The Last Watchdog

APRIL 21, 2023

Adopting personas and rubbing elbows with criminal hackers and fraudsters is a tried-and-true way to glean intel in the Dark Web. Related: In pursuit of a security culture It’s not at all unusual to find law enforcement agents and private sector threat intelligence analysts concocting aliases that permit them to lurk in unindexed forums, vetted message boards and encrypted code repositories.

Risk 209

Risk Encryption Cybersecurity Access 209

Data Breach Today

APRIL 21, 2023

Eset Says Discovery Solidifies North Korea's Ties to 3CX Attack A North Korean backdoor targeting Linux desktop users shares infrastructure with the hacking group behind the 3CX software supply chain hack. Cybersecurity firm Eset analyzed the backdoor and connected it with a Pyongyang fake job recruiting campaign generally known as Operation Dream Job.

Cybersecurity 176

Cybersecurity IT 176

The Last Watchdog

APRIL 21, 2023

Managed Security Service Providers, MSSPs, have been around for some time now as a resource to help companies operate more securely. Related: CMMC mandates best security practices Demand for richer MSSP services was already growing at a rapid pace, as digital transformation gained traction – and then spiked in the aftermath of Covid 19. By one estimate, companies are on track to spend $77 billion on MSSP services by 2030, up from $22 billion in 2020.

Digital transformation 177

Digital transformation Cybersecurity Marketing Security 177

Data Breach Today

APRIL 21, 2023

CSIS Adviser Suzanne Spaulding on RSA Conference Keynote, National Cyber Strategy She's been assistant general counsel at the CIA and undersecretary at the Department of Homeland Security. She is on the Cyberspace Solarium Commission. Now an adviser to the Center for Strategic and International Studies, Suzanne Spaulding will keynote at RSA Conference 2023.

Ransomware 157

Ransomware Security 157

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Jamf

APRIL 21, 2023

Learn about the macOS malware variant discovered by Jamf Threat Labs named 'RustBucket' What it does, how it works to compromise macOS devices, where it comes from and what administrators can do to protect their Apple fleet.

IT 145

IT 145

AIIM

APRIL 21, 2023

AIIM is proud to release its State of the Intelligent Information Management Industry report for 2023. Filled with insights and trends that organizations should take note of, the report results from a survey conducted among AIIM members. It provides a comprehensive overview of the current state of information management across different industries. Intelligent Information Management (IIM) is the practice of managing information in a way that optimizes its value to the organization.

Digital transformation 104

Digital transformation Artificial Intelligence Customer Experience Records Management 104

Data Breach Today

APRIL 21, 2023

A top HIPAA-enforcement priority for regulators is cracking down on entities that disclose patient information to third parties without permission through the use of website tracking codes, says Melanie Fontes Rainer, director of the Department of Health and Human Services' Office for Civil Rights.

144

144

John Battelle's Searchblog

APRIL 21, 2023

I’ll see if, in a few minutes, I can get at least the outlines of a rant out. I’ve got to get to an appointment in half an hour, but I just saw today’s Dealbook newsletter , which focuses on the demise of BuzzFeed News. “Why BuzzFeed News folded” it promises, then goes on to willfully fail to answer the question – in much the same fashion every other story has noted the latest catastrophe in what used to be called “the news business” these days.

ROT 124

ROT Marketing IT 124

Data Breach Today

APRIL 21, 2023

Energy and Financial Sector Firms Breached by North Korean Supply Chain Attack The North Korean software supply chain attack on a Chicago financial trading software developer infected additional victims besides 3CX, including organizations in the energy sector, says Symantec Threat Hunter Team. One organization is located in the United States, the other in Europe.

144

144

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

KnowBe4

APRIL 21, 2023

Social media is designed of course to connect, but legitimate modes of doing so can be abused. One such case of abuse that’s currently running involves Linktree, a kind of meta-medium for social media users with many accounts. If you’re unfamiliar with Linktree, which, we stress, is a legitimate service, here’s how the company describes what it will let you do.

Phishing 108

Phishing IT 108

Data Breach Today

APRIL 21, 2023

80% Growth & Turning a Profit in 2022 Set Up Yubico Well While SPACs Have Struggled Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.

Authentication 144

Authentication Marketing 144

eSecurity Planet

APRIL 21, 2023

In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post , security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware kernel drivers, as they can’t identify malware (this comes up over and over again).” Beaum

Cloud 107

Cloud Cybersecurity Security Access 107

Data Breach Today

APRIL 21, 2023

Also; 2023 DeFi Illicit Finance Risk Assessment; FinCEN's FATF Travel Rule In the latest weekly update, finance security expert Ari Redbord joins ISMG editors to discuss takeaways from the U.S. Treasury's 2023 DeFi Illicit Finance Risk Assessment, the state of blockchain analytics and where it is headed, and traction for FinCEN's Financial Action Task Force Travel Rule.

Blockchain 144

Blockchain Analytics Risk Security 144

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

APRIL 21, 2023

Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.

IT 112

IT 112

Jamf

APRIL 21, 2023

Running a company is difficult enough when dealing with known issues that can affect business outcomes. But facing unanticipated risks, such as those surrounding cybersecurity threats, poses significant challenges to the integrity, security and safety of endpoints, data and stakeholders. Discover the top challenges affecting organizations as it pertains to understanding, assessing and mitigating unanticipated business risks.

Risk 98

Risk Security Cybersecurity IT 98

Dark Reading

APRIL 21, 2023

While Intel is building more hardware protections directly into the chips, enterprises still need a strategy for applying security updates on these components.

Security 105

Security 105

OpenText Information Management

APRIL 21, 2023

Modern investigations are intensely demanding in every sense of the word. Whether driven by whistleblower allegations, regulatory compliance, or HR issues, the potential fallout for your organization makes taking swift and thorough action to minimize risk, costs and potential litigation paramount. Recently, we partnered with Legal Business[2] in a survey to find out just how … The post Are DACH Organizations Prepared for Internal and Regulatory Investigations?

Compliance 98

Compliance Risk 98

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

APRIL 21, 2023

Cisco released security updates to address critical security flaws in its Industrial Network Director and Modeling Labs solutions. Cisco released security updates to address critical security vulnerabilities in the Industrial Network Director and Modeling Labs solutions. An attacker can exploit these vulnerabilities to inject arbitrary operating system commands or access sensitive data.

Authentication 98

Authentication Access Education Security 98

Dark Reading

APRIL 21, 2023

Software written or acquired outside of IT's purview is software that IT can't evaluate for security or compliance.

IT 123

IT Security Compliance 123

Security Affairs

APRIL 21, 2023

The American Bar Association (ABA) disclosed a data breach, threat actors gained access to older credentials for 1,466,000 members. The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018.

Data breaches 97

Data breaches Passwords Cybersecurity Education 97

Dark Reading

APRIL 21, 2023

An uptick in EvilExtractor activity aims to compromise endpoints to steal browser from targets across Europe and the US, researchers say.

104

104

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

IBM Big Data Hub

APRIL 21, 2023

In Texas, 2022 was one of the driest years on record. With failed crops, low yields for farmers and diminished grazing for cattle, the Texas Department of Agriculture identified climate change as a potential threat to the state’s food supply. Smallholder farmers, particularly those in arid and drought-prone regions, struggle to manage their farms because they lack access to guidance on how much water to use for specific crops to ensure a good yield. “We’re in hills, so some are

Agriculture 91

Agriculture Artificial Intelligence Education Access 91

Dark Reading

APRIL 21, 2023

Attackers have their methods timed to the second, and they know they have to get in, do their damage, and get out quickly. CISOs today must detect and block in even less time.

88

88

KnowBe4

APRIL 21, 2023

A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into paying huge fees.

82

82

Dark Reading

APRIL 21, 2023

The medical imaging firm's systems were compromised by a threat actor, exposing patients' driver's licenses and other identifying information.

100

100

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

IBM Big Data Hub

APRIL 21, 2023

Historically, the Chief Financial Officer (CFO) role had been strictly focused on accounting for financial information. These days, there’s a need — and even some pressure — for CFOs to evolve their scope and influence the innovation agenda within their enterprises. For starters, they can help prioritize and invest in it. It’s the season for the strategic and innovative CFO.

Artificial Intelligence 81

Artificial Intelligence Marketing Risk IT 81

Schneier on Security

APRIL 21, 2023

My latest book, A Hacker’s Mind , has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly break the rules. Here’s an example from pickleball, which nicely explains the dilemma between hacking as a subversion and hacking as innovation: Some might consider these actions cheating, while the acting player would argue that there was no rule that said the action couldn’t be performed.

Paper 77

Paper IT 77

Jamf

APRIL 21, 2023

Read this blog to find out how the Jamf and BetterCloud integration streamlines IT workflows.

IT 98

IT 98