Krebs on Security
MAY 4, 2023
The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov ‘s card-checking service made him at least $18 million, which he used to buy a Ferrari, Land Rover, and other luxury items.
Data Breach Today
MAY 4, 2023
Also: T-Mobile, an Italian Water System, a German IT Provider, a macOS Info Stealer In the days between April 27 and May 4, the spotlight was on: a Royal ransomware attack on Dallas, Telecom giant T-Mobile's second breach in 2023, a ransomware attack disrupting water services in half a dozen southern Italian towns, a German IT services provider and the Atomic macOS Stealer.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
National Archives Records Express
MAY 4, 2023
Today, we published new federal regulations with standards for digitizing permanent federal records. The regulations are in 36 CFR 1236, Subpart E. These regulations will go into effect on June 5, 2023. The regulations establish standards for digitizing permanent paper records and photographic prints. They do not contain standards for digitizing film records at this time.
Data Breach Today
MAY 4, 2023
Ruling Leaves Door Open for a Revised Lawsuit An Idaho federal court dismissed the U.S. Federal Trade Commission's lawsuit against data analytics vendor Kochava in bid by the agency to permanently stop the company from selling geolocation data collected from mobile devices. The agency can file an amended complaint within 30 days.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Dark Reading
MAY 4, 2023
Google's new program aims to offer accessible training to fill 750K open cybersecurity jobs with diverse array of talent.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
IT Governance
MAY 4, 2023
This week, we discuss ChatGPT’s restoration in Italy despite wider security concerns, an apology from the LockBit ransomware group and another breach for T-Mobile, and Alan Calder discusses what boards need to do to build their organisations’ cyber defences. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 5.5.23: ChatGPT, LockBit, T-Mobile and Alan Calder on cyber security for boards appeared first on IT Governance UK Blog.
Data Breach Today
MAY 4, 2023
Also: Cost of Hacked Crypto Accounts, Level Finance Hack In the days between April 28 and May 4, the FBI and Ukrainian police seized nine virtual currency exchanges that serviced cybercriminals, Privacy Affairs noted the cost of hacked crypto accounts on darknet markets, and Level Finance suffered a $1 million hack.
Security Affairs
MAY 4, 2023
The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems. The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. To prevent the threat from spreading within the network, the City has shut down the impacted IT systems. The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department.
Data Breach Today
MAY 4, 2023
Prosecutors Asked for 15 Month Sentence; Sullivan Instead Gets 3 Years of Probation Joe Sullivan, the former chief security officer of Uber, will not spend time in prison for his role in impeding a federal investigation into the ride-hailing company's security practices. His sentence is three years of probation and a $50,000 fine.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
MAY 4, 2023
VulnCheck researchers devised a new exploit for a recently disclosed critical flaw in PaperCut servers that bypasses all current detections. Cybersecurity researchers from VulnCheck have developed a new exploit for the recently disclosed critical flaw in PaperCut servers, tracked as CVE-2023-27350 (CVSS score: 9.8), that bypasses all current detections.
Data Breach Today
MAY 4, 2023
Radiant Logic's Wade Ellery explores how identity data is at the heart of GRC. View this webinar for more on streamlined identity integration for all IAM and IGA initiatives.
Security Affairs
MAY 4, 2023
CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns. The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main C
KnowBe4
MAY 4, 2023
The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated willingness to trust communications they receive and to follow the instructions and links such malicious communications carry.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
MAY 4, 2023
Cisco is warning customers of a critical remote code execution vulnerability affecting its EoL SPA112 2-Port Phone Adapters. Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. The company product has reached end-of-life (EoL). The vulnerability resides in the web-based management interface of the Cisco SPA112 2-Port Phone Adapters, an unauthenticated, remote attacker can exploit the flaw
Dark Reading
MAY 4, 2023
Being able to trace an incident backward from breach to data source is vital in restoring and improving cybersecurity.
KnowBe4
MAY 4, 2023
The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more dangerous.
Dark Reading
MAY 4, 2023
Courts closed, but police, fire rescues unaffected following ransomware attack.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
MAY 4, 2023
New data highlights just how frequently cyber attacks are attempted and organizations are impacted - and the numbers are far more surprising than you’d think.
Dark Reading
MAY 4, 2023
Three vulnerabilities in the platform's API Management Service could allow access sensitive data, mount further attacks, and even hijack developer portals.
eSecurity Planet
MAY 4, 2023
In a major move forward for passwordless authentication, Google is introducing passkeys across Google Accounts on all major platforms. In a brief blog post entitled “The beginning of the end of the password,” Google group product manager Christiaan Brand and senior product manager Sriram Karra called passkeys “the easiest and most secure way to sign into apps and websites and a major step toward a ‘passwordless future.'” Google’s move will make passkeys an add
Dark Reading
MAY 4, 2023
Sharing information is critical to help organizations protect data and systems. To be even more effective, collaboration should be inclusive — vendors, researchers, and private companies large and small.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
MAY 4, 2023
It's World Password Day! This holiday is to ensure everyone always practices good password hygiene. This year, we wanted to share the best password resources with you to share with your users.
Dark Reading
MAY 4, 2023
Scammers are leveraging the popularity of ChatGPT in phishing attacks. Here's a look at research on these newly registered domains and tactics.
Data Matters
MAY 4, 2023
On April 13, 2023, the United States Department of Commerce National Telecommunication and Information Administration (“NTIA”) published a request for comment (“RFC”) seeking public input on Artificial Intelligence (“AI”) accountability. The RFC seeks to understand which measures—both self-regulatory and regulatory—have the capacity to ensure that AI systems are “legal, effective, ethical, safe, and otherwise trustworthy.
IG Guru
MAY 4, 2023
“We want to make sure that 2.0 makes it even easier for users to leverage and reference different work documents that NIST has in order to manage their risk.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
KnowBe4
MAY 4, 2023
It's May the 4th , a holiday that celebrates our love for a galaxy far, far, away - Star Wars! I can't help but share some cybersecurity learning lessons from one of my favorite Sci-Fi movie series.
John Battelle's Searchblog
MAY 4, 2023
Microsoft today announced a cluster of upgrades to its Bing-ChatGPT product, including: Eliminating the Bing chat waitlist, which effectively throttled the product’s growth by adding steps to a consumer’s journey. Integrating more visual search results, which will enliven the consumer experience and potentially engage visitors for longer.
Dark Reading
MAY 4, 2023
Cybersecurity is a hotbed of startup activity, and with good reason. Startups typically look for an IPO or acquisition, but right now IPOs are off the table.
Expert insights. Personalized for you.
222 
Let's personalize your content