Wed.May 22, 2024

article thumbnail

Anyone Can Trick AI Bots into Spilling Passwords

Data Breach Today

Thousands of People Tricked Bots into Revealing Sensitive Data in Lab Setting It doesn't take a skilled hacker to glean sensitive information anymore: all you need to trick a chatbot into spilling someone else's passwords is "creativity." In a multi-level test, nearly all participants were able to trick the chatbot into revealing a password on at least one level.

Passwords 287
article thumbnail

News alert: AI SPERA integrates its ‘Criminal IP’ threat intelligence tool into AWS Marketplace

The Last Watchdog

Torrance,Calif., May 22, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal IP , is now available on the AWS Marketplace. This integration ensures efficient software procurement and deployment, aligning seamlessly with customers’ existing cloud architectures.

IT 130
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft's Recall Stokes Security and Privacy Concerns

Data Breach Today

K ICO Announces Probe Into Microsoft Screenshot Storage Feature Microsoft's new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. Additionally, the U.K. data regulator will probe Recall for compliance with privacy law.

Privacy 276
article thumbnail

Teslas Can Still Be Stolen With a Cheap Radio Hack—Despite New Keyless Tech

WIRED Threat Level

Ultra-wideband radio has been heralded as the solution for “relay attacks” that are used to steal cars in seconds. But researchers found Teslas equipped with it are as vulnerable as ever.

IT 128
article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Rockwell Automation Urges Disconnection of ICS from the Internet

Data Breach Today

Advisory Says Disconnecting ICS Reduces Exposure to Malicious Cyber Activities Rockwell Automation warned customers to disconnect industrial control systems from the internet, citing escalating cyber threats and rising global geopolitical tensions. Disconnecting these systems is a proactive measure to reduce the attack surface.

216
216

More Trending

article thumbnail

Chinese Cyber Espionage Groups Tied to ORB Network Attacks

Data Breach Today

Beijing's Tough-to-Track Mesh Networks Built Using Hacked Devices, Mandiant Warns Multiple Chinese cyber espionage groups, including Volt Typhoon, are using operational relay box networks, aka ORBs, built using leased proxy servers and compromised or end-of-life routers, to avoid detection and complicate efforts to track their activities, warns Google Cloud's Mandiant.

Cloud 169
article thumbnail

A consumer-grade spyware app found in check-in systems of 3 US hotels

Security Affairs

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported. Parents often use the app to monitor their children’s online activities or by employers to keep track of employee productivity and internet usage.

Access 119
article thumbnail

LockBit Demands $25M Ransom from Canadian Drug Store Chain

Data Breach Today

Threatens to Leak Stolen Data; Attack Temporarily Shut Down Retail Pharmacy Stores LockBit cybercriminals demanded a $25 million ransom from Canadian pharmacy retail chain London Drugs following an attack detected in late April that forced the company to temporarily close its 79 stores across western Canada for more than a week.

Retail 161
article thumbnail

An ongoing malware campaign exploits Microsoft Exchange Server flaws

Security Affairs

A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. Positive Technologies researchers observed while responding to a customer’s incident spotted an unknown keylogger embedded in the main Microsoft Exchange Server page. The keylogger was used to collect account credentials.

article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

OpenText Boosts MDR Offering for MSPs With Pillr Acquisition

Data Breach Today

Purchase Fills Gap in OpenText's Cyber Offering for Small and Mid-Sized Businesses OpenText has acquired Pillr to strengthen its managed detection and response capabilities for small and mid-sized businesses. The integration will provide managed service providers with advanced security solutions, addressing increasing cyber threats and expanding OpenText's security portfolio.

Security 152
article thumbnail

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital imaging solutions. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 billion. OmniVision Technologies Inc. is an American subsidiary of Chinese semiconductor device and mixed-signal integrated circuit design house Will Semiconductor.

article thumbnail

Pakistani-Aligned APT36 Targets Indian Defense Organizations

Data Breach Today

Espionage Group Using Linux-based Espionage Tools to Nab Defense Secrets A politically motivated hacking group aligned with Pakistani interests is matching the Indian military's shift away from the Windows operating system with a heavy focus on malware encoded for Linux. BlackBerry observed the cyberespionage group targeting government agencies and the defense industry.

Military 152
article thumbnail

Announcing KnowBe4 Student Edition: Cybersecurity Education Tailored for the Next Generation

KnowBe4

I recently heard another heartbreaking story of students who were scammed out of financial aid by a phishing attack. We have also heard stories of employment scams and social media based attacks where students fell victim to cybercriminals.

Education 103
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Unfading Sea Haze APT Targeting South China Sea Governments

Data Breach Today

Bitdefender Exposes Unfading Sea Haze's Advanced Cyberespionage Tactics A previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.

article thumbnail

ICO Publishes Its Strategic Approach to Regulating AI

Data Matters

On 30 April 2024, the UK’s Information Commissioner’s Office (“ICO”) published its strategic approach to regulating artificial intelligence (“AI”) (the “Strategy”), following the UK government’s request that key regulators set out their approach to AI regulation and compliance with the UK government’s previous AI White Paper (see our previous blog post here).

article thumbnail

Proof of Concept: Ensuring AI Compliance, Security Controls

Data Breach Today

Panelists Troy Leach and Avani Desai on AI Organizational and Regulatory Challenges In the latest "Proof of Concept," Troy Leach of CSA and Avani Desai of Schellman discussed integrating AI into organizational frameworks. They highlighted the evolving roles of compliance and leadership and the importance of regulatory frameworks in ensuring robust and trustworthy AI deployment.

article thumbnail

Critical Veeam Backup Enterprise Manager authentication bypass bug

Security Affairs

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication. Veeam Backup Enterprise Manager is a centralized management and reporting tool designed to simplify the administration of Veeam Backup & Replication environments.

article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

Malicious Use of Generative AI Large Language Models Now Comes in Multiple Flavors

KnowBe4

Analysis of malicious large language model (LLM) offerings on the dark web uncovers wide variation in service quality, methodology and value – with some being downright scams.

article thumbnail

Navigating GDPR Compliance with CIAM: A Quick Guide

Thales Cloud Protection & Licensing

Navigating GDPR Compliance with CIAM: A Quick Guide andrew.gertz@t… Wed, 05/22/2024 - 16:13 Identity & Access Management Access Control Compliance GDPR Wouter de Wit | Senior Product Manager, Thales More About This Author > In 2018, the implementation of the General Data Protection Regulation ( GDPR ) shook up the landscape of data handling across the European Union.

GDPR 62
article thumbnail

Don't Let Criminals Steal Your Summer Fun

KnowBe4

Summer has finally arrived in certain parts of the world, and with it come many exciting events — from the grandeur of the Olympics to the grass courts of Wimbledon, from the electrifying performances of Taylor Swift to the many other concerts that light up the season.

IT 86
article thumbnail

Counting Down to the EU NIS2 Directive

Thales Cloud Protection & Licensing

Counting Down to the EU NIS2 Directive madhav Thu, 05/23/2024 - 05:16 Our recently released 2024 Data Threat Report showed a direct correlation between compliance and cyber security outcomes. 84% of organizations that failed a compliance audit reported having a data breach in their history. By contrast, for those that passed compliance audits, only 21% have a breach history.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

UK Cybersecurity Org Offers Advice for Thwarting BEC Attacks

KnowBe4

The UK’s National Cyber Security Centre (NCSC) has issued guidance to help medium-sized organizations defend themselves against business email compromise (BEC) attacks, especially those targeting senior staff members.

article thumbnail

OpenText sets its sights on the Payments Canada Summit 2024 

OpenText Information Management

We are excited to be a lead sponsor at the 2024 Payments Canada Summit! As we prepare for one of the most important events in payments, we understand that the financial services industry is undergoing significant changes, driven by standards like ISO 20022 and the rapid adoption of artificial intelligence. That's why we’re committed to leading the discussion on these critical topics at The Summit.

article thumbnail

CILIP welcomes General Election call

CILIP

Looking for opportunities A general election has been called by Prime Minister Rishi Sunak, with a date set for 4 July. The election will give voters across the country the chance to have their say at the ballot box as they decide on a new government. Whatever the outcome of the 4 July vote, there is guaranteed to be a huge number of new MPs entering the House of Commons for the first time.

article thumbnail

How to use Windows Quick Assist for tech support - and why it's better than Remote Desktop

Collaboration 2.0

Whether you need to give or receive technical help, here's how to make the most of the Quick Assist tool in Windows 10 and 11.

IT 75
article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

Unredacting Pixelated Text

Schneier on Security

Experiments in unredacting text that has been pixelated.

96
article thumbnail

To dream like a human? Creative reflections on the age of AI

CILIP

Looking for opportunities By Matt Finch ( @drmattfinch ), writer and consultant who specialises in strategy, foresight, and innovation work with institutions worldwide. See more here. AUSTRALIA’S Peter Miller, aka Scribbletronics. has been working with digital art for two decades. It’s a long way from his early days, tinkering with mathematical rules to generate procedural images, but Peter’s approach has evolved for the age of Midjourney, DALL-E, et al.

article thumbnail

INFORM24 Conference for the ARMA New Jersey Chapter on June 12th, 2024

IG Guru

Check out the event link here. The post INFORM24 Conference for the ARMA New Jersey Chapter on June 12th, 2024 first appeared on IG GURU.