Thu.Sep 26, 2024

article thumbnail

Breach Roundup: How to Spot North Korean IT Workers

Data Breach Today

Also: Ransomware Surged in 2023, MoneyGram Back in Service After Cyberattack This week, advice on spotting North Korean staff; ransomware attacks rose; MoneyGram back online; FCC fined political operative; CISA warned of water system attacks; Ukraine restricted Telegram use; North Korean hackers used new malware; U.K. arrested alleged hacker; PSNI is in data leak talks.

IT 247
article thumbnail

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

NIST Calls for Major Overhaul in Typical Password Practices

Data Breach Today

Draft Guidelines Call for Longer, Randomized Passwords Instead of Memorized Phrases The National Institute of Standards and Technology is calling for longer, randomized passwords instead of memorized phrases containing combinations of upper and lowercase letters in new guidance that aims to modernize current password practices across the public and private sectors.

Passwords 164
article thumbnail

Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

WIRED Threat Level

Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.

Privacy 145
article thumbnail

The Tumultuous IT Landscape is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Visa Acquires AI Leader Featurespace for Payments Protection

Data Breach Today

Featurespace's AI Expertise Will Enhance Visa's Fraud, Risk and Payments Technology Visa has signed a definitive agreement to acquire AI-driven fraud prevention leader Featurespace. This acquisition will reinforce Visa's fraud detection capabilities, integrating advanced machine learning technology to strengthen financial crime prevention and protect global transactions.

Risk 156

More Trending

article thumbnail

Memory-Safe Coding Cuts Android System Flaws by 75%

Data Breach Today

Google Says Rust Language Initiative Eliminates Cross-Site Scripting, Other Flaws Google says switching to a memory-safe language such as Rust under its Safe Coding program has helped significantly reduce the number of vulnerabilities in Android systems. The number of vulnerabilities uncovered in Android devices has fallen from over 200 in 2019 to fewer than 50 by 2024.

IT 156
article thumbnail

Hacking Kia cars made after 2013 using just their license plate

Security Affairs

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts ( Neiko Rivera , Sam Curry , Justin Rhinehart , Ian Carroll ) discovered multiple vulnerabilities in Kia vehicles that allowed remote control of key functions using their license plates.

Access 112
article thumbnail

Zero-Day Vulnerabilities in Automatic Tank Gauge Systems

Data Breach Today

Hackers Could Cause Tanks to Overfill and Disable Leak Detection Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberattacks that cause physical damage.

article thumbnail

How hackers could have remotely controlled millions of cars

Collaboration 2.0

A website flaw - since patched - enabled these researchers to remotely track a car's location, unlock its doors, honk the horn, and start the engine.

IT 98
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

OpenAI Exits, Appointments and New Corporate Model

Data Breach Today

OpenAI Seeks to Become a For-Profit Company Wednesday brought more turmoil in the top ranks of OpenAI after three executives in leadership positions quit the company at a time when the AI giant seeks to convert itself into a for-profit entity. The new structure may affect how the company prioritizes and addresses AI risks.

Risk 156
article thumbnail

Posting ‘Goodbye Meta AI’ is pointless. But we can stop big tech stealing our Facebook pictures | Chris Stokel-Walker

The Guardian Data Protection

Sharing these posts may seem harmless, but don’t be drawn in. There are better ways to combat the threats to our data If you’ve spent any time on Instagram or Facebook lately, you will probably have encountered concerned citizens sharing posts denying Meta, the parent company of both platforms as well as WhatsApp, the right to use their data to train AI systems.

article thumbnail

Cryptohack Roundup: BingX, Truflation Exploits

Data Breach Today

Also: Reimbursements in Banana Gun Hack; Germany Shutters 47 Exchanges This week, BingX, Truflation, OpenAI X account hacked; Germany shut 47 exchanges; Caroline Ellison sentenced; two got crypto theft charges; one got crypto scam fine; Banana Gun will refund victims; WazirX, Liminal in dispute; SEC settled with TrueCoin, TrustToken; CFTC may settle with Mango Markets.

Marketing 156
article thumbnail

What Are ISO 27017 and ISO 27018, and What Are Their Controls?

IT Governance

Extending your ISMS to address Cloud security risks ISO 27001 sets out the specification – the requirements – for an effective ISMS (information security management system). But did you know you can extend your ISO 27001 ISMS to cover specific aspects of Cloud security ? Two ISO standards in particular stand out: ISO 27017 ISO 27018 Let’s take a closer look at both ISO 27017 and ISO 27018.

Cloud 85
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Sophos: Attacks Drop in Nearly All Sectors But Healthcare

Data Breach Today

Survey Finds 37% of Providers Take Over a Month to Recover From Ransomware Ransomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which surveyed 5,000 IT leaders across 15 sectors and 14 countries between January and February.

article thumbnail

Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature

Security Affairs

Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a complaint with Austria’s data protection authority (DSB) against Mozilla for enabling the privacy feature Privacy-Preserving Attribution (PPA) in Firefox without user consent.

Privacy 84
article thumbnail

'Vanilla Tempest' Now Using INC Ransomware in Health Sector

Data Breach Today

Microsoft: Ransomware-as-a-Service Group Keeps Shifting Malware to Avoid Detection Threat actors tracked as "Vanilla Tempest" - and also known as Vice Society - appear to be changing up the ransomware they use to attack on U.S. healthcare organizations. Likely in a move to avoid detection, the ransomware-as-a-service group has shifted to INC Ransom malware, according to Microsoft.

article thumbnail

These Anker headphones offer unmatched comfort and out-of-this-world ANC

Collaboration 2.0

Soundcore's most expensive headphones have a powerful ANC feature that delivers an immersive audio experience.

98
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

State Lawmakers to Give Banks Tools to Fight Elder Fraud

Data Breach Today

With No Federal Help in Sight, 6 Legislatures Hope to Stop Suspicious Transactions As cyber fraud against senior citizens rises, at least four U.S. states are considering new legislation to fill the gaps in fraud protection normally covered by the federal Consumer Financial Protection Bureau. The bills would protect seniors by empowering banks to block suspicious transactions.

148
148
article thumbnail

Best early Prime Day laptop deals to shop in October 2024

Collaboration 2.0

We've rounded up the best laptop deals ahead of Amazon's Prime Big Deal Days sale, including significant deals on Apple's MacBook Pro, and computers from Asus, Lenovo, and more.

Sales 75
article thumbnail

Proof of Concept: Boosting Security and Taming AI 'Lies'

Data Breach Today

Troy Leach and Avani Desai on Risks of AI Hallucination and Misleading Outputs In the latest "Proof of Concept," Troy Leach of the Cloud Security Alliance and Avani Desai of Schellman discuss the risks of AI hallucinations. As AI models advance, hallucinations pose serious threats to security, especially when quick and accurate decision-making is essential.

Security 148
article thumbnail

Meta takes some big AI swings at Meta Connect 2024

Collaboration 2.0

Meta's new AI features bring a combination of image editing, voice interaction, and real-time translation to the forefront. Learn how Llama 3.2 is reshaping user experiences across Meta's ecosystem of apps.

98
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Configuring Jamf Teacher with Jamf School: from zero to hero

Jamf

Learn to create EdTech roles to support classroom workflows and enhance educational technology integration with Jamf School and Jamf Teacher.

article thumbnail

Meta is suddenly crushing Apple in the innovation battle - but wait, there's more!

Collaboration 2.0

I never thought I'd say this, but Meta's announcements - from affordable Quest 3 headsets to updated Ray-Ban smart glasses - are a lot more exciting than Apple's right now.

75
article thumbnail

An Analysis of the EU’s Cyber Resilience Act

Schneier on Security

A good —long, complex—analysis of the EU’s new Cyber Resilience Act.

article thumbnail

In a surprise twist, Meta is suddenly crushing Apple in the innovation battle

Collaboration 2.0

I never thought I'd say this, but Meta's announcements - from affordable Quest 3 headsets to updated Ray-Ban smart glasses - are a lot more exciting than Apple's right now.

98
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Partners: Why you should attend OpenText World 2024!

OpenText Information Management

Calling all OpenText partners! Ice and Skye, our AI-generated guides, are eager to welcome you to OpenText World 2024 at The Venetian Resort, Las Vegas, November 18-21. Join us for our exclusive OpenText Partner Summit on November 18, then enjoy the premiere information management conference to see how reimagining information can reinvent knowledge workers and reinvigorate business.

article thumbnail

Forget iPhone 16: Samsung's $649 Galaxy S24 FE may be the new mainstream phone to beat

Collaboration 2.0

Samsung has pulled back the curtain on its new Galaxy S24 FE, and although it's supposed to be a mid-range phone, it offers a similar experience to the flagship S24 model.

IT 75
article thumbnail

State of the Global Intelligent Document Processing Market 2023/2024

Info Source

KEY TAKEAWAYS Globally end customer organisations invested close to 7 Billion US$ into IDP solutions in 2023. The demand for IDP solutions grew at solid double digit rate compared to the previous year. The demand for the automation of business processes continues to increase, fueled by the shortage of skilled staff. 2023 showed a particularly strong growth of IDP solutions offered by vendors who specialise in enterprise automation solutions.