloud Partner to Deliver Trusted Data

Reltio

Data fragmentation and poor data quality are persistent challenges organizations face across most industries. With the increasing proliferation of applications and the adoption of cloud technologies, core data such as customer and product information often becomes fragmented and degrades in quality over time. This problem hinders organizations from generating meaningful insights and realizing the full potential of their investments in analytics, artificial intelligence, machine learning, and dat

Cloud 98
article thumbnail

Finding The Application Modernization Strategy That Is Right For Your Business

As a business leader, you know it's important to update your apps, but it can be tough to figure out the best approach. This whitepaper helps you in upgrading your current applications using modernization strategies without any business disruptions.

article thumbnail

GUEST ESSAY: Using generative AI to support — not replace — overworked cybersecurity pros

The Last Watchdog

As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats. Related: Leveraging human sensors Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.

article thumbnail

ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks

Dark Reading

Attackers could exploit a common AI experience — false recommendations — to spread malicious code via developers that use ChatGPT to create software.

145
145
article thumbnail

Microsoft Pays $20M to Settle FTC COPPA Complaint

Data Breach Today

FTC Says Violations Stem From XBox Live Registration Process Microsoft will pay $20 million to settle a U.S. federal investigation into whether the computing giant violated children's privacy protections during the XBox Live registration process. The Federal Trade Commission accused the company of a slew of infractions.

Privacy 258
article thumbnail

AI Is Being Used to ‘Turbocharge’ Scams

WIRED Threat Level

Plus: Amazon’s Ring was ordered to delete algorithms, North Korea’s failed spy satellite, and a rogue drone “attack” isn’t what it seems.

IT 127
article thumbnail

From Hadoop to Data Lakehouse

Getting off of Hadoop is a critical objective for organizations, with data executives well aware of the significant benefits of doing so. The problem is, there are few options available that minimize the risk to the business during the migration process and that’s one of the reasons why many organizations are still using Hadoop today. By migrating to the data lakehouse, you can get immediate benefits from day one using Dremio’s phased migration approach.

article thumbnail

Can Gather Change the Course of Internet History?

John Battelle's Searchblog

The Gather founding team from top left: Zan Doan, CTO, Sudhir Kandula, COO, Mengmeng Chen, Cofounder & CPO, Sumit Agarwal, Cofounder & CEO A few weeks ago I was genuinely thunderstruck. My co-editor at P&G Signal (thanks Stan!) introduced me to a new company – one that promised to give consumers control over their personal data in new and innovative ways.

Security 102
article thumbnail

Apple WWDC’23: Day one recap

Jamf

An overview of the new operating systems, features and mind-blowing technology that was announced on day one of Apple’s World Wide Developers Conference (WWDC) 2023.

105
105
article thumbnail

FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults

Dark Reading

Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.

138
138
article thumbnail

Psychiatry Practice Fined for Posting PHI Online

Data Breach Today

HHS Settlement Is Latest Involving Negative Social Media Responses Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review.

211
211
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

The Software-Defined Car

Schneier on Security

Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go about building new models, taking advantage of much more powerful hardware to consolidate all those discrete functions into a small number of domain controllers.

Security 102
article thumbnail

Apple Expands Its On-Device Nudity Detection to Combat CSAM

WIRED Threat Level

Instead of scanning iCloud for illegal content, Apple’s tech will locally flag inappropriate images for kids. And adults are getting an opt-in nudes filter too.

IT 104
article thumbnail

[FBI ALERT] Skin Deep: The Scary Reality of New Deepfake-Enabled Sextortion

KnowBe4

Today, the FBI alerted warned against a new even more disgusting type of sextortion. Previously, these schemes involved coerced or stolen digital material, but now some criminals are using technology to create explicit content from innocent images or videos found online. This information comes from today's alert by the FBI's Internet Crime Complaint Center (IC3).

97