Data Breach Today
DECEMBER 20, 2022
Breach Is Latest in Long List of Complex Vendor Incidents An Oklahoma-based provider of administrative and technology services to healthcare organizations is notifying more than 271,000 individuals that their personal information may have been compromised in a hacking incident involving a third-party data storage vendor.
Krebs on Security
DECEMBER 20, 2022
Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 20, 2022
'Gamaredon,' Tied to FSB, Expands Intelligence Ops as Invasion of Ukraine Persists Security researchers at Palo Alto Networks say they identified an attempted hack on a large petroleum refining company based inside a NATO member that came from a threat actor known as Gamaredon and Trident Ursa. The Ukrainian government traces the group to a Russian FSB.
The Last Watchdog
DECEMBER 20, 2022
The 2020s are already tumultuous. Related: The Holy Grail of ‘digital resiliency’ Individuals are experiencing everything from extraordinary political and social upheaval to war on the European continent to the reemergence of infectious diseases to extreme weather events. Against this unsettling backdrop, citizens, consumers, employees, and partners will look to organizations that they trust for stability and positive long-term relationships.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 20, 2022
Suresh Vasudevan on Why Falco Has Become the Industry Standard for Threat Detection Cloud vendors from Amazon, Microsoft and Google to IBM and Sumo Logic have turned to Sysdig's Falco open-source threat detection engine to secure their environments. Sysdig CEO Suresh Vasudevan says Falco has become the standard for threat detection in the industry.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 20, 2022
European Commission Took Key Step in Finalizing Trans-Atlantic Data Flow Framework Europe took a key step in formalizing a framework to underpin the trans-Atlantic flow of commercial data but privacy activists say the EU-U.S. agreement won't stand up to a legal challenge. The Commission on Dec. 13 issued a draft adequacy decision on the EU-U.S. Data Privacy Framework.
Hunton Privacy
DECEMBER 20, 2022
On December 19, 2022, the Federal Trade Commission announced two settlements, amounting to $520 million, with Epic Games, Inc. in connection with alleged violations of the Children’s Online Privacy Protection Act Rule (the “COPPA Rule”) and alleged use of “dark patterns” relating to in-game purchases. The first action arises from a complaint and proposed order filed in federal court by the Department of Justice on behalf of FTC.
Data Breach Today
DECEMBER 20, 2022
Security Director Ian Keller Rants About Bad Coding Practices and So Much More In his latest rant, Ian Keller, the Troublemaker CISO, decries lazy and bad coding practices, mistakes CISOs may make and unwarranted CISO-blaming by the media, unanswered requests for more funding and staff - and the epic failures all these can produce when a breach happens, as it inevitably will.
Dark Reading
DECEMBER 20, 2022
When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of DDoS detection and mitigation.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 20, 2022
Influencing a Brand’s Consumer-facing Perception When it's Outside the Company’s Control For many brands, especially large enterprises with a substantial online presence, it is important to be able to have eyes all over the internet in order to properly mitigate the effects of external elements on their brand’s reputation.
Collibra
DECEMBER 20, 2022
In the public sector, the consequences of bad data can have a profound effect on the daily life of citizens everywhere. . From budgets to policy proposals, the risk that the government not only makes bad decisions but that it doesn’t have the data capabilities to make good ones is real. So it’s not surprising that 87% of government agencies consider data among their “greatest strategic assets.
Data Breach Today
DECEMBER 20, 2022
Founder Andre Durand on How Thoma Bravo Will Accelerate Ping's Transition to SaaS Getting acquired by Thoma Bravo for $2.8 billion will help Ping Identity accelerate its transition from on-premises to SaaS-based delivery of identity protection, CEO Andre Durand says. SaaS now accounts for 30% of Ping's business and is growing nearly 70% annually, he says.
Security Affairs
DECEMBER 20, 2022
Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack. On December 17, 2022, the Center for Innovations and Development of Defense Technologies of the Ministry of Defense of Ukraine informed the Government Computer Emergency Response Team of Ukraine (CERT-UA) of being targeted by a malware-based attack.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
DECEMBER 20, 2022
Pondurance's Lyndon Brown on Getting the Most Out of Managed Detection and Response With so many cybersecurity technologies and services available, how do organizations get started with evaluating the managed detection and response option that is right for them? Lyndon Brown of Pondurance weighs in on how to select the MDR provider that fits your needs best.
Security Affairs
DECEMBER 20, 2022
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper. Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles ( CVE-2022-42821 , CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature.
Data Breach Today
DECEMBER 20, 2022
Nelson Melo on the 4 Elements of Getting Customer Authentication Right
KnowBe4
DECEMBER 20, 2022
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) have released a joint advisory warning that scammers are launching business email compromise (BEC) attacks to divert and steal deliveries of food and ingredients worth hundreds of thousands of dollars.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
DECEMBER 20, 2022
Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks.
Security Affairs
DECEMBER 20, 2022
Russia-linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of Ukraine. The Russia-linked Gamaredon APT group (aka Shuckworm , Actinium , Armageddon , Primitive Bear , UAC-0010 , and Trident Ursa ) is behind a failed attack against a large petroleum refining company in a NATO member state earlier amid the invasion of Ukraine.
WIRED Threat Level
DECEMBER 20, 2022
Elon Musk claims plane-tracking data is a risky privacy violation. But the world loses a lot if this information disappears—and that's already happening.
Dark Reading
DECEMBER 20, 2022
The technique loads a nonmonitored and unhooked DLL, and leverages debug techniques that could allow for running arbitrary code.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Schneier on Security
DECEMBER 20, 2022
Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers.
Dark Reading
DECEMBER 20, 2022
Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers’ advantages.
Micro Focus
DECEMBER 20, 2022
Mark your calendars–Saturday, January 14th, 2023–Mexico City will host the first race of Season 9 of the ABB FIA Formula E Championship. The post Tis the Season for Formula E Racing appeared first on Micro Focus Blog.
Dark Reading
DECEMBER 20, 2022
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
The Security Ledger
DECEMBER 20, 2022
As 5G gains traction, service providers need to be able to trust their networks’ security to truly take advantage of 5G’s capabilities. Digital certificates are critical to that, writes Alexa Tahan of Nokia. The post Why digital certificates are critical to 5G security appeared first on The Security Ledger with Paul F. Roberts. Related Stories The Future of IoT Security Standards What CISOs Can Do to Win the Ransomware Game Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hypp
Dark Reading
DECEMBER 20, 2022
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.
Hanzo Learning Center
DECEMBER 20, 2022
It’s been another interesting year in the world of legal technology, and we here at Hanzo have covered a variety of topics in 2022. Last week , we covered the first 10 of our top 20 ediscovery and compliance blogs. Today we round out the list with another ten. Thanks for reading!
Expert insights. Personalized for you.
328 
Let's personalize your content