Thu.Feb 08, 2024

article thumbnail

Breach Roundup: US Bans AI Robocalls

Data Breach Today

Also: A Widespread Linux Bootloader Vulnerability This week, the U.S. banned AI robocalls, researchers discovered a Linux bootloader flaw, France investigated health sector hackings, the feds offered money for Hive information, Verizon disclosed an insider breach, Germany opened a cybersecurity center, and cyberattack victims reported high costs.

article thumbnail

London Underground Is Testing Real-Time AI Surveillance Tools to Spot Crime

WIRED Threat Level

In a test at one station, Transport for London used a computer vision system to try and detect crime and weapons, people falling on the tracks, and fare dodgers, documents obtained by WIRED show.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Number of Attacks Against Critical Infrastructure Is Growing

Data Breach Today

New Report Shows a Surge in OT/IoT Threats and a 123% Increase in Hacking Attempts Threats to critical infrastructure are on the rise, as threat actors continue to scan networks, attack networks and devices, and try to get past access controls. At the same time, according to a new report, sectors such as manufacturing have experienced a 230% increase in vulnerabilities.

IoT 289
article thumbnail

News alert: Diversified, GroCyber form partnership to deliver media-centric cybersecurity solutions

The Last Watchdog

Kenilworth, NJ, Feb. 8, 2024 – Diversified , a leading global technology solutions provider, today announced a partnership and trio of solutions with GroCyber. Together, the companies are empowering AV and media companies to improve their cybersecurity stance by providing a “clean bill of health” for their digital media environments, ensuring hardware and software are current, and protecting media storage and devices against the threat of malware.

article thumbnail

Provide Real Value in Your Applications with Data and Analytics

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

article thumbnail

Suspected EncroChat Admin Extradited to France

Data Breach Today

Authorities Hacked the End-to-End Encryption Platform in 2020 The Dominican Republic earlier this month extradited to France a suspected administrator of now-defunct encrypted messaging service EncroChat. The extradition is the latest in a series of actions European authorities have been taking against EncroChat users since authorities penetrated its network.

More Trending

article thumbnail

Cryptohack Roundup: FTX Hacker Was a SIM Swapper

Data Breach Today

Also: AI Fake IDs Pass Crypto Exchange KYC; Treasury and SEC Address Crypto Issues This week, SIM swappers were linked to the FTX hack, AI-generated fake IDs likely bypassed crypto KYC checks, the Treasury addressed the illicit use of crypto, the SEC increased crypto oversight, Quantstamp released January's crypto hack statistics, and South Korea introduced a crypto crime law.

270
270
article thumbnail

Unprecedented Rise of Malvertising as a Precursor to Ransomware

KnowBe4

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.

article thumbnail

Cohesity Is Set to Acquire Veritas' Data Protection Business

Data Breach Today

The Combined Company Will Be Worth $7B, Firms Say Data security vendor Cohesity will acquire the data protection business of Veritas in a stock and debt transaction resulting in a combined firm by the end of this year, the companies announced Thursday. The deal values the combined company at approximately $7 billion.

Security 268
article thumbnail

On Software Liabilities

Schneier on Security

Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor.” Section 1 of this paper sets the stage by briefly describing the problem to be solved. Section 2 canvasses the different fields of law (warranty, negligence, products liability, and certification) that could provide a starting point for what would have to be legislative action establis

Paper 110
article thumbnail

Entity Resolution: Your Guide to Deciding Whether to Build It or Buy It

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

article thumbnail

Feds Warn Health Sector About Akira Again, Amid New Attacks

Data Breach Today

Recent Victims Include Pennsylvania Emergency Dispatch System U.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.

article thumbnail

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agencies, published a joint advisory to warn that China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. “the U.S. authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and foothold

article thumbnail

Getting More Out of Investments in Network-Centric Solutions

Data Breach Today

Investor Pramod Gosavi on Network Access, Endpoint Controls in a Zero Trust World Venture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.

article thumbnail

Cisco fixes critical Expressway Series CSRF vulnerabilities

Security Affairs

CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco addressed several vulnerabilities in its Expressway Series collaboration gateways, two of which, tracked as CVE-2024-20252 and CVE-2024-20254, are critical flaws that can lead to cross-site request forgery (CSRF) attacks. “Multiple vulnerabilities in the Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct c

Security 106
article thumbnail

Deliver Mission Critical Insights in Real Time with Data & Analytics

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

article thumbnail

White House Targets Software Provider Accountability

Data Breach Today

Administration Developing 'Liability Regimes' for Manufacturers, Top Official Says National Cyber Director Harry Coker said the administration is introducing a new set of "liability regimes" to hold software providers accountable for deploying unsafe systems, but experts say processes to prove that manufacturers are invested in security already exist.

article thumbnail

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

U.S. Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group. The US government also offers rewards up to $5,000,000 for information leading to the arrest and/or conviction of any individual in any country who participated or attempted to par

article thumbnail

Cybersecurity Resiliency and Your Board of Directors

KnowBe4

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors (BOD) a critical business requirement.

article thumbnail

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. Is it true? The Swiss newspaper Aargauer Zeitung first published the news of a DDoS attack, carried out on January 30, that involved three million compromised electric toothbrushes. The journalists reported that threat actors gained access to three million electric toothbrushes and installed a malware that joined them to the botnet.

IoT 104
article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

I Stopped Using Passwords. It's Great—and a Total Mess

WIRED Threat Level

Passkeys are here to replace passwords. When they work, it’s a seamless vision of the future. But don’t ditch your old logins just yet.

Passwords 118
article thumbnail

Watch Out For Valentine’s Day Romance Scams

KnowBe4

Users should be wary of online romance scams ahead of Valentine’s Day, according to Imogen Byers at ESET. While in the past these scams could often be thwarted by using reverse image search on the scammers’ profile photos, criminals can now use generative AI tools to create realistic photos of people who don’t exist.

Security 100
article thumbnail

Weekly Update 386

Troy Hunt

Somehow, an hour and a half went by in the blink of an eye this week. The Spoutible incident just has so many interesting aspects to it: loads of data that should never be returned publicly, awesome response time to the disclosure, lacklustre transparency in their disclosure, some really fundamental misunderstands about hashing algorithms and a controversy-laden past if you read back over events of the last year.

article thumbnail

Ulez fines scandal: Italian police ‘illegally accessed’ thousands of EU drivers’ data

The Guardian Data Protection

Italy’s data protection body investigates claims police shared names and addresses with firm collecting penalties for TfL The names and addresses of thousands of EU drivers were unlawfully accessed by Italian police and shared with the company that collects Ulez penalties on behalf of Transport for London (TfL), investigators believe. The Italian data protection authority is investigating claims by Belgium’s government that an unnamed police department misused official powers to pass the persona

Access 105
article thumbnail

Using Data & Analytics for Improving Healthcare Innovation and Outcomes

In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.

article thumbnail

81% of Organizations Cite Phishing as the Top Security Risk

KnowBe4

Organizations are finally dialing in on where they need to focus their cybersecurity strategies, starting with phishing. But the top four cited security risks all have one element in common.

article thumbnail

2054, Part IV: A Nation Divided

WIRED Threat Level

“The people are in the streets. We can’t ignore them any longer. Really, we have little choice. Either we heal together, or we tear ourselves apart.” An exclusive excerpt from 2054: A Novel.

article thumbnail

Creating exceptional employee experiences

IBM Big Data Hub

As the line between employees’ personal and professional lives becomes more blurred than ever, employees expect a more flexible and empathetic workplace that takes their full selves into account. This shift in employee expectation is happening in a challenging environment of rapid technological advancements, widening skills gaps and unpredictable socioeconomic issues.

Access 86
article thumbnail

GE Lighting, a Savant company, switches up its approach to supplier collaboration

OpenText Information Management

Our journey began at the turn of the century when Thomas Edison invented the carbon filament lamp. Today, GE Lighting, a Savant company, is taking the lead in developing smart home solutions—helping customers around the world design perfectly lit spaces and smart environments to live, work, and play. Every year, we deliver millions of products to … The post GE Lighting, a Savant company, switches up its approach to supplier collaboration appeared first on OpenText Blogs.

IT 67
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

The history of ESG: A journey towards sustainable investing

IBM Big Data Hub

The term ESG, or environmental, social and governance , is well-known in the investor community. It refers to a set of metrics used to measure an organization’s environmental and social impact and has become increasingly important in investment decision-making over the years. But while the term ESG was first coined in 2004 by the United Nations Global Compact, the concept has been around for much longer.

article thumbnail

An inside look at enterprise document accessibility for PDFs

OpenText Information Management

Accessible PDFs are easy to use – enabling most people to view, read or interact with them. The goal is to create an inclusive experience where all PDFs and documents are crafted with accessibility in mind or appropriate tags are added for those who require such features. For those who don’t, the document maintains its … The post An inside look at enterprise document accessibility for PDFs appeared first on OpenText Blogs.

Access 62
article thumbnail

Jamf After Dark: Broadcom acquires VMware and what it means for Workspace One customers?

Jamf

In this episode of Jamf After Dark’s podcast, our hosts Kat Garbis and Sean Rabbit discuss the ins and outs of the Broadcom-VMware acquisition with Veronica Batista, Competitive Intelligence. Also, what does the fallout surrounding the purchase mean for existing users of VMware consumer products? Lastly, Andrew Needham, Professional Services Engineer, shares his thoughts on what migrating to Jamf cloud from VMware’s consumer solutions might look like for businesses negatively impacted by the Bro

IT 52