Thu.Dec 07, 2023

article thumbnail

Lessons in Threat Detection for Insider Threats

Data Breach Today

The Risk of Insider Threats Is Growing, But So Are Methods to Detect Them Whether because they're malicious, oblivious to company rules or outsmarted by hackers, insiders pose a mounting degree of risk to companies. Hunting for outside hackers offers lessons in preventing insider incidents, said Thomas Etheridge, CrowdStrike chief global professional services officer.

Risk 279
article thumbnail

End-to-End Encrypted Instagram and Messenger Chats: Why It Took Meta 7 Years

WIRED Threat Level

Mark Zuckerberg personally promised that the privacy feature would launch by default on Messenger and Instagram chat. WIRED goes behind the scenes of the company’s colossal effort to get it right.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cryptohack Roundup: Bitzlato Boss Admits to Laundering Money

Data Breach Today

Also: Judge Accepts Changpeng Zhao Guilty Plea; November's 'Damaging' Hack Numbers This week, a Bitzlato co-founder pleaded guilty to money laundering charges, a federal judge accepted ex-Binance chief's guilty plea, thieves stole $363M in crypto this November, KyberSwap looks to compensate hack victims, Platypus hackers walked free, and Velodrome and Aerodrome were hacked again.

277
277
article thumbnail

Spying through Push Notifications

Schneier on Security

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands. Sen. Wyden is trying to get to the bottom of this : In a statement, Apple said that Wyden’s letter gave them the opening they needed to share more details with the public about how governments monitored push notifications. “In this case, the fed

Metadata 134
article thumbnail

The Tumultuous IT Landscape Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Joe Sullivan Tells Black Hat Europe: 'Choose Your Own Destiny'

Data Breach Today

Convicted Former Uber CSO Shares Lessons Learned From Government's Case Against Him Cybersecurity professionals must choose their own destiny, former CSO Joe Sullivan said at this week's Black Hat Europe in London. CISOs will either remain down in the weeds, technically speaking, or learn to become true senior executives and be treated as such by the board.

More Trending

article thumbnail

Microsoft CISO, Deputy CISO Reassigned in Management Shakeup

Data Breach Today

Former Bridgewater CTO Igor Tsyganskiy Named CISO in Wake of Chinese Email Hack Microsoft has demoted its CISO after 14 years on the job, reassigned its deputy CISO and named Igor Tsyganskiy - a former CTO at Bridgewater Associates who just joined Microsoft four months ago as chief strategy officer - as its new chief information security officer.

article thumbnail

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

Russia-linked group APT28 exploited Microsoft Outlook zero-day to target European NATO members, including a NATO Rapid Deployable Corps. Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members.

Military 109
article thumbnail

The Joint Commission Unveils New Data Privacy Certification

Data Breach Today

Program Addresses Secondary Use of Patient Data by Third Parties for AI Initiatives The Joint Commission is kicking off a new voluntary certification program for hospitals' "responsible use" of health data. The effort aims to help address growing privacy concerns over the secondary use of patient data by third parties for artificial intelligence initiatives and other activities.

article thumbnail

Elijah Wood and Mike Tyson Cameo Videos Were Used in a Russian Disinformation Campaign

WIRED Threat Level

Videos featuring Elijah Wood, Mike Tyson, and Priscilla Presley have been edited to push anti-Ukraine disinformation, according to Microsoft researchers.

Security 116
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Feds Levy First-Ever HIPAA Fine for a Phishing Breach

Data Breach Today

Incident That Affected 35,000 Urgent Care Clinic Patients Results in $480K Fine Weeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.

Phishing 228
article thumbnail

New Krasue Linux RAT targets telecom companies in Thailand

Security Affairs

A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called Krasue has been employed in attacks aimed at telecom companies in Thailand. The Krasue Remote Access Trojan (RAT) has remained undetected since at least 2021 when it was registered on Virustotal.

Access 103
article thumbnail

Ransomware, Vendor Hacks Push Breach Number to Record High

Data Breach Today

Report: 2.6 Billion Personal Records Exposed in the Last 2 Years The number of data breaches in the U.S. has hit an all-time high, amid mounting attacks against third-party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher. Breaches have more than tripled between 2013 and 2022.

article thumbnail

Weekly Update 377

Troy Hunt

10 years later. 🤯 Seriously, how did this thing turn into this?! It was the humblest of beginning with absolutely no expectations of anything, and now it's, well, massive! I'm a bit lost for words if I'm honest, I hope the chat with Charlotte adds some candour to this week's update, she's seen this thing grow since before its first birthday, through the hardest times and the best times and now lives and breathes HIBP day in day out with me.

IT 103
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

UK and US Accuse Russian FSB of 'Hack and Leak' Operation

Data Breach Today

Both Governments Sanction 2 'Star Blizzard' Hackers; US Indicts Them The U.K. government accused Russia's domestic intelligence agency of running a yearslong campaign to interfere in British politics. U.S. federal prosecutors unsealed a criminal indictment against two FSB agents, accursing them of phishing campaigns against national security government employees.

Phishing 223
article thumbnail

Phishing-Resistant MFA Will Not Stop Phishing Attacks

KnowBe4

You would be hard-pressed to find an author and organization (KnowBe4) that has pushed the use of phishing-resistant multi-factor authentication (MFA) harder.

Phishing 102
article thumbnail

EU AI Act Talks Drag on Past Expected End Date

Data Breach Today

Trilogue Talks to Resume on Friday European lawmakers and officials failed to hammer out a compromise regulation on artificial intelligence after two days of talks that stretched over 22 hours and were intended to culminate in a Thursday settlement. The European Union has been at work on the Artificial Intelligence Act since 2021.

article thumbnail

‘World-First’ Agreement on AI Reached

Data Matters

Over one hundred representatives from across the globe convened in the UK on 1-2 November 2023 at the Global AI Safety Summit. The focus of the Summit was to discuss how best to manage the risks posed by the most recent advances in AI. However, it was the “Bletchley Declaration” –announced at the start of the Summit—which truly emphasized the significance governments are attributing to these issues.

Privacy 72
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Six ways AI can influence the future of customer service

IBM Big Data Hub

Organizations have always used some degree of technology to provide an excellent customer experience , but the future of customer service will demand even more advancements to meet customers’ growing expectations. There is no question that customer service is about to take a massive leap forward, thanks to emerging trends like artificial intelligence (AI).

article thumbnail

Generative AI generates tricky choices for managers via The Economist

IG Guru

Check out the article here (subscription required). The post Generative AI generates tricky choices for managers via The Economist first appeared on IG GURU.

article thumbnail

Celebrating World eDiscovery Day

eDiscovery Law

Today, we celebrate World e-Discovery Day, an annual industry-wide event for lawyers and legal professionals to highlight the critical role e-discovery plays in our legal system. Our e-Discovery Analysis & Technology Group is continuing a series of Q&A videos to mark the occasion.

article thumbnail

FAQ: Non-compliant Permanent Digitized Records

National Archives Records Express

Signpost in the yard of the Domeier Grocery Store, on South Minnesota Street in New Ulm, Minnesota National Archives Identifier: 558138 We are pleased to announce the release of Frequently Asked Questions (FAQ) about Non-Compliant Permanent Digitized Records. This FAQ supports the National Archives and Records Administration’s (NARA) regulation concerning digitization standards for permanent records ( 36 CFR 1236 Subpart E ).

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

From sails to sales: An interview with Senior Account Executive and Olympian Lucy Whitty

Collibra

Before Senior Account Executive Lucy Whitty started winning new customers alongside her Collibra team, she won a silver medal in Sailing for Australia at the 2012 Olympics in London. She says the lessons she learned while navigating to the highest level of her sport and representing Australia on the world stage continue to help her succeed today. Though her goal may have shifted from crossing finish lines to closing deals, her path to success has the same requirements: perseverance, resilience,

Sales 52
article thumbnail

Uncensored Library in Minecraft: Promoting Free Press

CILIP

Uncensored Library in Minecraft: Promoting Free Press Zakariya Gayle, Academic Support Librarian at UAL High Holborn made the switch from retail management to libraries, starting as a Casual Assistant in the public sector. This blog post was written after he attended Libraries Rewired. The Cilip Libraries Rewired Conference 2023 brought together me, Lisa Chadwick, Michale Michael Darko, and librarians and information professionals from all over.

article thumbnail

Embracing Innovation in the Aviation Industry

Jamf

Explore how Device Management Solutions significantly benefit deskless workers in the transportation sector, enhancing productivity and streamlining operations

52
article thumbnail

7 fixes for missing Slack notifications on MacOS

Collaboration 2.0

We explore the reasons Slack might not notify you, and how you can fix it.

IT 52
article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Protected: Infosource publishes the new long-range forecasts for the distributed document management scanner market

Info Source

This content is password protected.

article thumbnail

Investigación Digital y la Web: Explorando fuentes y métodos de investigación emergentes

Archive-It

Por el equipo ARCH, traducido por Rosario Rogel-Salazar ¿Qué es la investigación computacional crítica y cómo afianzarla en la comunidad académica? Estas fueron las preguntas guiaron la conversación en el panel titulado “Investigación Digital y la Web”, en el marco del Foro de la Federación de Bibliotecas Digitales de este año (DLF por sus siglas en inglés).

article thumbnail

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.