Tue.Aug 06, 2024

article thumbnail

Make it Personal When People Slow Your InfoGov Roll

Weissman's World

You know as well as I that people-related issues – not those related to technology – tend to be the ones that stand most in the way of information governance success. Our problem is that we need them to understand, to make time for us, to change their thinking. To help them get there, we… Read More » Make it Personal When People Slow Your InfoGov Roll The post Make it Personal When People Slow Your InfoGov Roll appeared first on Holly Group.

IT 279
article thumbnail

Ransomware Leads to $30M in Lost Income at Sonic Automotive

Data Breach Today

Numerous Dealers Disrupted by Attack Against Software Provider CDK Global Ransomware attacks are continuing to lead to losses, to the tune of $30 million for automotive retail giant Sonic Automotive due to the attack disrupting car dealership software service provider CDK Global, and separately $17 million for printed circuit board assembly maker Key Tronic.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Black Hat Fireside Chat: The role of API Security in mitigating online fraud, emerging GenAI risks

The Last Watchdog

LAS VEGAS — As Black Hat USA 2024 plays out here this week, the disruptive impact of GenAI/LLM at many different levels will be in the spotlight. Related : GenAI introduces fresh risks We’re in early days. The productivity gains are ramping up – but so are the exposures. I had the chance to visit with Amod Gupta , head of product at Traceable ; we discussed how GenAI/LLM is reverberating at the API level, where hyper-interconnectivity continues to intensify.

Risk 147
article thumbnail

UK's Advanced Faces 6M Pound Find After LockBit Attack

Data Breach Today

Ransomware Hackers Used LockBit 3.0 to Hack IT Services Company in 2022 A British IT services company whose ransomware attack and data breach in 2022 disrupted a national urgent care medical helpline now faces the prospect of a nearly $8 million fine. Hackers stole personal information belonging to 82,946 individuals.

article thumbnail

The Tumultuous IT Landscape is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

KnowBe4 Honors the World Famous Hacker for the First National Social Engineering Day

KnowBe4

On August 6th, 2024, we celebrate National Social Engineering Day – a new national day established by KnowBe4 and officially recognized by the National Day Calendar. The day aims to educate individuals and organizations about the risks associated with social engineering tactics used in cyber attacks.

Education 135

More Trending

article thumbnail

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. The incident impacted users globally, the attackers remotely wiped a small percentage of devices, according to the company.

MDM 122
article thumbnail

CISA Guide Sparks Calls for Software Supplier 'Safe Harbor'

Data Breach Today

New Security Transparency Guidance Sparks Demands for Supplier Protections Experts are calling on the Cybersecurity and Infrastructure Security Agency to expand and implement protections for software developers who embrace the White House administration’s calls to take a greater share of responsibility for the security of their products.

article thumbnail

A Better Investigatory Board for Cyber Incidents

Schneier on Security

When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of dollars. We need one. To be sure, there is the White House’s Cyber Safety Review Board.

article thumbnail

Kimsuky and Andariel Target Seoul's Construction Industry

Data Breach Today

Espionage Groups Exploited Software Supply Chain Vulnerabilities to Widen Reach Prominent North Korean hacker groups Kimsuky and Andariel have been targeting South Korea's construction and machinery sectors since January to steal classified information to help the country modernize its cities and factories, South Korean government agencies warned on Monday.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a deserialization of untrusted data vulnerability in Microsoft COM for Windows, tracked as CVE-2018-0824 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog.

IT 109
article thumbnail

How Akamai’s Acquisition of Noname Enhances API Protection

Data Breach Today

Noname Security CEO Oz Golan on Strengthening API, Web Security Post-Acquisition Akamai’s $450 million acquisition of No Name Security marks a pivotal point in API security. Oz Golan, Noname's CEO and Akamai's vice president of API security, discusses the integration plans, technological synergies, and future growth opportunities that come with Akamai’s extensive customer base.

Security 130
article thumbnail

Should Organizations Pay Ransom Demands?

Security Affairs

Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, with the Verizon Data Breach Report 2024 reporting that ransomware is a top threat across 92% of industries. In recent years, the number of ransomware attacks has grown significantly.

article thumbnail

Zeroing in on Zero Trust

Data Breach Today

How close are you to achieving Zero Trust? If you’re a CISO or other security leader, recent and forthcoming government mandates mean you urgently need an answer to this question.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Google warns of an actively exploited Android kernel flaw

Security Affairs

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. The IT giant is aware that the vulnerability has been actively exploited in the wild. The company did not share details of the attacks exploiting this vulnerability.

Security 102
article thumbnail

A New Plan to Break the Cycle of Destructive Critical Infrastructure Hacks

WIRED Threat Level

As digital threats against US water, food, health care, and other vital sectors loom large, a new project called UnDisruptable27 aims to help fix cybersecurity weaknesses where other efforts have failed.

article thumbnail

A ransomware attack hit French museum network

Security Affairs

The Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums. The attack impacted around 40 museums across France. The attack occurred on Sunday, and despite some affected venues are hosting Summer Olympics competitions, the incident had no impact on the Olympic Games.

article thumbnail

Data governance doesn’t have to be boring: Get executive buy-in with storytelling

Collibra

Data governance doesn’t have to be boring — nor should it be. Adobe Senior Manager of Data Governance Joseph Wallace rightly challenged this and other misconceptions at the Data Citizens 2024 conference in Orlando, FL. Joseph was part of Adobe’s data governance team when the company first bought and implemented Collibra — a brand-new product at the time — and his experience has taught him that data governance is about unlocking the business potential of data, not just policing it.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that North Korea-linked hackers exploited VPN software update to install

article thumbnail

STOP-VERIFY-CORRECT: How to combat misinformation online and beyond

CILIP

STOP-VERIFY-CORRECT: How to combat misinformation online, in print and media This guide breaks down the processes of how mis- and dis-information works, and how it is able to use emotion and deception to spread across social media, the internet, and the press. Stop - Verify - Correct When you encounter a piece of news that is shocking, outrageous, emotive and visceral, always stop to assess the situation.

article thumbnail

Maintaining persistence through deception: The threat of fake iOS updates

Jamf

Discover how fake iOS updates could threaten mobile security. Stay vigilant and secure your Apple devices against evolving cyber threats.

Security 106
article thumbnail

This $20 USB-C cable I recommend comes with a useful digital display

Collaboration 2.0

The ChargerLAB Power-Z AK001 USB-C cable includes a power meter that's super handy for seasoned technicians and hobbyists alike.

98
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

AI Tools Have Increased the Sophistication of Social Engineering Attacks

KnowBe4

The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports.

article thumbnail

This EcoFlow portable battery powered my whole home during recent outages

Collaboration 2.0

The EcoFlow Delta Pro Ultra is capable of powering an entire home, but it's especially outstanding with the EcoFlow Smart Home Panel 2.

IT 98
article thumbnail

New Malvertising Campaign Impersonates Google Authenticator

KnowBe4

Researchers at Malwarebytes spotted a malvertising campaign that abused Google Ads to target people searching for Google Authenticator.

article thumbnail

The AI scams infiltrating the knitting and crochet world - and how to spot them

Collaboration 2.0

AI can create unexpected problems for crafters. Here's what to watch out for, and why it matters even if you don't crochet.

IT 98
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Approaching AI at the National Library of Scotland

CILIP

Approaching AI at the National Library of Scotland Image of the National Library of Scotland by Magnus Hagdorn, from Flickr Robert Cawston, Director of Digital and Service Transformation, introduces a new AI Statement for the National Library of Scotland. This article is featured in the AI hub Approaching the hype cycle Despite the rapid developments in large language models (LLMs) and generative AI tools over the last 12-18 months, for many we remain at the “jagged frontier”(1) of AI capabiliti

article thumbnail

Google just unveiled 2 major smart home AI updates - and Nest users will be excited

Collaboration 2.0

The new Gemini-powered updates will soon supercharge smart homes with generative AI and more options than ever.

98
article thumbnail

Top three challenges of threat hunting

OpenText Information Management

Our series on threat hunters has covered what they are and what they do. This week’s post highlights two common mistakes threat hunters make and the three biggest challenges they face, according to a recent study by the University of Victoria [insert link]. The bottom line is that these mistakes and challenges cost time and attention, which increases risk.