Fri.Sep 27, 2024

article thumbnail

How Today's Top CIOs Are Completing the Cloud Journey

Data Breach Today

Enterprise Browser: The Tool CIOs Never Knew They Were Lacking The enterprise browser is the tool CIOs never knew they were lacking - a seamless access method to the workloads, apps and data that moved to the cloud. It bakes in the needs of the enterprise. Learn why the enterprise browser is a strategic imperative to the success of your business.

Cloud 260
article thumbnail

NIST Recommends Some Common-Sense Password Rules

Schneier on Security

NIST’s second draft of its “ SP 800-63-4 “—its digital identify guidelines—finally contains some really good rules about passwords: The following requirements apply to passwords: lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.

Passwords 127
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Linux Distros Patching Printer Hijacking Flaw

Data Breach Today

Exploitation Requires Victim to Print On Rogue Printer Attackers can exploit a series of vulnerabilities in the OpenPrinting Common Unix Printing System utility to remotely execute arbitrary code on certain machines. Major Linux distributions reacted Friday by releasing patches. Exploitation requires a victim to attempt to print from a malicious device.

224
224
article thumbnail

Tesla’s Cybertruck Goes, Inevitably, to War

WIRED Threat Level

A handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?

Security 123
article thumbnail

The Tumultuous IT Landscape is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Beyond Phishing: AI's New Tricks for Cyberattacks

Data Breach Today

Paramount's Surinder Lall on AI Impersonation, Deepfakes, AI Governance Frameworks While AI transforms business operations, it helps cybercriminals develop sophisticated impersonation techniques such as deepfakes and voice synthesis, posing new challenges for corporate security, said Surinder Lall, senior vice president of global information security risk management at Paramount.

Phishing 171

More Trending

article thumbnail

Meta Fined 91 Million Euros By The Irish DPC

Data Breach Today

Fine Is For 2019 Disclosure That Meta Stored User Passwords In Plaintext The Irish data regulator fined social media giant Meta 91 million euros after an investigation found the company insecurely stored passwords of millions of European Facebook and Instagram users. A Meta spokesperson said the company identified the problem in 2019 and took "immediate action.

Passwords 165
article thumbnail

U.S. Department of Commerce Issues Proposed Rule on ICTS Supply Chain for Connected Vehicles

Data Matters

On September 26, 2024, the U.S. Department of Commerce Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) published a long-awaited rule proposing to ban certain connected vehicles transactions involving hardware and software linked to the People’s Republic of China (China) and Russia. BIS also proposed extensive compliance obligations for importers and manufacturers of connected vehicles and related components, which come as the automot

article thumbnail

UK CMA Clears Amazon, Anthropic Partnership

Data Breach Today

The U.K. antitrust regulator called off an investigation into the March $4 billion deal between Amazon and artificial intelligence firm Anthropic. "Amazon’s partnership with Anthropic does not qualify for investigation under the merger provisions of the Enterprise Act 2002," the regulator said.

article thumbnail

CUPS flaws allow remote code execution on Linux systems under certain conditions

Security Affairs

A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli ( @evilsocket ) disclosed technical details of an unpatched vulnerability impacting Linux systems. On September 23, Margaritelli announced plans to disclose an unauthenticated remote code execution (RCE) vulnerability affecting all GNU/Linux systems within two weeks.

Access 99
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Tech Orgs Urge Targeted AI Regulations to Foster Innovation

Data Breach Today

Coalition of Leading Institutions Push for Policymakers to Develop Focused AI Rules A group of leading organizations across industries and technology giants is calling on lawmakers in the United States to develop focused regulations around artificial intelligence that limit the risks associated with emerging technologies while allowing innovation to flourish.

article thumbnail

A cyberattack on Kuwait Health Ministry impacted hospitals in the country

Security Affairs

The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyberattack that took systems at several of the country’s hospitals offline. The cyber attack also impacted the Ministry of Health website, which is still offline, and Kuwait’s Sahel healthcare app. “Kuwaiti Health Ministry announced on Wednesday that many essential features are back and running after a

article thumbnail

Healthcare Cyber Bill Calls for 'Corporate Accountability'

Data Breach Today

Senate Bill Would Mean Cyber Funding for Hospitals, Prison Time for Lying CEOs Two U.S. senators are proposing stricter cyber mandates for the healthcare sector. The bill provides funding to help hospitals adopt enhanced requirements, but lifts HIPAA enforcement fine caps and threatens executives with prison time for falsely attesting their organizations' compliance in audits.

article thumbnail

Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

Security Affairs

UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on public Wi-Fi networks at the country’s biggest railway stations. Following the ‘cyber-security incident,’ passengers trying to log onto the Wi-Fi at several stations on Wednesday evening were displayed a page with the message “We love you, Europe,” followed by an anti-Islam message listing a serie

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

From Tetris to Minecraft: The Evolution of Security Awareness into Human Risk Management

KnowBe4

Once upon a time, security awareness training resembled a never-ending game of Tetris. Threats cascaded down, demanding swift action and strategy, only to speed up until we inevitably faltered.

article thumbnail

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Security Affairs

The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, and indicted a Russian national for allegedly facilitating cybercriminal activities and money laundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. “The Justice Department today announced actions coordinated with the Departm

article thumbnail

A guide to building a successful data governance program

Collibra

A successful data governance program must align with the business’ strategic goals and have the ability to operationalize processes, people and technology to deliver outcomes. A repeatable operational process is important to help the program continuously improve with each iteration. Why keep reinventing the wheel and repeating the same mistakes when one can make the wheel better and bigger, ensuring trusted data that allows the business to innovate?

article thumbnail

Google shuts down WearOS update that was soft-bricking Pixel watches

Collaboration 2.0

Most users were able to install Wear OS 5 successfully, but an unlucky few ended up with blank screens after attempting to update.

98
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Louis Coiffait-Gunn: 100 days at CILIP

CILIP

100 days at CILIP – Louise Coiffait-Gunn shares his thoughts CILIP Chief Executive Louis Coiffait-Gunn looks back on his first one hundred days, revealing highlights from a busy schedule that has already taken in conferences, awards, and a general election. From ‘first impressions’ to ‘what next’, Louis shares his thoughts on CILIP and asks YOU to let us know your thoughts on what we should be focusing on.

article thumbnail

Your KnowBe4 Fresh Content Updates from September 2024

KnowBe4

Check out the 40 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.

article thumbnail

Have a Windows 10 PC that can't be upgraded? You have 5 options before support ends next year

Collaboration 2.0

Microsoft will officially end support for its most popular operating system in 2025. Here's what you should do with your Windows 10 PCs that fail Microsoft's Windows 11 compatibility tests before that day arrives.

IT 76
article thumbnail

Cross-Sector Partnership puts Libraries at the nexus of health and digital literacy

CILIP

Cross-Sector Partnership puts Libraries at the nexus of health and digital literacy CILIP facilitated communication and collaboration in the Health and Digital literacy partnership that brought together NHS England, Arts Council England, and Libraries Connected. The Health and Digital Literacy Partnership launched with two cohorts of pilot projects that explored different approaches to improving health and digital literacy.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Google's hidden AI tool turns your text into stunningly lifelike podcasts - for free. Listen for yourself

Collaboration 2.0

I've been studying AI for years, and Google's new AI podcast tool still astonishes me. Seriously, you have to hear this to believe it. But humans will beat the machines in the end. Here's why.

IT 76
article thumbnail

Squid Fishing in Japan

Schneier on Security

Fishermen are catching more squid as other fish are depleted. Blog moderation policy.

92
article thumbnail

Listen: Google's hidden AI tool turns your text into stunningly lifelike podcasts - for free

Collaboration 2.0

I've been studying AI for years, and Google's new AI podcast tool still astonishes me. Seriously, you have to hear this to believe it. But humans will beat the machines in the end. Here's why.

IT 76
article thumbnail

2024 threat hunter perspectives: Key insights from OpenText’s latest report

OpenText Information Management

In today’s evolving threat landscape, cyber defenders are constantly adapting to new adversarial tactics and emerging vulnerabilities. The latest 2024 Threat Hunter Perspective from OpenText sheds light on the most pressing threats, nation-state activities, and security recommendations enterprises must consider in the months ahead. Here are the key findings and expert insights to help you stay ahead of the curve.

article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Worried about that critical RCE Linux bug? Here's why you can relax

Collaboration 2.0

Yes, there are security holes in OpenPrinting CUPS, which Linux, Chrome OS, MacOS, and some Unix systems use for printing, but it's not that bad. Here's how to check if you're at risk.

Risk 75
article thumbnail

Green Libraries Week – not long to go!

CILIP

Green Libraries Week – not long to go! Libraries from all sectors will be taking part in Green Libraries Week 2024, from National Libraries to university libraries to the high street, green activities, education and literacy events will be happening near you. Green Libraries Week is running from 7 to 13 October this year and the Green Libraries Partnership is working with libraries across the UK to encourage users of all ages to be a part of the campaign theme of ‘Every library a green library’

article thumbnail

One of the best QLED TVs I've tested isn't from Samsung or LG, and it's on sale

Collaboration 2.0

The TCL QM8 delivers excellent picture quality, great sound, and a dedicated picture mode for console gamers at a price that's not going to break the bank. And right now at Best Buy, you can save $300 on the 65-inch model.

Sales 75