Mon.Nov 20, 2023

article thumbnail

Known MOVEit Attack Victim Count Reaches 2,618 Organizations

Data Breach Today

77 Million Individuals' Information Exposed, as More Victims Continue to Be Counted Trackers of the tally of individuals affected by the Clop ransomware group's mass hack attack on MOVEit servers added another 4.5 million patients' data to the ever-ascending total. The incident currently affects more than 2,600 organizations and 77 million individuals.

article thumbnail

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records

WIRED Threat Level

A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime.

Access 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Snags OpenAI's Sam Altman to Lead AI Research Team

Data Breach Today

OpenAI Board Thwarts Altman's Return, Names Ex-Twitch Boss Emmett Shear Interim CEO OpenAI co-founders Sam Altman and Greg Brockman will lead a new advanced AI research team at Microsoft after OpenAI's board decided not to bring them back, Satya Nadella said. The nonprofit behind ChatGPT opted instead to name longtime Twitch CEO Emmett Shear as its new interim leader Sunday night.

IT 286
article thumbnail

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. “DarkCasino is an APT threat actor with strong technical and learning ability, who is g

Phishing 134
article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

OpenAI CEO Emmett Shear Tries to Right Ship Amid Mass Exodus

Data Breach Today

Nearly All OpenAI Employees Threaten to Quit Unless Board That Fired Altman Resigns Emmett Shear's first move as OpenAI's third CEO in three days has been damage control with the AI firm's workers planning a mass exodus over the firing of CEO Sam Altman. But the course correction may be too little, too late as 95% of the staff is demanding that the board that fired Altman resigns.

271
271

More Trending

article thumbnail

ONCD Temporarily Fills Critical Vacant Federal Cyber Role

Data Breach Today

Drenan Dudley Appointed to Serve as Acting National Cyber Director Drenan Dudley, who previously served as deputy national cyber director for strategy and budget at the Office of the National Cyber Director, will temporarily lead the agency while the White House nominee to serve in a permanent capacity awaits a vote in the Senate.

270
270
article thumbnail

US teenager pleads guilty to his role in credential stuffing attack on a betting site

Security Affairs

US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website. US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential stuffing campaign that targeted user accounts at a fantasy sports and betting website.3 On or about November 18, 2022, the man launched a credential stuffing attack on the Betting Website and gained access to approximately 60,000 accounts.

Passwords 108
article thumbnail

NY State Eyes New Cyber Regs for Hospitals; $500M Price Tag

Data Breach Today

Proposals Require a CISO, Strong Cyber Controls, 2-Hour Incident Reporting Window New York State will soon seek public comment on sweeping new cybersecurity regulations for hospitals. The proposed rules would come with $500 million in requested funding to help the providers step up their security investments to comply with the new requirements.

article thumbnail

Amid Military Buildup, China Deploys Mustang Panda in the Philippines

Dark Reading

China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.

Military 144
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

Russia Uses Upgraded USB Worm for Espionage Against Kyiv

Data Breach Today

'LitterDrifter' Worm Is Designed to Support Large-Scale Collection Operation A hacking group linked to Russian domestic intelligence and known as Gamaredon is deploying a worm dubbed "LitterDrifter" that is spread through thumb drives to attack Ukrainian organizations. LitterDrifter has two functions: automatic propagation and communication with command-and-control servers.

article thumbnail

Using Generative AI for Surveillance

Schneier on Security

Generative AI is going to be a powerful tool for data analysis and summarization. Here’s an example of it being used for sentiment analysis. My guess is that it isn’t very good yet, but that it will get better.

IT 101
article thumbnail

Hospital Pays Fine for Disclosing Patient PHI to Reporter

Data Breach Today

HHS HIPAA Settlement With Yonkers, NY Facility Also Includes Corrective Action Federal regulators have smacked a New York medical center with an $80,000 penalty as part of a settlement for a HIPAA privacy breach involving the information of three patients that was exposed to a reporter and distributed nationally during press coverage in the early days of the COVID-19 pandemic.

Privacy 239
article thumbnail

Malware Uses Trigonometry to Track Mouse Strokes

Dark Reading

The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected.

116
116
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

How to build a successful talent management strategy

IBM Big Data Hub

Advanced organizations know their greatest assets are their employees. However, keeping employees happy and engaged can be challenging, especially when considering available resources and the need to meet other organizational goals. An organization is only as strong as its talent pool, so organizations have increasingly embraced talent management as a core component of their overarching strategy.

article thumbnail

How the Evolving Role of the CISO Impacts Cybersecurity Startups

Dark Reading

CISOs and vendors must work together to keep up with emerging threats and find solutions, says a group of CISOs and security entrepreneurs.

article thumbnail

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

KnowBe4

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities.

article thumbnail

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity sparsh Tue, 11/21/2023 - 05:01 As global consumers gear up for the much-anticipated shopping bonanza that is Black Friday and Cyber Weekend, retailers brace themselves for the frenzied onslaught of shoppers and the deluge of cyber threats lurking in the shadows.

Retail 83
article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

With Expected Increases of Holiday Sales Comes Similar Expectations of More Cyber Scams

KnowBe4

If increases in cyberattacks this year are any indication of what to expect in the next six weeks of holiday shopping, we should expect a massive uptick in holiday-related scams.

Sales 88
article thumbnail

CISA Launches Pilot Program to Address Critical Infrastructure Threats

Dark Reading

CISA expects to extend this program to include up to 100 critical infrastructure entities in its first year.

IT 115
article thumbnail

Business leaders highlight the need for a hybrid cloud approach to unlock the power of generative AI

IBM Big Data Hub

In 2023, organizations have faced an unprecedented level of pressure to digitally transform with the rise of generative AI as well as imperatives such as sustainability, labor productivity and security. The “ Cloud Transformation Report ,” a new global survey from the IBM Institute for Business Value (IBV), found that many leading enterprises share a common foundation to digital transformation—a clear hybrid cloud strategy.¹ These businesses cite several key benefits to us

Cloud 86
article thumbnail

What Healthcare Cybersecurity Leaders Should Know About the FDA's Section 524B Guidelines

Dark Reading

New cybersecurity regulations from the FDA outline specific steps that medical device companies must take in order to get their devices approved for market.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

The Tenth Edition of Lexology In-Depth: Privacy, Data Protection and Cybersecurity (formerly The Privacy, Data Protection and Cybersecurity Law Review) is now available

Data Matters

The tenth edition of Lexology In-Depth: Privacy, Data Protection and Cybersecurity (formerly The Privacy, Data Protection and Cybersecurity Law Review) provides a global overview of the evolving legal and regulatory regimes governing data privacy and security, at a time when both privacy and security are increasingly challenged by the fast-paced development of technologies such as large language models, generative AI, and self-teaching/self-replicating applications.

Privacy 97
article thumbnail

Saudi Arabia Arms Public Sector With Google Cloud Services

Dark Reading

Chronicle CyberShield will be offered as a managed service with security monitoring and Mandiant incident response included.

Cloud 97
article thumbnail

EDPB Publishes Guidelines to Clarify Scope of EU “Cookie” Notice and Consent Requirements

Hunton Privacy

On November 16, 2023, the European Data Protection Board (“EDPB”) published its Guidelines 2/2023 on the Technical Scope of Art. 5(3) of the ePrivacy Directive (the “Guidelines”). Article 5(3) of the ePrivacy Directive is most commonly known for establishing the cookie notice and cookie consent requirements in the EU. That said, Article 5(3) of the ePrivacy Directive applies to more than just cookies.

article thumbnail

GenAI Requires New, Intelligent Defenses

Dark Reading

Understanding the risks of generative AI and the specific defenses to build to mitigate those risks is vital for effective business and public use of GenAI.

Risk 81
article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

NHS data platform may be undermined by lack of public trust, warn campaigners

The Guardian Data Protection

Patients cannot opt out of personal medical records being shared, albeit anonymised, between NHS bodies The NHS’s new data platform could be derailed by a lack of public trust because patients are being denied the chance to opt out of it sharing their personal medical records, campaigners claim. NHS England will announce on Tuesday that it is handing the £480m contract to operate the new software to the US spy tech firm Palantir , sparking a backlash over privacy and its “murky” past.

Privacy 74
article thumbnail

Leveraging Sandbox and Threat Intelligence Feeds to Combat Cyber Threats

Dark Reading

Combining a malware sandbox with threat intelligence feeds improves security detection, analysis, and response capabilities.

article thumbnail

IBM Named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management

IBM Big Data Hub

We are thrilled to share that IBM is named a Leader in the most recent Gartner® Magic Quadrant™ for Access Management. IBM is recognized for its Ability to Execute and Completeness of Vision. As a team, we’ve been working hard to deliver on a roadmap of identity and access management capabilities that we believe solve the biggest challenges organizations are facing when it comes to managing identities in today’s dispersed, hybrid cloud environments.

Access 67