Data Breach Today
APRIL 28, 2023
AllegisCyber Capital's Bob Ackerman on the Need to Understand Offensive Playbooks Offense is what paces innovation in cybersecurity since threat actors constantly look for new ways to compromise systems, said AllegisCyber Capital's Bob Ackerman. Many offensive cyber capabilities developed by the national intelligence community make their way into the wild and become exploitable.
The Last Watchdog
APRIL 28, 2023
“Stronger together” was the theme of RSA Conference 2023 , which returned to its pre-Covid grandeur under the California sunshine last week at San Francisco’s Moscone Center. Related: Demystifying ‘DSPM’ Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 28, 2023
Highly Structured Group Using Traces of Babuk Ransomware's Leaked Source Code RTM Locker ransomware-as-a-service operators have now turned their attention to Linux, network-attached storage devices and ESXi hosts. The highly structured group appears to be using a new ransomware strain that shows traces of Babuk ransomware's leaked source code.
WIRED Threat Level
APRIL 28, 2023
In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 28, 2023
Sullivan Says Prison Sentence for Him Would Deter Others From Taking CISO Positions Prosecutors are urging a U.S. federal judge to sentence former Uber CISO Joe Sullivan to 15 months in prison for his role in impeding an investigation into the ride-hailing company's security practices. Sullivan exploited "his position to cover up a deeply embarrassing event," prosecutors wrote.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 28, 2023
Storm Clouds Are Brewing Over 'Secure by Design,' AI, Privacy and Regulations As the Information Security Media Group editors wrapped up their coverage of RSA Conference 2023, everyone agreed that it was good to have the cybersecurity community back together in one place, working to solve the serious issues it faces, including AI, adversaries and "regulatory tension.
Dark Reading
APRIL 28, 2023
Software bugs are ubiquitous, and we're familiar with hardware threats. But what about the gap in the middle? Two researchers at Black Hat Asia will attempt to focus our attention there.
Data Breach Today
APRIL 28, 2023
The Info Stealer Is Distributed Through Cracked App Sites A federal judge sided with Google in a bid to block online infrastructure behind an info stealer masquerading as legitimate versions of the Chrome browser and Google Earth Pro. Google estimates the CryptBot malware infected 670,000 computers last year.
Collibra
APRIL 28, 2023
Over a year ago the marketing team came to me and asked if I wanted to be the host of Collibra’s first ever podcast. I was interested, but hesitant at first. I had never done something like this before and had no idea what to expect. But now, just two weeks out from launching season two , I couldn’t be more excited about what the future holds for The Data Download.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
APRIL 28, 2023
More Than 235,000 Affected; Proposed Class Action Alleges Negligence, Other Claims One Brooklyn Health is facing a proposed class action lawsuit in the wake of a data breach affecting more than 235,000 individuals, which the organization reported to regulators following a cyberattack late last year that disrupted its IT systems and patient services for several weeks.
Security Affairs
APRIL 28, 2023
A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versio
Data Breach Today
APRIL 28, 2023
Battle Lines Being Drawn on National Cyber Strategy, Software Liability Policy buzz around RSA Conference 2023 is centering on the new National Cybersecurity Strategy that seeks to hold software makers liable for security flaws. While federal officials say the industry will embrace the new rules, some are talking about the lobbying and legal challenges ahead.
Security Affairs
APRIL 28, 2023
The Ukrainian cyber police arrested a Ukraine man for selling the data of over 300 million people from different countries. The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries. The man had information on passport data, taxpayer numbers, birth certificates, driver’s licenses, and bank account data.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
eSecurity Planet
APRIL 28, 2023
Automated patch management can help prevent security breaches by automatically identifying, downloading, testing, and delivering software and firmware updates to devices and applications through the use of specialized software tools. Automated patching can save IT and security staff time by deploying the latest security and performance enhancements, fixing bugs, and conducting other upgrades to ensure that software is in its most current state.
Security Affairs
APRIL 28, 2023
Google obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot information stealer. Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information stealer Cryptbot. The IT giant obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year.
Schneier on Security
APRIL 28, 2023
My latest book, A Hacker’s Mind , is filled with stories about the rich and powerful hacking systems, but it was hard to find stories of the hacking by the less powerful. Here’s one I just found. An article on how layoffs at big companies work inadvertently suggests an employee hack to avoid being fired: …software performs a statistical analysis during terminations to see if certain groups are adversely affected, said such reviews can uncover other problems.
Security Affairs
APRIL 28, 2023
Cisco is working on a patch for a bug in the Prime Collaboration Deployment solution that was reported by a member of NATO’s Cyber Security Centre (NCSC). Cisco informed its customers that it’s working on a patch for cross-site scripting (XSS) issue, tracked as CVE-2023-20060 (CVSS score 6.1), affecting its Prime Collaboration Deployment product. The vulnerability was discovered by Pierre Vivegnis, a security researcher at NATO’s Cyber Security Centre (NCSC).
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
IG Guru
APRIL 28, 2023
Iron Mountain was hit with a contract lawsuit on April 24 in New Jersey Superior Court for Morris County. The lawsuit, brought by Macri & Associates, contends that Iron Mountain’s charge of over $9,000 for the annual storage of the plaintiff’s 1,548 closed legal files is incomprehensible. According to the suit, Iron Mountain took possession of New Jersey Records Storage in 2019 and accepted a $3,407.55 annual storage payment from Macri in 2020, then began to unilaterally increase its annual
Security Affairs
APRIL 28, 2023
OpenAI announced that access to its chatbot service ChatGPT is allowed again in Italy after the company met the demands of regulators. OpenAI restored access to ChatGPT in Italy after the company met the demands of the Italian Data Protection Authority, Garante Privacy. In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors.
Dark Reading
APRIL 28, 2023
The lack of understanding around open source poses a threat when legislation is considered. Governments can help by offering funding to help remediate vulnerabilities and supporting in open source's long-term development.
KnowBe4
APRIL 28, 2023
Wired just published an interesting story about political bias that can show up in LLM's due to their training. It is becoming clear that training an LLM to exhibit a certain bias is relatively easy. This is a reason for concern, because this can "reinforce entire ideologies, worldviews, truths and untruths” which is what OpenAI has been warning about.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
APRIL 28, 2023
The dropper is being used in a Charming Kitten APT campaign that has hit organizations in multiple countries.
Hunton Privacy
APRIL 28, 2023
On April 21, 2023, the Montana and Tennessee legislatures voted to enact comprehensive consumer privacy bills in their respective states. If signed by their governors, Montana’s Consumer Data Privacy Act ( S.B. 384 ) (“MCDPA”) and Tennessee’s Information Protection Act ( H.B. 1181 ) (“TIPA”) could make these states the eighth and ninth U.S. states to enact comprehensive privacy legislation.
Dark Reading
APRIL 28, 2023
Last year, Google banned 173,000 developer accounts and prevented 1.5 million apps from reaching the Play Store as it fought policy violations and malware.
KnowBe4
APRIL 28, 2023
Check out the 19 new pieces of training content added in April, alongside the always fresh content update highlights, events and new features.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
APRIL 28, 2023
Arabella Hallawell, CMO with Mend, joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss securing assets and attack surface management.
OpenText Information Management
APRIL 28, 2023
ISO 20022 demands a significant amount of attention from those involved in the payments industry. Originally developed by ISO and SWIFT, ISO 20022 is becoming the de facto standard for a wide range of financial transactions, including payments, securities, trade finance, and more. It supports a wide range of use cases, including payments, cash management, … The post What Does ISO 20022 Mean for Corporates?
Dark Reading
APRIL 28, 2023
Dave Frampton of Sumo Logic Security joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how automation falls short in security management.
Expert insights. Personalized for you.
214 
Let's personalize your content