Data Breach Today
NOVEMBER 7, 2024
Also: Ransomware Hackers Demand Baguettes This week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.
Krebs on Security
NOVEMBER 9, 2024
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI said it has seen un uptick in postings on criminal forums regarding the process of emergency data requests (EDRs) and the sal
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
NOVEMBER 5, 2024
CEO Rod Schultz Aims to Bridge External, Internal Data Challenges, Eyes CISO Bonds New Bolster CEO Rod Schultz shares his priorities in combating AI-based fraud, underscoring the potential of internal data security solutions. Schultz sees Bolster’s established brand protection tools as a foundation for addressing broader enterprise data security needs and better engaging CISOs.
Weissman's World
NOVEMBER 4, 2024
Good Cop needs Bad Cop to overcome information governance inertia; otherwise, there’s no meaningful personal incentive for anyone to do anything. As when a mother of a certain era would say to the kids, “Just wait ’til your father gets home!” The post True Stories in InfoGov: Being “Good Cop” Isn’t Enough appeared first on Holly Group.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Krebs on Security
NOVEMBER 5, 2024
A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Schneier on Security
NOVEMBER 8, 2024
The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.
WIRED Threat Level
NOVEMBER 5, 2024
A bug that WIRED discovered in True the Vote’s VoteAlert app revealed user information—and an election worker who wrote about carrying out an illegal voter-suppression scheme.
AIIM
NOVEMBER 5, 2024
As an information management professional, I've observed a concerning trend in the rush to adopt artificial intelligence (AI) technologies, particularly when the stakes are high. There's a significant disconnect between the allure of these powerful AI tools and the reality of most organizations' data readiness. This disconnect, which I call the "data delusion," poses significant challenges for successful AI implementation, especially in critical decision-making scenarios.
eSecurity Planet
NOVEMBER 6, 2024
In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
NOVEMBER 7, 2024
Also: LottieFiles Attack, Craig Wright's Contempt of Court This week, Metawin hacks, LottieFiles attack, hackers used Ethereum smart contracts to target npm developers, Craig Wright faced contempt of court, Alameda sued KuCoin, Binance sought dismissal of a U.S. Securities and Exchange lawsuit, and Immutable received a Wells Notice.
Collaboration 2.0
NOVEMBER 7, 2024
The redesigned M4 Mac Mini is nearly the same size as the Apple TV. You can use it as a light workstation, a mini server, a TV streaming box, and more.
Schneier on Security
NOVEMBER 5, 2024
I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from this summer: Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for valid
Security Affairs
NOVEMBER 8, 2024
Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts. “On October 29, 2024, the Company detec
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
eSecurity Planet
NOVEMBER 6, 2024
Cookies play a crucial role in enhancing your online experience, but they can also be exploited by cybercriminals to access sensitive information. In this video, our expert delves into what cookies are and their function in web browsing, explores the techniques hackers use to steal them — such as session hijacking and cross-site scripting (XSS) — and shares effective strategies and tools to protect your cookies and personal data in 2024.
Data Breach Today
NOVEMBER 4, 2024
Nov. 7 Summit to Confront the Next Generation of Financial Cyber Risks ISMG’s 2024 Financial Services Cybersecurity Summit kicks off Thursday in New York City, bringing together industry leaders and cyber experts to explore critical defense strategies, including digital identity protection, SecOps transformation and realistic threat simulations.
Collaboration 2.0
NOVEMBER 7, 2024
If you've just started using Proton Drive - or if you're considering a migration - here are some tips to help you get up and running quickly so you can make the most of the service.
Schneier on Security
NOVEMBER 7, 2024
Interesting research: “ Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks “: Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
NOVEMBER 3, 2024
Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm.
The Guardian Data Protection
NOVEMBER 6, 2024
Onus will be on platforms to demonstrate they are taking reasonable steps to prevent access for young people, PM says Follow our Australia news live blog for latest updates Get our breaking news email , free app or daily news podcast The Australian government has pledged to legislate an age limit of 16 years for social media access, with penalties for online platforms that don’t comply.
Data Breach Today
NOVEMBER 7, 2024
Findings From the Tech Giant's Defense Report 2024 Flag Expanding Threat Landscape Microsoft's latest Digital Defense Report exposed an increasingly complex cyber battlefield in which nation-state actors team up with cybercriminals to launch sophisticated attacks, while organizations continue to struggle to defend against these evolving threats.
Collaboration 2.0
NOVEMBER 4, 2024
Many consumers are happy to communicate with an AI agent but also want to know when that conversation is happening.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Schneier on Security
NOVEMBER 6, 2024
Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to mul
Security Affairs
NOVEMBER 7, 2024
SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as “Hidden Risk.” The attackers, linked to BlueNoroff and past RustBucket campaigns, used fake cryptocurrency news emails and a malicious app disguised as a PDF.
KnowBe4
NOVEMBER 7, 2024
Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method.
Data Breach Today
NOVEMBER 6, 2024
Security Professionals Must Continually Hone Technical and Communication Skills In cybersecurity, there's no such thing as "done learning." The field's dynamic nature - driven by rapid technological advances and evolving threats - demands that professionals stay adaptable and proactive. It's essential for staying relevant, effective and prepared for what's next.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Collaboration 2.0
NOVEMBER 7, 2024
Currently available to Windows Insiders in Windows 11, Microsoft's new AI-powered Rewrite feature will help you fine-tune your prose in Notepad.
Daymark
NOVEMBER 5, 2024
The Cybersecurity Maturity Model Certification (CMMC) program journey started back in 2019, which eventually led to DFARS Case 2019-D041. Since then, it has gone through several changes and program evolutions. Nearing 4 years in the making and getting closer to being finalized, companies are wondering what is next. What is the target date for the new rule?
Security Affairs
NOVEMBER 6, 2024
Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia.
Expert insights. Personalized for you.
267 
Let's personalize your content