Data Breach Today
MARCH 8, 2023
Campaign Mainly Targets Indian And Pakistani Android Users with Romance Honey Trap A cyberespionage campaign using Trojanized apps implanted with a backdoor to exfiltrate sensitive data is doing the rounds in India and Pakistan. Researchers at cybersecurity firm Eset identify the threat actor as Transparent Tribe, a group aligned with the Pakistani government.
The Last Watchdog
MARCH 8, 2023
APIs (Application Programming Interfaces) play a critical role in digital transformation by enabling communication and data exchange between different systems and applications. Related: It’s all about attack surface management APIs help digital transformation by enabling faster and more efficient business processes, improving customer experience, and providing new ways to interact with your business.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 8, 2023
An Estimated 600,000 Customers Affected by Breach Records of more than half a million customers of a lending service owned by India's largest private sector bank are apparently downloadable for free on a criminal data breach forum. HDFC Bank says it detected a data breach at one of its service providers that processes customer information.
Hunton Privacy
MARCH 8, 2023
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament. The first version of the reform bill was originally proposed by the UK government in July 2022, but was put on pause during September 2022. According to UK government in its press release , the Bill will “introduce a simple, clear and business-friendly framework that will not be difficult or costly to implemen
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
MARCH 8, 2023
Civil Society and Tech Firms Warn Aginst Modifying the European Privacy Law The British government is proposing modifications to the European privacy law adopted as British law before leaving European Union. Civil society groups warn changes to the U.K. GDPR could lead to more surveillance. Some tech firms say the government is poised to increase their regulatory burden.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 8, 2023
Mixing Conti's Leftovers and Small Teams Helped Hive Earn Millions, Researcher Says Key to the business success of top ransomware groups remains their ability to find innovative new ways to amass victims. For Hive, which received more than $100 million in ransom payments before being disrupted by law enforcement, the new business strategy that helped it thrive was co-working.
OpenText Information Management
MARCH 8, 2023
“I raise up my voice—not so that I can shout, but so that those without a voice can be heard. … We cannot all succeed when half of us are held back.” Malala Yousafzai Today on International Women’s Day (IWD), we raise up our voices to celebrate the good and speak out against the unjust. … The post International Women’s Day 2023: Embrace Equity appeared first on OpenText Blogs.
Data Breach Today
MARCH 8, 2023
Despite Foes Like DocuSign, Latest Financials Are Up But Potential Buyers Are Near Identity verification and e-signature firm OneSpan is working with investment bank Evercore on a sale process that could attract interest from other businesses and private equity firms, Reuters reported. This follows five publicly traded cyber vendors agreeing to go private since the start of 2022.
Dark Reading
MARCH 8, 2023
Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 8, 2023
HHS, Health Sector Coordinating Council Toolkit Will Help Sector Better Manage Risk The Department of Health and Human Services and the Health Sector Coordinating Council on Wednesday published an updated toolkit that aims to help healthcare entities align security programs with the National Institute of Standards and Technology's Cybersecurity Framework.
Collibra
MARCH 8, 2023
March 8 marks International Women’s Day, a day dedicated to celebrating the achievements of women around the world and accelerating the march toward true equality for women everywhere. Founded in 1911, communities around the world have recognized this day for more than 100 years, yet a 2022 World Economic Forum study found we are still 132 years away from closing the gender global gap.
Data Breach Today
MARCH 8, 2023
Should French Multinationals Report Breaches Outside France? To Whom? By When? A French law requiring companies to report cyber incidents to authorities within 72 hours or lose their eligibility for cyber insurance reimbursement has practitioners scratching their heads. Global companies with headquarters in France will have the most uncertainty, experts say.
Security Affairs
MARCH 8, 2023
Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
WIRED Threat Level
MARCH 8, 2023
Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic.
Security Affairs
MARCH 8, 2023
US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog : CVE-2022-35914 (CVSS score: 9.8) – Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891 (CVSS score: 8.8) – Apache Spark Command Injection Vulnerability CVE-2022-28810 (CVSS score: 6.8) – Zoho ManageEngine AD
KnowBe4
MARCH 8, 2023
Despite a lot of focus on phishing and remote access as initial access vectors, new data shows the use of vulnerabilities is not only on the rise, but simply isn’t being properly addressed.
Security Affairs
MARCH 8, 2023
Veeam addressed a high-severity vulnerability in the Backup Service that impacts Backup & Replication software. Veeam addressed a high-severity vulnerability in the Backup Service, tracked as CVE-2023-27532 (CVSS v3 score: 7.5), that impacts all versions of Backup & Replication software versions. “Vulnerability CVE-2023-27532 in Veeam Backup & Replication component allows to obtain encrypted credentials stored in the configuration database.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Schneier on Security
MARCH 8, 2023
Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit. These sophisticated pieces of malware target the UEFI—short for Unified Extensible Firmware Interface —the low-level and complex chain of firmware responsible for booting up virtually every modern computer.
KnowBe4
MARCH 8, 2023
As credential theft-focused phishing attacks continue to assist initial access brokers, new data shows banking fraud continues to be a material threat to individuals and businesses alike.
Security Affairs
MARCH 8, 2023
North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea-linked Lazarus APT group exploiting a zero-day vulnerability in an undisclosed software to breach a financial business entity in South Korea. The nation-state actors breached twice the company in one year.
WIRED Threat Level
MARCH 8, 2023
After successful autonomous flight tests in December, the military is ramping up its plans to bring artificial intelligence to the skies.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
MARCH 8, 2023
China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia. The state-sponsored hackers used a new version of the SoulSearcher loader, which eventually loads a new version of the Soul modular framework.
Dark Reading
MARCH 8, 2023
More than two years after a major takedown by law enforcement, the threat group is once again proving just how impervious it is against disruption attempts.
Security Affairs
MARCH 8, 2023
CloudBees vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems. Researchers from cloud security firm Aqua discovered a chain of two vulnerabilities in the Jenkins open-source automation server that could lead to code execution on targeted systems. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community.
IG Guru
MARCH 8, 2023
How AI is or could be employed for content management is not yet understood. Please take 15 minutes of your time to respond to this survey to help us better understand how digital content is being managed today and how AI is or could be employed to relieve pain points. The survey is open through April 15, 2023.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Thales Cloud Protection & Licensing
MARCH 8, 2023
Your Cannot Secure Your Data by Network Penetration Testing divya Thu, 03/09/2023 - 06:05 Organisations continue to experience serious data breaches, often causing harm to their customers, society, and their hard-earned reputations. It would seem obvious from the reported data that there continues to be a flaw in the cybersecurity industry’s approach to data security.
KnowBe4
MARCH 8, 2023
Vade has released a report looking at phishing trends in 2022. The researchers say the top three most-impersonated brands last year were Facebook, Microsoft, and Google.
Dark Reading
MARCH 8, 2023
A state-backed threat actor impersonates political figures, tricking a prime minister, a former US president, and several European mayors and MPs into video calls later used in an anti-Ukraine influence campaign.
Expert insights. Personalized for you.
271 
Let's personalize your content