Analysis, Security and Training - Information Management Today

Researchers devised an attack technique to extract ChatGPT training data

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique that could have been used to trick ChatGPT into disclosing training data. A team of researchers from several universities and Google have demonstrated an attack technique against ChetGPT that allowed them to extract several megabytes of ChatGPT’s training data. ” continues the analysis.

Paper

Paper Privacy IT Access

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

The Last Watchdog

APRIL 2, 2024

It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Related: AI makes scam email look real Fresh evidence comes from Mimecast’s “The State of Email and Collaboration Security” 2024 report.

Security

Security Communications Risk Phishing

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

The Last Watchdog

OCTOBER 4, 2021

It is no secret that there is, and has been for some time, a shortage of trained cyber security professionals in corporate IT Security teams. The cyber security talent crunch has been a growing issue for many years now. million unfilled cyber security jobs globally by 2021. Growing need.

Cybersecurity

Cybersecurity IT Analytics Education

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats

eSecurity Planet

FEBRUARY 8, 2023

Also read: ChatGPT: A Brave New World for Cybersecurity ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware ChatGPT’s Good Security Uses And ChatGPT’s security benefits, Grinberg said, are significant. ChatGPT Security Tools Coming? “It will be fun, engaging, and memorable.”

Cybersecurity

Cybersecurity Security awareness Phishing Ransomware

Learning Malware Analysis and Cybersecurity Writing Online

Lenny Zeltser

APRIL 19, 2020

You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. Malware Analysis. Cybersecurity Writing.

Cybersecurity

Cybersecurity Communications Access Security

Building cyber security careers

IT Governance

OCTOBER 21, 2021

The need for experienced and qualified cyber security professionals is a highlight of Cybersecurity Career Awareness Week , led by NICE (National Initiative for Cybersecurity Education). Cyber security focuses on protecting computer systems from unauthorised access or being otherwise damaged. Build your cyber security career.

Security

Security Information Security GDPR Data Privacy

HHS Targets Small Behavioral Health Clinic for HIPAA Violations Following Ransomware Investigation

Hunton Privacy

FEBRUARY 29, 2024

The resolution agreement requires Green Ridge to pay $40,000 to OCR and enter into a Corrective Action Plan that obligates Green Ridge to, among other items: Implement a security management process, including a thorough risk analysis, which is to be provided to HHS for review within 60 days. Investigate all likely policy violations.

Ransomware

Ransomware Personal data Risk Privacy

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security.

Data Privacy

Data Privacy Compliance Privacy Security

Malware Training Sets: FollowUP

Security Affairs

MAY 14, 2019

So, I came up with this blog post and this GitHub repository where I proposed a new testing-set based on a modified version of Malware Instruction Set for Behavior-Based Analysis , also referred as MIST. Now, if you wish you are able to generate training sets by yourself and to test new algorithms directly into WEKA.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Honeypots Cybersecurity

Security Data Lakes Emerge to Address SIEM Limitations

eSecurity Planet

SEPTEMBER 22, 2022

Every security team craves clear visibility into the endpoints, networks, containers, applications, and other resources of the organization. To address that limitation, a new tool is emerging: Security data lakes (SDLs), which might provide a solution that enables unfiltered visibility for security teams. What is SIEM?

Security

Security Analytics Cloud Unstructured data

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

KnowBe4

OCTOBER 19, 2023

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.

Phishing

Phishing Manufacturing Education Ransomware

Ten steps to a GDPR gap analysis

IT Governance

MAY 8, 2019

Most GDPR (General Data Protection Regulation) compliance projects start with a gap analysis. A gap analysis is a popular method of assessing compliance against the requirements of the Regulation. What does a gap analysis involve? Can I use a free GDPR gap analysis tool? What gap analysis options are available?

GDPR

GDPR Compliance Personal data Risk

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. In April, Google observed Russia-linked FROZENBARENTS APT (aka SANDWORM) impersonates Ukrainian drone training school to deliver the Rhadamanthys infostealer.

Archiving

Archiving Security IT Data breaches

How can organisations close the cyber security skills gap?

IT Governance

SEPTEMBER 15, 2021

A UK government report published last year found that 48% of organisations lacked the expertise to complete routine cyber security practices. The report also found that 30% of organisations had skills gaps in more advanced areas, such as penetration testing, forensic analysis and security architecture.

Security

Security Insurance Education Government

HHS Announces First HIPAA Settlement Agreement Involving Ransomware Attack

Hunton Privacy

NOVEMBER 13, 2023

DMS is a HIPAA business associate (“BA”) that provides payer credentialing and medical billing services to HIPAA Covered Entities (“CEs”). As a result, the electronic protected health information (“ePHI”) of approximately 206,695 individuals was affected.

Ransomware

Ransomware Risk Insurance Encryption

Top 5 Application Security Tools & Software for 2023

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. These tools play a vital role in ensuring the security, integrity, and confidentiality of sensitive information, such as personal data and financial records.

Security

Security Cloud Compliance Risk

KnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The Pulse

KnowBe4

AUGUST 8, 2023

As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security awareness success.

Security awareness

Security awareness Phishing Security

Google: Analysis of Cyberattacks Targeting Ukraine Shed Light on What a Cyberwar Strategy Looks Like

KnowBe4

MARCH 10, 2023

A look back at the last year of attacks on Ukraine by Google’s Threat Analysis Group (TAG) provides insight into attacks on NATO countries to gain a cyberspace advantage.

Security awareness

Security awareness Phishing Security

Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

KnowBe4

APRIL 19, 2024

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it.

Security

Security IT Security awareness Phishing

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

KnowBe4

JANUARY 15, 2024

It’s no longer theoretical; phishing attacks and email scams are leveraging AI-generated content based on testing with anti-AI content solutions.

Phishing

Phishing Security awareness Security

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

The Last Watchdog

APRIL 17, 2023

Even the most well-protected companies can be susceptible to attacks if they are not careful about a proactive approach towards cyber security. Related: Why timely training is a must-have That’s why businesses of all sizes need to understand the biggest cybersecurity weaknesses and take steps to mitigate them. Spotty patching.

Risk

Risk Cybersecurity Data breaches Access

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Krebs on Security

JUNE 21, 2020

The collection, dubbed “ BlueLeaks ” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. A partial screenshot of the BlueLeaks data cache. Stewart Baker , an attorney at the Washington, D.C.

Archiving

Archiving Government Risk Security

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Cybersecurity can be difficult to implement, and to make matters worse, the security professionals needed to do it right are in short supply. Managed IT security service providers (MSSPs) make life easier for organizations by providing outsourced expertise and tools at a fraction of the cost, time, and trouble of doing it yourself.

Security

Security Cybersecurity Cloud Access

Application Security: Complete Definition, Types & Solutions

eSecurity Planet

FEBRUARY 13, 2023

Application security is the practice of securing software and data from hackers, whether that application comes from a third party or was developed in house, regardless of where it resides or how it’s accessed. How Does Application Security Work? What Are the Types of Application Security?

Security

Security Cloud Risk Computer and Electronics

IBM watsonx AI and data platform, security solutions and consulting services for generative AI to be showcased at AWS re:Invent

IBM Big Data Hub

NOVEMBER 27, 2023

This provides clients a full stack of capabilities to train, tune and deploy AI models with trusted data, speed and governance with increased flexibility to run their AI workflows wherever they reside. IBM also launched an Innovation Lab in collaboration with AWS at the IBM Client Experience Center in Bangalore.

Cloud

Cloud Security Government Analytics

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

The Security Ledger

FEBRUARY 21, 2024

Episode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation Movement In this episode of The Security Ledger Podcast (#256) Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML) , about that group’s latest report: an Architectural Risk Analysis of Large Language Models.

Artificial Intelligence

Artificial Intelligence Risk Military Security

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

eSecurity Planet

MARCH 15, 2024

From analyzing attack methods and suggesting defense tactics to doing vulnerability assessments, it provides users with the knowledge to improve their security posture. Aside from ethical hacking, HackerGPT seeks to assist professionals and improve security assessments. It has an intuitive UI similar to ChatGPT.

Cybersecurity

Cybersecurity Education Privacy Access

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

APRIL 12, 2024

Explore some real-world instances below and discover when and how to use DLP procedures for optimal data security. Industry-specific rules: Check relevant regulations on a regular basis to verify data security compliance , and use DLP to protect sensitive data and reduce regulatory risks.

Encryption

Encryption Risk Data breaches Access

How to Protect Your Machine Learning Models

Thales Cloud Protection & Licensing

FEBRUARY 14, 2024

This discipline – sitting at the intersection of computer science and data analysis – has become integral to mobile applications, voice assistants, fraudulent transaction detection, image recognition, autonomous driving, and even medical diagnostics. If this is a direct competitor’s application, it could result in significant lost revenue.

Encryption

Encryption Artificial Intelligence Risk Security

GUEST ESSAY: Making the case for leveraging automation to eradicate cybersecurity burnout

The Last Watchdog

MAY 2, 2023

Related: Training employees to mitigate phishing It pressures working analysts to perform 24 hours’ worth of work in an 8-hour day. Security Orchestration, Automation and Response: Cross-platform tech stacks that can do tasks like remediation and submitting security alerts.

Cybersecurity

Cybersecurity Risk Phishing Authentication

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

JUNE 13, 2022

Securing APIs. The SolarWinds attack made API supply chain security a front-page story in 2020. Given all of this newfound concern for API supply chain security, where are the tools for solving this problem? Every week, we see a new pitch for an API supply chain security startup. Improving identity management.

Cybersecurity

Cybersecurity Data science Artificial Intelligence Marketing

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

eSecurity Planet

MARCH 7, 2022

A SaaS security company says a spike in cyber attacks from Russia and China in recent weeks suggests the two countries may be coordinating their cyber efforts. Per analysis available from SaaS Alerts, attack trend lines that compare Russia and China show almost the exact same pattern.” SaaS Apps Under Attack.

Security

Security Risk Military Cybersecurity

How to protect your machinelearning Models

Thales Cloud Protection & Licensing

FEBRUARY 20, 2024

This discipline – sitting at the intersection of computer science and data analysis – has become integral to mobile applications, voice assistants, fraudulent transaction detection, image recognition, autonomous driving, and even medical diagnostics. If this is a direct competitor’s application, it could result in significant lost revenue.

Encryption

Encryption Artificial Intelligence Risk Security

How to protect your machinelearning Models

Thales Cloud Protection & Licensing

FEBRUARY 20, 2024

This discipline – sitting at the intersection of computer science and data analysis – has become integral to mobile applications, voice assistants, fraudulent transaction detection, image recognition, autonomous driving, and even medical diagnostics. If this is a direct competitor’s application, it could result in significant lost revenue.

Encryption

Encryption Artificial Intelligence Risk Security

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud

Cloud Security Encryption Risk

Security Affairs newsletter Round 361 by Pierluigi Paganini

Security Affairs

APRIL 17, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 361 by Pierluigi Paganini appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

Security

Security Ransomware Data breaches Cybersecurity

Privacy and security in the software designing

Security Affairs

APRIL 22, 2021

The importance of carrying out a careful risk and impact assessment in order to safeguard the security of the information and the data privacy. Therefore, it’s essential to carry out a careful risk and impact assessment in order to safeguard the security of the information and the data privacy.

Privacy

Privacy Security Data Privacy Risk

OCR 2020 Settlements Target HIPAA Security Rule Non-Compliance

Data Matters

AUGUST 27, 2020

These settlements underscore OCR’s continued focus on enforcement of the HIPAA Security Rule. million to OCR to settle potential violations of the HIPAA Privacy and Security Rules related to the theft of an unencrypted hospital employee laptop, which compromised the electronic protected health information (“ePHI”) of over 20,000 individuals.

Compliance

Compliance Security Risk Encryption

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Last Watchdog

NOVEMBER 30, 2021

Yet, in bringing us here, APIs have also spawned a vast new tier of security holes. Yet, API security risks haven’t gotten the attention they deserve. It has become clear that API security needs to be prioritized as companies strive to mitigate modern-day cyber exposures. Thus security-proofing APIs has become a huge challenge.

IT

IT Security Big data Digital transformation

Security Flaws in Children's Smart Watches

Schneier on Security

JANUARY 31, 2019

A year ago , the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. A recent analysis checked if anything had improved after that torrent of bad press. Guess what: a train wreck. Short answer: no.

Security

Security Passwords Access IT

How situational analysis helps your school become #BreachReady

IT Governance

AUGUST 17, 2018

In this blog, we’ll consider situational analysis, how to assess what’s happening in the school and how to support staff to protect the data in their care. Situational analysis – understand what’s happening now. Review cyber security. Training also teaches staff to identify common threats such as phishing emails.

GDPR

GDPR Encryption Data breaches Compliance

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security. His news analysis columns, podcasts, and videos are crafted to foster a useful understanding of complex privacy and cybersecurity developments for company decision-makers and individual citizens — for the greater good.

Cybersecurity

Cybersecurity Privacy Cloud IoT

Choosing a Managed Security Service: MDR, Firewalls & SIEM

eSecurity Planet

OCTOBER 28, 2021

Between the growing threats and a shortage of cybersecurity talent to defend against them, many businesses have turned to managed security service providers (MSSPs) for help, with services like managed SIEMs , managed firewalls and managed detection and response (MDR). For a small business, the challenge can seem overwhelming.

Security

Security Cybersecurity Ransomware Analytics

Implementing and Managing Your SIEM Securely: A Checklist

eSecurity Planet

DECEMBER 17, 2021

Some companies use cloud-based security information and event management (SIEM) , and others use SIEM that has been installed in a local data center. Following the checklist will help focus your team on the ways in which the security of your company’s SIEM implementation could be undermined. Integrations. Data Sources. Configurations.

Security

Security Access Artificial Intelligence Cloud

Researchers devised an attack technique to extract ChatGPT training data

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

Webinars

Trending Sources

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

Webinars

Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats

Learning Malware Analysis and Cybersecurity Writing Online

Building cyber security careers

HHS Targets Small Behavioral Health Clinic for HIPAA Violations Following Ransomware Investigation

Security Compliance & Data Privacy Regulations

Malware Training Sets: FollowUP

Security Data Lakes Emerge to Address SIEM Limitations

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Ten steps to a GDPR gap analysis

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

How can organisations close the cyber security skills gap?

HHS Announces First HIPAA Settlement Agreement Involving Ransomware Attack

Top 5 Application Security Tools & Software for 2023

KnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The Pulse

Google: Analysis of Cyberattacks Targeting Ukraine Shed Light on What a Cyberwar Strategy Looks Like

Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

What is a Managed Security Service Provider? MSSPs Explained

Application Security: Complete Definition, Types & Solutions

IBM watsonx AI and data platform, security solutions and consulting services for generative AI to be showcased at AWS re:Invent

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

12 Data Loss Prevention Best Practices (+ Real Success Stories)

How to Protect Your Machine Learning Models

GUEST ESSAY: Making the case for leveraging automation to eradicate cybersecurity burnout

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

Russia, China May Be Coordinating Cyber Attacks: SaaS App Security Firm

How to protect your machinelearning Models

How to protect your machinelearning Models

Top 12 Cloud Security Best Practices for 2021

Security Affairs newsletter Round 361 by Pierluigi Paganini

Privacy and security in the software designing

OCR 2020 Settlements Target HIPAA Security Rule Non-Compliance

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

Security Flaws in Children's Smart Watches

How situational analysis helps your school become #BreachReady

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Choosing a Managed Security Service: MDR, Firewalls & SIEM

Implementing and Managing Your SIEM Securely: A Checklist

Stay Connected