Wed.May 31, 2023

article thumbnail

Dark Pink Ramps Up Cyberespionage Attacks, Hits New Targets

Data Breach Today

Threat Actor's Targets This Year Include Government Agencies in Brunei, Indonesia A recently emerged threat actor dubbed Dark Pink is updating its custom tool set in a bid to evade detection while expanding its operations to new Southeast Asian targets. Threat intel firm Group-IB counts 13 total victims of Dark Pink, which first became active in mid-2021.

article thumbnail

RSAC Fireside Chat: Reinforcing ‘Identity and Access Management’ to expose ‘shadow access’

The Last Watchdog

The world of Identity and Access Management ( IAM ) is rapidly evolving. Related: Stopping IAM threats IAM began 25 years ago as a method to systematically grant human users access to company IT assets. Today, a “user” most often is a snippet of code seeking access at the cloud edge. At the RSAC Conference 2023 , I sat down with Venkat Raghavan , founder and CEO of start-up Stack Identity.

Access 211
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers Exploited Zero-Day Bug for 8 Months, Barracuda Warns

Data Breach Today

Attackers Exploited Now-Fixed Flaw in ESG Appliances to Install Malware, Steal Data Barracuda Networks is warning that a zero-day vulnerability that it recently discovered and patched in its Email Security Gateway appliances appears to have been exploited since October 2022. Attackers used the flaw to gain persistent remote access to networks and exfiltrate data, it said.

Access 241
article thumbnail

AI’s “Oppenheimer Moment” Is B t.

John Battelle's Searchblog

Well that was something. Yesterday the Center for AI Safety, which didn’t exist last year, released a powerful 22-word statement that sent the world’s journalists into a predictable paroxysm of hand-wringing: “Mitigating the risk of extinction from A.I. should be a global priority alongside other societal-scale risks, such as pandemics and nuclear war.

Risk 121
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Ring Settles FTC Allegations of Poor Cybersecurity, Privacy

Data Breach Today

Amazon-Owned Ring Will Pay $5.8 Million to Settle FTC Investigation Amazon agreed to pay $5.8 million to settle a Federal Trade Commission investigation into allegedly poor cybersecurity practices by its Ring home surveillance device subsidiary. The company is also poised to come under two decades' worth of outside reviews of a mandated data and security program.

More Trending

article thumbnail

Ukrainian CERT Warns of New SmokeLoader Campaign

Data Breach Today

Hackers Using Compromised Mail to Deliver the Malware Ukrainian cyber defenders warn users for the second time this month to be aware of financially-motivated phishing campaigns that load the Smokeloader malware onto computers. Hackers behind UAC-0006 typically targets computers used by accountants and look for and credential data.

Phishing 157
article thumbnail

AI Voice-Based Scams Rise as One-Third of Victims Can’t Tell if the Voice is Real or Not

KnowBe4

As audio deepfake technology continues to go mainstream as part of the evolution in AI-based tools, new data shows there are plenty of victims and they aren’t prepared for such an attack.

article thumbnail

Cisco Buys Armorblox to Bring Generative AI to Its Portfolio

Data Breach Today

SentinelOne-Backed Armorblox Protects Email Through Natural Language Understanding Cisco plans to make its third tuck-in cybersecurity acquisition of 2023 to protect email, cloud office applications and enterprise communications through natural language understanding. Cisco will take advantage of Armorblox's predictive and generative AI to help customers bolster their security.

IT 144
article thumbnail

Can Cloud Services Encourage Better Login Security? Netflix's Accidental Model

Dark Reading

Netflix's unpopular password-sharing policy change had a positive cybersecurity silver lining. Can more B2C service providers nudge their users toward secure authentication?

B2C 94
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

AI Tech Execs Put AI On Par With Nukes for Extinction Risk

Data Breach Today

Sam Altman, Geoffrey Hinton Say Abating Risk of Extinction Must Be Global Priority Artificial intelligence poses a global risk of extinction tantamount to nuclear war and pandemics, say a who's who of artificial intelligence executives in an open letter that invokes danger without suggesting how to mitigate it. Among the signatories are Sam Altman and Geoffrey Hinton.

article thumbnail

Connected products at the edge

IBM Big Data Hub

There are many overlapping business usage scenarios involving both the disciplines of the Internet of Things (IoT) and edge computing. But there is one very practical and promising use case that has been commonly deployed without many people thinking about it: connected products. This use case involves devices and equipment embedded with sensors, software and connectivity that exchange data with other products, operators or environments in real-time.

article thumbnail

Cisco's New XDR Tool Emphasizes Robust Telemetry Correlation

Data Breach Today

Jeetu Patel Says Native Visibility Into Network, Endpoint, Email Benefit Cisco XDR Cisco Security Executive Vice President and General Manager Jeetu Patel said the industry struggles to address multifaceted attacks that originate in email and include bad links, malware downloads to a device and more. Cyber defenders need correlated data from multiple sources of telemetry, he said.

Security 130
article thumbnail

Swiss real estate agency Neho fails to put a password on its systems

Security Affairs

A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public. Neho, a Switzerland-based real estate agency, leaked credentials recently, potentially allowing threat actors to prey on sensitive data about the company and its clients. A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Cyberattack Diverts Patients From Rural Idaho Hospital

Data Breach Today

Ambulances Being Diverted to Other Facilities; Clinic Care Limited A community hospital and its clinics in rural Idaho are diverting ambulances and some patients to other facilities as the entities recover from a cyberattack discovered on Monday. The incident spotlights ongoing healthcare sector cyber challenges, especially in rural communities.

IT 130
article thumbnail

Experts warn of backdoor-like behavior within Gigabyte systems

Security Affairs

Researchers discovered a suspected backdoor-like behavior within Gigabyte systems that exposes devices to compromise. Researchers from firmware security firm Eclypsium have discovered a suspected backdoor-like behavior within Gigabyte systems. The experts discovered that the firmware in Gigabyte systems drops and executes a Windows native executable during the system startup process.

article thumbnail

Integrating Generative AI Into the Threat Detection Process

Data Breach Today

In this episode of "Cybersecurity Insights," Chen Burshan and Amir Shachar of Skyhawk Security discuss how they integrated generative AI into their threat detection process and significantly increased the speed and lowered the costs of detecting breaches based by focusing on anomalous activity.

article thumbnail

Join us at PrestoCon Day, a free virtual community event

IBM Big Data Hub

The Presto Foundation is excited to share its upcoming virtual community conference PrestoCon Day , taking place on 7 June 2023. Register for the free, virtual event What is Presto? Presto is an open-source, fast and reliable SQL query engine that provides one simple ANSI SQL interface for all your data analytics and your open lakehouse. Some of the biggest companies in the world are contributing to the Presto open-source project, including Meta, Uber and Intel.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Apple Patched System Integrity Protection Bypass Flaw

Data Breach Today

Microsoft Researchers Say Flaw Allowed Hackers to Load Undetectable Malware A now-patched macOS vulnerability allowed attackers with root access to bypass a kernel-level security feature that prevents malicious software from modifying protected files. An attacker could use the exploit to load malware that was shielded by Apple's System Integrity Protection.

Access 130
article thumbnail

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor

WIRED Threat Level

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

Security 102
article thumbnail

Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022

Security Affairs

Recently disclosed zero-day flaw in Barracusa Email Security Gateway (ESG) appliances had been actively exploited by attackers since October 2022. The network security solutions provider Barracuda recently warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability.

article thumbnail

Investment May Be Down, but Cybersecurity Remains a Hot Sector

Dark Reading

There's still a great deal of capital available for innovative companies helping businesses secure their IT environments.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Microsoft found a new bug that allows bypassing SIP root restrictions in macOS

Security Affairs

Apple fixed a vulnerability discovered by Microsoft researchers that lets attackers with root privileges bypass System Integrity Protection (SIP). Researchers from Microsoft discovered a vulnerability, tracked as CVE-2023-32369 and dubbed Migraine, that can allow attackers with root privileges to bypass System Integrity Protection (SIP). System Integrity Protection (also referred to as rootless) is a macOS security feature introduced in OS X El Capitan (2015) (OS X 10.11).

article thumbnail

Salesforce 'Ghost Sites' Expose Sensitive Corporate Data

Dark Reading

Some companies have moved on from using Salesforce. But without remembering to fully deactivate their clouds, Salesforce won't move on from them.

Cloud 96
article thumbnail

The University of Virginia Records and Information Management Office wins NAGARA Program Excellence Award

IG Guru

The NAGARA Program Excellence Award recognizes collaborative and innovative government archives and records management programs or initiatives. Recipients of this award demonstrate a commitment to creativity and partnering with people and groups outside of their own office.

article thumbnail

Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS

Dark Reading

Researchers have observed several cyberattacks leveraging a botnet called IZ1H9, which exploits vulnerabilities in exposed devices and servers running on Linux.

84
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Chinese Hacking of US Critical Infrastructure

Schneier on Security

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon , accesses target networks and evades detection.

Access 82
article thumbnail

Ways to Help Cybersecurity's Essential Workers Avoid Burnout

Dark Reading

To support and retain the people who protect assets against bad actors, organizations should create a more defensible environment.

article thumbnail

Spear Phishing Trends in 2023

KnowBe4

50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, organizations receive five “highly personalized spear phishing emails per day.