Thu.Apr 11, 2024

article thumbnail

Breach Roundup: Sisense Supply Chain Attack

Data Breach Today

Also: A Romanian Botnet and Alcohol Counselor Monument Settles with US FTC Over Ads This week, Sisense supply chain attack, a likely Romanian botnet, Patch Tuesday, an Apple spyware warning and AT&T notifies customers of breach. Alcohol counselor Monument shared data with Meta, a breach of Home Depot employee data, a breach at Targus and a threat actor targeted Moroccan activists.

200
200
article thumbnail

Information Governance: It’s What you Retain that Matters

AIIM

It’s funny how corporate leaders get serious about information governance right after their company has been hit with a lawsuit or regulatory action. OK, it’s not funny at all. But that’s usually when many executives decide it's time to implement information governance and in particular, document retention. We’re here to advise you to not put off having a defensible retention p rogram in place long before any legal action occur s.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Raspberry Robin Morphs, Now Spreads via Windows Script Files

Data Breach Today

Malware Platform Operators Taket Steps to Obfuscate Code Threat actors behind malware distribution platform Raspberry Robin worm have shifted tactics to make the malware harder to detect and for researchers to analyze. Hackers deploying Raspberry Robin - often a precursor to a ransomware attack - now use Windows Script Files.

article thumbnail

News alert: Simbian launches with $10M to build autonomous, GenAI-powered security platform

The Last Watchdog

Mountain View, Calif. – April 11, 2024 – Simbian today emerged from stealth mode with oversubscribed $10M seed funding to deliver on fully autonomous security. As a first step towards that goal, the company is introducing the industry’s first GenAI-powered security co-pilot that integrates secure and intelligent AI solutions into diverse IT environments to maximize coverage and expedite resolutions to security teams’ ever-changing needs.

Security 100
article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Identity Security and How to Reduce Risk During M&A

Data Breach Today

Cybersecurity occupies a growing priority status in merger and acquisition discussions. But what about the specific role of identity security? SailPoint's Lori Diesen showcases the value of transitioning to SaaS-based identity security to reduce risk during M&A activity.

Risk 177

More Trending

article thumbnail

CISA Warns Russian Microsoft Hackers Targeted Federal Emails

Data Breach Today

US Cyber Defense Agency Instructs Agencies to Fortify Systems Amid Microsoft Breach The U.S. Cybersecurity and Infrastructure Security Agency publicly released an emergency directive Thursday requiring impacted federal agencies to take immediate remediation measures amid continued fallout from the Russian state-sponsored hacking of Microsoft that began in late November.

article thumbnail

CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link multiple NAS devices flaws to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-3272 D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability CVE-2024-3273 D-Link Multiple NAS Devices Command Injection Vulnerability The flaw CVE-202

IT 113
article thumbnail

Change Healthcare Attack 'Devastating' to Doc Practices

Data Breach Today

AMA Survey Finds 80% of Practices Lost Revenue From Unpaid Claims The IT services disruptions resulting from the Change Healthcare cyberattack is continuing to have a "devastating" effect on physician practices, threatening the financial viability of many and posing serious implications to patient care, said the American Medical Association in a new study.

IT 161
article thumbnail

Microsoft fixed two zero-day bugs exploited in malware attacks

Security Affairs

Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products.

Marketing 111
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT

Data Breach Today

Deal Will Thwart Lateral Movement of Malicious Traffic Inside of Corporate Networks Zscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context. Acquiring Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices.

IoT 152
article thumbnail

DuckDuckGo Is Taking Its Privacy Fight to Data Brokers

WIRED Threat Level

Privacy-focused company DuckDuckGo is launching a tool to remove data from people-search websites, a VPN, and an identity theft restoration service.

Privacy 118
article thumbnail

FBI Calls for Increased Funding to Counter Cyber Threats

Data Breach Today

FBI Director Chris Wray Warns U.S. Falling Behind to Adversaries in Cyberspace FBI Director Christopher Wray told a congressional panel Thursday the United States faces a wide range of "escalated" digital threats, including sophisticated cyberattacks and emerging risks to networks and critical infrastructure. The FBI took over 1,000 actions against cyber adversaries in 2023.

Risk 152
article thumbnail

US CISA published an alert on the Sisense data breach

Security Affairs

Business intelligence software company Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide. Sisense, a business intelligence software company, experienced a cyberattack potentially exposing the sensitive data of global enterprises. The list of the company’s customers includes Nasdaq, Philips Healthcare, Verizon, and many others.

article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Cryptohack Roundup: Google Sues Alleged Crypto App Crooks

Data Breach Today

Also: Terraform Labs Liable in US Court for Civil Fraud This week, Google sued alleged crypto fraudsters, Mango Markets exploiter's trial began, Do Kwon and Terraform Labs are liable for civil fraud, Taiwanese prosecutors indicted ACE Exchange's co-founder, Wormhole nearly gave $40,000 to hackers and a Binance executive pleaded not guilty in Nigeria.

Marketing 152
article thumbnail

Water Facilities Compromised By Iranian Threat Actors

KnowBe4

In December 2023, a joint alert was issued by the FBI, CISA, NSA, EPA, and INCD regarding Iranian cyber actors known as "CyberAv3ngers" linked to Iran's Islamic Revolutionary Guard Corps (IRGC).

article thumbnail

Chambers 2024 Global Practice Guides for Data Protection & Privacy and Cybersecurity

Data Matters

The newest editions of the Chambers Global Practice Guides have been published and, once again, Sidley lawyers have contributed to two guides: Data Protection & Privacy 2024 and Cybersecurity 2024. These publications cover important developments across the globe and offer insightful legal commentary for businesses on issues related to data privacy and cybersecurity, such as regulatory enforcement and litigation, global cooperation to combat cybercrime, international agreement on ‘Softw

Privacy 88
article thumbnail

Top Tax Scams of 2024 Your Organization Should Watch Out For

KnowBe4

As the April 15, 2024 filing deadline approaches, tax scam artists are working overtime to take advantage of rushed or stressed taxpayers.

article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

Apple warns of mercenary spyware attacks on iPhone users in 92 countries

Security Affairs

Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported. Apple is alerting iPhone users in 92 countries about mercenary spyware attacks, reported Reuters. Reuters only mentioned India as one of the countries where users were targeted by the attacks. According to a threat notification email sent to targeted users, the IT giant detected attempts to “remotely compromise the iPhone.” The company did not attribute the targeted atta

MDM 89
article thumbnail

Yesterday, in DC, I was given the Holland on the Hill Freddy Heineken Award

KnowBe4

The Holland on the Hill Freddy Heineken Award honors an entrepreneur who has made a substantial and positive contribution to the US-Dutch economic relationship, exemplifying the best of both worlds.

85
article thumbnail

IBM researchers to publish FHE challenges on the FHERMA platform

IBM Big Data Hub

To foster innovation in fully homomorphic encryption (FHE), IBM® researchers have begun publishing challenges on the FHERMA platform for FHE challenges launched in late 2023 by the Fair Math and the OpenFHE community. FHE: A new frontier in technology Fully homomorphic encryption is a groundbreaking technology with immense potential. One of its notable applications lies in enhancing medical AI models.

article thumbnail

Malvertising Campaigns Surged in 2023

KnowBe4

Researchers at BlueVoyant observed a 50% increase in large-scale malvertising campaigns in 2023 compared to 2022.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

New Draft US Privacy Act Bill Includes Record and Data Retention

IG Guru

(4) RETENTION SCHEDULE.—Developing, maintaining, and adhering to a retention schedule for covered data disposal consistent with the practices and procedures required in paragraph (3). Read the draft bill here. The post New Draft US Privacy Act Bill Includes Record and Data Retention first appeared on IG GURU.

Privacy 91
article thumbnail

Investing in Technology to Improve Healthcare Staff Retention and Hospital Security

HID Global

Employing innovative healthcare technologies helps prevent workplace violence, enhances security, increases staff retention and boosts hospital operations.

article thumbnail

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.

article thumbnail

Which Digital Travel Credential Is Right for My Country?

HID Global

Learn the nuances of the different digital travel credential (DTC) types so you can determine which one is ideal for your country.

52
article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

Backdoor in XZ Utils That Almost Happened

Schneier on Security

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery : The security of the global internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers.

Libraries 132
article thumbnail

AI governance is rapidly evolving — Here’s how government agencies must prepare

IBM Big Data Hub

The global AI governance landscape is complex and rapidly evolving. Key themes and concerns are emerging, however government agencies must get ahead of the game by evaluating their agency-specific priorities and processes. Compliance with official policies through auditing tools and other measures is merely the final step. The groundwork for effectively operationalizing governance is human-centered, and includes securing funded mandates, identifying accountable leaders, developing agency-wide AI

article thumbnail

News alert: NTT all photonics network connects data centers in U.S., U.K. at very low latency

The Last Watchdog

San Francisco and Tokyo, Apr. 11, 2024 – At Upgrade 2024 , NTT Corporation (NTT) and NTT DATA announced the successful demonstration of All-Photonics Network (APN) -driven hyper low-latency connections between data centers in the United States and United Kingdom. In the U.K., NTT connected data centers north and east of London via NTT’s Innovative Optical Wireless Network (IOWN) APN, and communication between them was realized with a round-trip delay of less than 1 millisecond.