Data Breach Today
DECEMBER 6, 2022
Companies Tells US SEC That the Incident Will Affect Revenue Ransomware lies behind the ongoing outage of hosted Exchange services at Rackspace, the company disclosed in a Tuesday update. The company did not disclose any particular ransomware actor. It told federal regulators that the outage is likely to create a financial loss.
Dark Reading
DECEMBER 6, 2022
Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 6, 2022
Government Agencies and Private Sector Affected by Attack on IT Sercices Provider A ransomware attack on a New Zealand third party managed IT service provider impacted several government agencies across the country – including the Ministry of Justice and the national health authority. Investigations are ongoing to determine the incident's full impact.
Security Affairs
DECEMBER 6, 2022
Russia’s second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history. State-owned VTB Bank, the second-largest financial institution in Russia, says it is facing the largest DDoS (distributed denial of service) attack in its history. The pro-Ukraine collective IT Army of Ukraine has claimed responsibility for the DDoS attacks against the bank.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr
Data Breach Today
DECEMBER 6, 2022
Collective DDoS Defense, Rethinking Internet Defense, Zero-Day Harvesting and More Black Hat Europe returns to London, offering deep dives into the latest cybersecurity research and trends, including how to build an open, transparent, but also secure internet; harvesting zero-day flaws before attackers; what we can learn from "metaparasitical" scammers who scam scammers; and more.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 6, 2022
Aqua's Dror Davidoff Shares How Open-Source Repositories Create Risk for Cloud Apps Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff says injects additional risk. On-premises environments are still managed in more traditional ways, with the development and production phases totally siloed.
Security Affairs
DECEMBER 6, 2022
Researchers discovered a security flaw in the connected vehicle service SiriusXM that exposes multiple car models to remote attacks. Cybersecurity researchers discovered a security vulnerability in the connected vehicle service provided by SiriusXM that can allow threat actors to remotely attack vehicles from multiple carmakers, including Honda, Nissan, Infiniti, and Acura.
Data Breach Today
DECEMBER 6, 2022
CEO Tomer Weingarten Says SentinelOne Will Focus on the Top Accounts in Its Pipeline SentinelOne plans to go after more Fortune 500 and Global 2000 organizations as the economic downturn prompts customers to shrink the size of their purchases. The company has over the past year doubled the number of clients spending at least $100,000 and $1 million with SentinelOne annually.
eSecurity Planet
DECEMBER 6, 2022
In a recent analysis of the public and Internet-facing assets of 471 of the Fortune 500 companies, Cyberpion uncovered more than 148,000 critical vulnerabilities (exploits that are publicly available and actively targeted), with an average of 476 per company. Fully 98 percent of Fortune 500 companies have critically vulnerable internal assets, 95 percent have expired certificates, and 85 percent have exposed login pages accessible over HTTP.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Data Breach Today
DECEMBER 6, 2022
Phoenix CISO on Navigating the Public Sector Security Landscape Governance issues for public sector CISOs tend to focus more on shifting culture rather than maximizing efficiency for shareholders, as is expected from private sector security leaders. City of Phoenix CISO Shannon Lawson shares why good communication is crucial when a city council is involved.
Hanzo Learning Center
DECEMBER 6, 2022
December 1st marked another successful Ediscovery Day celebration full of great educational content for the legal tech industry. Now in its eighth year, Ediscovery day became more focused in its content offerings, with a great lineup of sponsored events.
Daymark
DECEMBER 6, 2022
Preparing for a Cybersecurity Maturity Model Certification (CMMC) 2.0 assessment can be completely overwhelming. Here’s the good news: If you’re NIST 800-171 compliant, you’re more than halfway there. If you’re not, you’ve got some work to do for sure, but it’s not as complicated or daunting as you may fear. NIST 800-171.
Dark Reading
DECEMBER 6, 2022
Extending multifactor authentication to include device identity assurance offers more authentication confidence than what multiple user-identity factors can by themselves.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Security Affairs
DECEMBER 6, 2022
Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues. Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. The most severe issue addressed by the security vendor is a critical code injection vulnerability tracked as CVE-2022-3236. “A code injection vulnerability allowing remote code execution was discovered in the User Po
Schneier on Security
DECEMBER 6, 2022
Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that’s not vital for the functioning of the operating system. It doesn’t affect files with extensions.exe,dll,lnk,sys or.msi, and ignores several system folders in the C:Windows directory. The malware focuses on databases, archives, and user documents.
Security Affairs
DECEMBER 6, 2022
Nicholas Truglia, from Florida, US, was sentenced to 18 months in prison for stealing more than $20 million in a SIM swapping scheme. DoJ announced that Nicholas Truglia (25) was sentenced to 18 months in prison for the theft of over $20 million worth of cryptocurrency through SIM swapping attacks. The man was ordered to pay $20,379,007 in restitution to the victim within 60 days. .
KnowBe4
DECEMBER 6, 2022
CyberheistNews Vol 12 #49 | December 6th, 2022. [Keep An Eye Out] Beware of New Holiday Gift Card Scams. By Roger A. Grimes. Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Dark Reading
DECEMBER 6, 2022
Victims include at least 15 healthcare organizations, one Fortune 500 company, and other organizations in multiple countries, security vendor says.
Data Matters
DECEMBER 6, 2022
On November 9, 2022, the New York Department of Financial Services (DFS) published its proposed second amendment to its cybersecurity regulations (23 NY CRR Part 500). This proposal follows a July 29 pre-proposal and comment period. The amendment is available for a sixty-day comment period – until January 9, 2023 – after which the agency may adopt final regulations or issue a further revised version.
Dark Reading
DECEMBER 6, 2022
There's no quick fix after decades of underinvestment, but the process has started. Cybersecurity grants, mandatory reporting protocols, and beefed-up authentication requirements are being put in place.
WIRED Threat Level
DECEMBER 6, 2022
The UK's use of technology to enforce its hard-line immigration policy brings the border into every facet of migrants' lives.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
DECEMBER 6, 2022
Organizations can best defend themselves on the cyber battlefield by adopting a military-style defense.
CGI
DECEMBER 6, 2022
Our health and care industry is in urgent need of transforming the way it delivers services and measures outcomes. Although individuals may have multiple conditions, both chronic and acute, transformation is possible if carried out in a graceful, inclusive, way that addresses patient and citizen needs.
Dark Reading
DECEMBER 6, 2022
Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.
Data Protection Report
DECEMBER 6, 2022
On November 30, 2022, an Illinois court of appeals ruled that Illinois’ biometrics privacy law—known as BIPA—requires that anyone subject to that law must develop a retention and destruction schedule when it possesses biometric data. In this case , the court found that the employer (J&M Plating Inc.) violated BIPA because it did not create its retention and destruction schedule until four years after it possessed employees’ fingerprint data.
Advertisement
While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.
Dark Reading
DECEMBER 6, 2022
CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.
ForAllSecure
DECEMBER 6, 2022
Shifting left for API security has many benefits. It allows developers to produce better code, catch API issues earlier in the development cycle, and get their work done faster. In order to build API security testing into the development process naturally, use a shift left approach along with an automated API tester, such as Mayhem for API. What Is Shifting Left?
Dark Reading
DECEMBER 6, 2022
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
Expert insights. Personalized for you.
245 
Let's personalize your content