Krebs on Security

MAY 26, 2023

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. The volume of phishing websites registered through Freenom dropped considerably since the registrar was sued by Meta.

Phishing 253

Phishing Mining IT 253

Data Breach Today

MAY 26, 2023

Access Now Calls Infections 1st Documented Evidence of Pegasus in Context of War Digital rights organizations detected Pegasus spyware on the devices of members of Armenian civil society during the outbreak of armed conflict over a disputed region in the South Caucasus region. Access Now called the infections the first known instance of Pegasus spyware use during war.

Access 209

Access 209

Dark Reading

MAY 26, 2023

Informants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees.

IT 125

IT 125

Data Breach Today

MAY 26, 2023

Hackers Obtained Access Through a Compromised Credential Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.

Cybersecurity 209

Cybersecurity Financial Services Access IT 209

Speaker: Dr. Greg Loughnane and Chris Alexiuk

Technology professionals developing generative AI applications are finding that there are big leaps from POCs and MVPs to production-ready applications. They're often developing using prompting, Retrieval Augmented Generation (RAG), and fine-tuning (up to and including Reinforcement Learning with Human Feedback (RLHF)), typically in that order. However, during development – and even more so once deployed to production – best practices for operating and improving generative AI applications are le

Data science

Jamf

MAY 26, 2023

Cyber threats come from all sides. As bad actors continue to evolve their toolsets to more succinctly attack targets, organizations are faced with the challenges of preparing for threats while implementing mitigations to address them as quickly and efficiently as possible. One of the most critical are external threats originating from outside the organization – proving to be amongst the most common threat types and the most difficult to protect against – but not impossible to address

Security 96

Security 96

Security Affairs

MAY 26, 2023

Researchers spotted a new botnet dubbed Dark Frost that is used to launch distributed denial-of-service (DDoS) attacks against the gaming industry. Researchers from Akamai discovered a new botnet called Dark Frost that was employed in distributed denial-of-service (DDoS) attacks. The botnet borrows code from several popular bot families, including Mirai , Gafgyt , and Qbot.

Honeypots 92

Honeypots Security Cybersecurity Information Security 92

Data Breach Today

MAY 26, 2023

ICO Receives 'Large Number of Reports' From Organizations Affected by Data Exposure Britain's privacy watchdog has seen a surge in data breach reports from outsourcing giant Capita's customers tied to two incidents: a March hack attack by a ransomware group against Capita and one of the company's Amazon Web Service buckets being left unsecured for six years.

Data breaches 176

Data breaches Ransomware Privacy 176

KnowBe4

MAY 26, 2023

As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial intelligence (AI)-enabled military systems and operational concepts. The PLA's exploration into this new domain of warfare could potentially change the dynamics of global conflict.

Artificial Intelligence 88

Artificial Intelligence Military Cybersecurity 88

Data Breach Today

MAY 26, 2023

Also: Meta Fined 1.2 Billion Euros for Privacy Issues; GDPR's 5-Year Anniversary In the latest weekly update, ISMG editors discuss top takeaways from Ukraine's cyber defense success, how a European regulator suspended Facebook data transfers to the United States, and the state of the EU General Data Protection Regulation on its five-year anniversary.

GDPR 130

GDPR Privacy IT 130

Speaker: Keith Kmett, Principal CX Advisor at Medallia

Join Keith Kmett, Principal CX Advisor, in this new webinar that will focus on: Understanding CX Orchestration Fundamentals: Gain a solid understanding of what CX orchestration is, its significance in the customer experience landscape, and how it plays a crucial role in shaping customer journeys. This includes the key concepts, strategies, and best practices involved in CX orchestration. 🔑 Connection to Customer Journey Maps: How to effectively integrate customer journey mapping into the

Customer Experience

IBM Big Data Hub

MAY 26, 2023

Cloud is transforming the way life sciences organizations are doing business. Cloud computing offers the potential to redefine and personalize customer relationships, transform and optimize operations, improve governance and transparency, and expand business agility and capability. Leading life science companies are leveraging cloud for innovation around operational, revenue and business models.

Cybersecurity 88

Cybersecurity Cloud Data breaches Security 88

Data Breach Today

MAY 26, 2023

'No Plans to Leave,' Altman Hastily Tweets ChatGPT will continue to operate inside the European Union despite warnings from OpenAI CEO Sam Altman that he's prepared to pull out from the bloc if he doesn't like regulations being prepared in Brussels. European lawmakers earlier this month proposed new obligations for AI models such as GPT.

130

130

Security Affairs

MAY 26, 2023

An alleged Iran-linked APT group targeted an organization linked to the United Arab Emirates (U.A.E.) with the new PowerExchange backdoor. Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The experts speculate that the backdoor is likely linked to an Iran-linked APT group.

Phishing 88

Phishing File names Security Archiving 88

Data Breach Today

MAY 26, 2023

Ransomware Operation Claims It Downloaded 2 Terabytes of Entity's Data An upstate New York medical specialty practice has reported to regulators that the information of nearly 224,500 employees and patients was compromised in a hacking incident discovered in March. Ransomware group RansomHouse claims to have downloaded 2 terabytes of the entity's data.

Ransomware 130

Ransomware IT 130

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Cybersecurity

IBM Big Data Hub

MAY 26, 2023

When it comes to driving large technology transformation on Cloud, leveraging existing investments, and optimizing open innovation within the larger ecosystem with a hybrid cloud platform, IBM Consulting™ offers several learnings to help organizations address the architecture and technology challenge. Consider large financial services organization going through core banking modernization.

Cloud 88

Cloud Financial Services Energy and Utilities Digital transformation 88

Schneier on Security

MAY 26, 2023

Cyberspace operations now officially has a physical dimension, meaning that the United States has official military doctrine about cyberattacks that also involve an actual human gaining physical access to a piece of computing infrastructure. A revised version of Joint Publication 3-12 Cyberspace Operations—published in December 2022 and while unclassified, is only available to those with DoD common access cards, according to a Joint Staff spokesperson—officially provides a definition

Military 85

Military Access IT Security 85

Security Affairs

MAY 26, 2023

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS). Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. The malicious code was first uploaded to a public malware scanning service in December 2021 by a user in Russia.

Security 84

Security Cybersecurity Access IT 84

Dark Reading

MAY 26, 2023

Phishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations.

Phishing 100

Phishing 100

Advertisement

There’s a good reason why Apache Cassandra® is quickly becoming the NoSQL database of choice for organizations of all stripes. In this white paper, discover the key use cases that make Cassandra® such a compelling open source software – and learn the important pitfalls to avoid. From understanding its distributed architecture to unlocking its incredible power for industries like healthcare, finance, retail and more, experience how Cassandra® can transform your entire data operations.

Retail

Thales Cloud Protection & Licensing

MAY 26, 2023

CIAM in insurance: A unified, secure user experience with a single login madhav Fri, 05/26/2023 - 07:33 In recent years, the insurance industry has transformed from a singularly focused entity to a multi-brand or multi-service type of business. Most insurance companies nowadays offer multiple types of insurance products, or they sell policies on behalf of their partners.

Insurance 69

Insurance Security Digital transformation Passwords 69

Dark Reading

MAY 26, 2023

To mitigate risk, both developers and users must include security principles and technologies as core foundations in new devices.

Risk 92

Risk Security 92

eSecurity Planet

MAY 26, 2023

Confidential computing is a technology and technique that encrypts and stores an organization’s most sensitive data in a secure portion of a computer’s processor — known as the Trusted Execution Environment (TEE) — while it’s processed and in use. It’s a fast-growing cloud computing technique that has gotten buy-in and support from a variety of hardware, software, and cloud vendors.

Encryption 71

Encryption Cloud Security IoT 71

KnowBe4

MAY 26, 2023

Check out the 20 new pieces of training content added in May, alongside the always fresh content update highlights, events and new features.

Security awareness 75

Security awareness Security 75

Speaker: Steve Pappas

As businesses strive for success in an increasingly digitized world, delivering an exceptional customer experience has become paramount. To meet this demand, enterprises are embracing innovative approaches that captivate customers and fuel their loyalty. 💥 Enter conversational AI - an absolute game-changer (if done right) in redefining CX norms.

Customer Experience

OpenText Information Management

MAY 26, 2023

The world is in a race for energy. Energy companies today are striving to create intelligent, connected, secure, responsible and scalable enterprises. Smart grids, smart oilfields, smart refineries and other ‘smart’ assets are concepts that have been around for more than 25 years, but these concepts have largely relied on information from operational technology such as … The post Making smart grids, smart fields, and smart facilities smarter with OpenText appeared first on OpenText Blogs.

Security 52

Security Mining 52

Dark Reading

MAY 26, 2023

Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people.

Security 81

Security 81

IG Guru

MAY 26, 2023

Check out the story here.

Information governance 76

Information governance GDPR Privacy Compliance 76

Dark Reading

MAY 26, 2023

Data breaches 94

Data breaches Security 94

Advertisement

In today's digital landscape, the threat of ransomware demands proactive defense. This paper, inspired by a real PostgreSQL® database incident, offers vital strategies for effective mitigation. Instaclustr expert Perry Clark outlines immediate actions to minimize risks, ensuring a swift response to ransomware threats and protecting critical data assets.

Ransomware

Schneier on Security

MAY 26, 2023

Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Security 71

Security 71