Thu.Dec 07, 2023

article thumbnail

Joe Sullivan Tells Black Hat Europe: 'Choose Your Own Destiny'

Data Breach Today

Convicted Former Uber CSO Shares Lessons Learned From Government's Case Against Him Cybersecurity professionals must choose their own destiny, former CSO Joe Sullivan said at this week's Black Hat Europe in London. CISOs will either remain down in the weeds, technically speaking, or learn to become true senior executives and be treated as such by the board.

article thumbnail

End-to-End Encrypted Instagram and Messenger Chats: Why It Took Meta 7 Years

WIRED Threat Level

Mark Zuckerberg personally promised that the privacy feature would launch by default on Messenger and Instagram chat. WIRED goes behind the scenes of the company’s colossal effort to get it right.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cryptohack Roundup: Bitzlato Boss Admits to Laundering Money

Data Breach Today

Also: Judge Accepts Changpeng Zhao Guilty Plea; November's 'Damaging' Hack Numbers This week, a Bitzlato co-founder pleaded guilty to money laundering charges, a federal judge accepted ex-Binance chief's guilty plea, thieves stole $363M in crypto this November, KyberSwap looks to compensate hack victims, Platypus hackers walked free, and Velodrome and Aerodrome were hacked again.

312
312
article thumbnail

Spying through Push Notifications

Schneier on Security

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy on them—either for their own reasons or in response to government demands. Sen. Wyden is trying to get to the bottom of this : In a statement, Apple said that Wyden’s letter gave them the opening they needed to share more details with the public about how governments monitored push notifications. “In this case, the fed

Metadata 119
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Lessons in Threat Detection for Insider Threats

Data Breach Today

The Risk of Insider Threats Is Growing, But So Are Methods to Detect Them Whether because they're malicious, oblivious to company rules or outsmarted by hackers, insiders pose a mounting degree of risk to companies. Hunting for outside hackers offers lessons in preventing insider incidents, said Thomas Etheridge, CrowdStrike chief global professional services officer.

Risk 306

More Trending

article thumbnail

Feds Levy First-Ever HIPAA Fine for a Phishing Breach

Data Breach Today

Incident That Affected 35,000 Urgent Care Clinic Patients Results in $480K Fine Weeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.

Phishing 298
article thumbnail

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

Russia-linked group APT28 exploited Microsoft Outlook zero-day to target European NATO members, including a NATO Rapid Deployable Corps. Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members.

Military 110
article thumbnail

Microsoft CISO, Deputy CISO Reassigned in Management Shakeup

Data Breach Today

Former Bridgewater CTO Igor Tsyganskiy Named CISO in Wake of Chinese Email Hack Microsoft has demoted its CISO after 14 years on the job, reassigned its deputy CISO and named Igor Tsyganskiy - a former CTO at Bridgewater Associates who just joined Microsoft four months ago as chief strategy officer - as its new chief information security officer.

article thumbnail

Phishing-Resistant MFA Will Not Stop Phishing Attacks

KnowBe4

You would be hard-pressed to find an author and organization (KnowBe4) that has pushed the use of phishing-resistant multi-factor authentication (MFA) harder.

Phishing 114
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The Joint Commission Unveils New Data Privacy Certification

Data Breach Today

Program Addresses Secondary Use of Patient Data by Third Parties for AI Initiatives The Joint Commission is kicking off a new voluntary certification program for hospitals' "responsible use" of health data. The effort aims to help address growing privacy concerns over the secondary use of patient data by third parties for artificial intelligence initiatives and other activities.

article thumbnail

New Krasue Linux RAT targets telecom companies in Thailand

Security Affairs

A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called Krasue has been employed in attacks aimed at telecom companies in Thailand. The Krasue Remote Access Trojan (RAT) has remained undetected since at least 2021 when it was registered on Virustotal.

Access 105
article thumbnail

Ransomware, Vendor Hacks Push Breach Number to Record High

Data Breach Today

Report: 2.6 Billion Personal Records Exposed in the Last 2 Years The number of data breaches in the U.S. has hit an all-time high, amid mounting attacks against third-party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher. Breaches have more than tripled between 2013 and 2022.

article thumbnail

Weekly Update 377

Troy Hunt

10 years later. 🤯 Seriously, how did this thing turn into this?! It was the humblest of beginning with absolutely no expectations of anything, and now it's, well, massive! I'm a bit lost for words if I'm honest, I hope the chat with Charlotte adds some candour to this week's update, she's seen this thing grow since before its first birthday, through the hardest times and the best times and now lives and breathes HIBP day in day out with me.

IT 98
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

UK and US Accuse Russian FSB of 'Hack and Leak' Operation

Data Breach Today

Both Governments Sanction 2 'Star Blizzard' Hackers; US Indicts Them The U.K. government accused Russia's domestic intelligence agency of running a yearslong campaign to interfere in British politics. U.S. federal prosecutors unsealed a criminal indictment against two FSB agents, accursing them of phishing campaigns against national security government employees.

Phishing 292
article thumbnail

Elijah Wood and Mike Tyson Cameo Videos Were Used in a Russian Disinformation Campaign

WIRED Threat Level

Videos featuring Elijah Wood, Mike Tyson, and Priscilla Presley have been edited to push anti-Ukraine disinformation, according to Microsoft researchers.

Security 105
article thumbnail

EU AI Act Talks Drag on Past Expected End Date

Data Breach Today

Trilogue Talks to Resume on Friday European lawmakers and officials failed to hammer out a compromise regulation on artificial intelligence after two days of talks that stretched over 22 hours and were intended to culminate in a Thursday settlement. The European Union has been at work on the Artificial Intelligence Act since 2021.

article thumbnail

UK and US expose Russia Callisto Group’s activity and sanction members

Security Affairs

The UK NCSC and Microsoft warned that Russia-linked threat actor Callisto Group is targeting organizations worldwide. The UK National Cyber Security Centre (NCSC) and Microsoft reported that the Russia-linked APT group Callisto Group is targeting organizations worldwide. The nation-state actor is carrying out spear-phishing attacks for cyberespionage purposes.

article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Six ways AI can influence the future of customer service

IBM Big Data Hub

Organizations have always used some degree of technology to provide an excellent customer experience , but the future of customer service will demand even more advancements to meet customers’ growing expectations. There is no question that customer service is about to take a massive leap forward, thanks to emerging trends like artificial intelligence (AI).

article thumbnail

‘World-First’ Agreement on AI Reached

Data Matters

Over one hundred representatives from across the globe convened in the UK on 1-2 November 2023 at the Global AI Safety Summit. The focus of the Summit was to discuss how best to manage the risks posed by the most recent advances in AI. However, it was the “Bletchley Declaration” –announced at the start of the Summit—which truly emphasized the significance governments are attributing to these issues.

Privacy 74
article thumbnail

Generative AI generates tricky choices for managers via The Economist

IG Guru

Check out the article here (subscription required). The post Generative AI generates tricky choices for managers via The Economist first appeared on IG GURU.

article thumbnail

Celebrating World eDiscovery Day

eDiscovery Law

Today, we celebrate World e-Discovery Day, an annual industry-wide event for lawyers and legal professionals to highlight the critical role e-discovery plays in our legal system. Our e-Discovery Analysis & Technology Group is continuing a series of Q&A videos to mark the occasion.

article thumbnail

A Tale of Two Case Studies: Using LLMs in Production

Speaker: Tony Karrer, Ryan Barker, Grant Wiles, Zach Asman, & Mark Pace

Join our exclusive webinar with top industry visionaries, where we'll explore the latest innovations in Artificial Intelligence and the incredible potential of LLMs. We'll walk through two compelling case studies that showcase how AI is reimagining industries and revolutionizing the way we interact with technology. Some takeaways include: How to test and evaluate results 📊 Why confidence scoring matters 🔐 How to assess cost and quality 🤖 Cross-platform cost vs. quality tr

article thumbnail

FAQ: Non-compliant Permanent Digitized Records

National Archives Records Express

Signpost in the yard of the Domeier Grocery Store, on South Minnesota Street in New Ulm, Minnesota National Archives Identifier: 558138 We are pleased to announce the release of Frequently Asked Questions (FAQ) about Non-Compliant Permanent Digitized Records. This FAQ supports the National Archives and Records Administration’s (NARA) regulation concerning digitization standards for permanent records ( 36 CFR 1236 Subpart E ).

article thumbnail

From sails to sales: An interview with Senior Account Executive and Olympian Lucy Whitty

Collibra

Before Senior Account Executive Lucy Whitty started winning new customers alongside her Collibra team, she won a silver medal in Sailing for Australia at the 2012 Olympics in London. She says the lessons she learned while navigating to the highest level of her sport and representing Australia on the world stage continue to help her succeed today. Though her goal may have shifted from crossing finish lines to closing deals, her path to success has the same requirements: perseverance, resilience,

Sales 52
article thumbnail

Uncensored Library in Minecraft: Promoting Free Press

CILIP

Uncensored Library in Minecraft: Promoting Free Press Zakariya Gayle, Academic Support Librarian at UAL High Holborn made the switch from retail management to libraries, starting as a Casual Assistant in the public sector. This blog post was written after he attended Libraries Rewired. The Cilip Libraries Rewired Conference 2023 brought together me, Lisa Chadwick, Michale Michael Darko, and librarians and information professionals from all over.

article thumbnail

Embracing Innovation in the Aviation Industry

Jamf

Explore how Device Management Solutions significantly benefit deskless workers in the transportation sector, enhancing productivity and streamlining operations

52
article thumbnail

Monetizing Analytics Features

Think your customers will pay more for data visualizations in your application? Five years ago, they may have. But today, dashboards and visualizations have become table stakes. Turning analytics into a source of revenue means integrating advanced features in unique, hard-to-steal ways. Download this white paper to discover which features will differentiate your application and maximize the ROI of your analytics.

article thumbnail

Protected: Infosource publishes the new long-range forecasts for the distributed document management scanner market

Info Source

This content is password protected.

article thumbnail

Investigación Digital y la Web: Explorando fuentes y métodos de investigación emergentes

Archive-It

Por el equipo ARCH, traducido por Rosario Rogel-Salazar ¿Qué es la investigación computacional crítica y cómo afianzarla en la comunidad académica? Estas fueron las preguntas guiaron la conversación en el panel titulado “Investigación Digital y la Web”, en el marco del Foro de la Federación de Bibliotecas Digitales de este año (DLF por sus siglas en inglés).

article thumbnail

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.