Data Breach Today
FEBRUARY 17, 2023
The Campaign Installed Malware on Internal Systems and Obtained Source Code Internet domain registrar GoDaddy says it is the victim of a yearslong hacking campaign that installed malware on internal systems and obtained source code. The hackers' "apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution," the company says.
Dark Reading
FEBRUARY 17, 2023
Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 17, 2023
Compromised Database With PHI on 2.1M People Had Not Been Used for a Decade The attorneys general of Pennsylvania and Ohio have slapped a DNA testing lab with HIPAA settlements totaling $400,000 in the wake of a 2021 hack of a legacy database that affected 2.1 million individuals nationwide, including nearly 46,000 consumers in the two states.
KnowBe4
FEBRUARY 17, 2023
The curse of knowledge is a cognitive bias that occurs when someone is trying to communicate information to another person, but falsely assumes that the other person has the same level of knowledge or understanding of the topic. This can lead to the communicator overestimating the other person's understanding of the subject, and thus not providing enough detail or explanation.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Data Breach Today
FEBRUARY 17, 2023
Malware Attacks Grew 18 times YOY; Overall Cyber Incident Numbers Grew Threefold Nearly a year after Russia's invasion began, Ukraine's top cybersecurity response center says the number of registered cyber incidents has increased threefold and malware attacks have been the predominant force in the increase. Overall, Ukraine identified 181 million "suspicious" events in 2022.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 17, 2023
Deal Would Strengthen Evidian's Hand in Cloud, Advanced Computing, Digital Security Airbus has made a formal offer to purchase a 29.9% stake in Atos' $4.8 billion Evidian cybersecurity, big data and digital business. Atos says it will initiate negotiations focused on both Airbus' offer and a long-term strategic and technological partnership between the two organizations.
WIRED Threat Level
FEBRUARY 17, 2023
Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers.
Dark Reading
FEBRUARY 17, 2023
The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack.
Security Affairs
FEBRUARY 17, 2023
Cybersecurity vendor Fortinet has addressed two critical vulnerabilities impacting its FortiNAC and FortiWeb products. Cybersecurity firm Fortinet has released security updates to address two critical vulnerabilities in FortiNAC and FortiWeb solutions. The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756 , are respectively an external control of file name or path in Fortinet FortiNAC and a collection of stack-based buffer overflow issues in the proxy daemon of FortiWeb.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Dark Reading
FEBRUARY 17, 2023
A growing group of OWASP members and board leaders are calling for the AppSec group to make big changes to stay apace with modern development.
eSecurity Planet
FEBRUARY 17, 2023
Threat hunting starts with a pretty paranoid premise: That your network may have already been breached and threat actors may be inside waiting for an opportunity to strike. Sadly, that turns out to be true in many cases. You can’t be paranoid enough when it comes to cybersecurity. And that’s why cyber threat hunting adds human and technical elements to cyber defenses to try to find signs that those cyber defenses may have already been breached.
KnowBe4
FEBRUARY 17, 2023
You should use phishing-resistant multi-factor authentication (MFA) when you can to protect valuable data and systems. But most biometrics and MFA are not as strong as touted and much of it can easily be hacked and bypassed. It doesn’t necessarily mean you shouldn’t use it, just pick strong, more trustworthy implementations and don’t ever think they can’t be hacked.
Security Affairs
FEBRUARY 17, 2023
Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger the issue to gain remote code execution on vulnerable devices or trigger a DoS condition.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Dark Reading
FEBRUARY 17, 2023
BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally.
Security Affairs
FEBRUARY 17, 2023
Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign. On Thursday, the websites of several German airports were unreachable, experts launched an investigation speculating a possible cyberattack on a large scale against the critical infrastructure. Ralph Beisel. chief executive of the ADV airport association, confirmed that the websites were hit by a DDoS attack.
Dark Reading
FEBRUARY 17, 2023
Weeks after an exploit was first announced in a popular cloud-based file transfer service, could some organizations still be vulnerable? The answer is yes.
The Guardian Data Protection
FEBRUARY 17, 2023
Guardian revelations about the scale and reach of deliberate misinformation prove the need to reset our internet In 1996, John Perry Barlow , former lyricist for the Grateful Dead and guru of Silicon Valley’s hippy-tech idealists, wrote a stirring utopian manifesto about the future of the internet. Addressing the leaders of the world order gathered at Davos, he declared : “Governments of the industrial world, you weary giants of flesh and steel, I come from cyberspace, the new home of mind … We
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Dark Reading
FEBRUARY 17, 2023
With a rearranging of priorities and good incident response plans, organizations can be ready to face the future of software attacks.
OpenText Information Management
FEBRUARY 17, 2023
Digital forensic imaging is defined as the processes and tools used in copying a physical storage device for conducting investigations and gathering evidence. This copy doesn’t just include files, which are visible to the operating system, but every bit of data, every sector, partition, files, folders, master boot records, deleted files and unallocated spaces.
Hunton Privacy
FEBRUARY 17, 2023
On February 10, 2023, an Illinois federal district court ordered the dismissal of a putative class action lawsuit alleging that an online tool that allowed users to virtually try on sunglasses violated the Illinois Biometric Privacy Act (“BIPA”). In Delma Warmack-Stillwell v. Christian Dior Inc. , the plaintiff sued French luxury brand Dior, and alleged that it violated (1) Section 15(b) of BIPA by failing to provide notice and to obtain consent when collecting her biometric information; (2) Sec
Dark Reading
FEBRUARY 17, 2023
The snow sports specialist is investigating to see what caused the operations-disrupting "cyber incident.
Advertisement
While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.
ForAllSecure
FEBRUARY 17, 2023
APIs share data and enable communication between everything connected to the internet. API testing ensures that these connections work as intended and that the information carried by APIs remains secure. What is API testing? API testing is a type of software testing that tests application programming interfaces (APIs). API testing helps developers identify bugs within the API and optimize its performance, functionality, reliability, and security.
Krebs on Security
FEBRUARY 17, 2023
Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes. On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023 , which — for the first time ever — includes provisions for the replacement of stol
eSecurity Planet
FEBRUARY 17, 2023
Managed detection and response (MDR) goes beyond other managed security services by essentially giving organizations their own expert security analyst team to help identify and respond to cyber threats. The emergence of MDR was in many ways inevitable. Security has become so time-consuming and complex that many organizations have realized, vital though the function is, that it lies well beyond their core competency and has become a distraction to their regular business model.
Schneier on Security
FEBRUARY 17, 2023
Researchers are making thermal batteries from “a synthetic material that’s derived from squid ring teeth protein.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
FEBRUARY 17, 2023
The long-time NSA and cyber specialist says he's exiting the public sector.
Schneier on Security
FEBRUARY 17, 2023
When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month. And because the letter was responding to an essay we wrote, we’re starting to get worried. And while the technology can be regulated, the real solution lies in recognizing that the problem is human actors—and those we can do something about.
Expert insights. Personalized for you.
258 
Let's personalize your content