Wed.Apr 10, 2024

article thumbnail

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

Krebs on Security

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com , which until very recently rendered as fedex.com in tweets.

Phishing 321
article thumbnail

Half of UK Firms, Charities Failed to Report Cyber Incidents

Data Breach Today

Survey: SMBs, Charities Mostly Targeted With Phishing, Online Impersonation in 2023 Cybercriminals launched 7.78 million attacks against U.K. businesses and nearly 1 million against charity organizations, according to the latest U.K. government survey report. But fewer than half of those firms reported the incidents to authorities, something researchers say is a concerning trend.

Phishing 278
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to Stop Your Data From Being Used to Train AI

WIRED Threat Level

Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.

article thumbnail

Nearly 534,000 Affected in Data Theft at Managed Care Org

Data Breach Today

Wisconsin Nonprofit Says Attackers Also Tried to Encrypt Systems, But They Failed A Wisconsin nonprofit managed care organization is notifying nearly 534,000 individuals that their protected health information was copied and stolen in a recent attack by a "foreign ransomware gang" that also attempted - but failed - to encrypt the group's IT systems.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Fortinet fixed a critical remote code execution bug in FortiClientLinux

Security Affairs

Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux. Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux. The vulnerability is an Improper Control of Generation of Code (‘Code Injection’) issue that resides in FortiClientLinux.

Security 120

More Trending

article thumbnail

Group Health Cooperative data breach impacted 530,000 individuals

Security Affairs

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin. The organization disclosed a data breach after a ransomware attack, the incident impacted 533,809 individuals.

article thumbnail

Russia Tops Global Cybercrime Index, New Study Reveals

Data Breach Today

Russia, Ukraine, China and US All Top 'First-Ever World Cybercrime Index' A new study published by researchers from the universities of Oxford and New South Wales ranks Russia at the top of a global list of cybercrime hot spots and says Ukraine, China, the United States, Nigeria and Romania are home to a majority of global cybercriminal activity.

169
169
article thumbnail

Introducing Jamf Routines

Jamf

Jamf Routines — widely announced at Jamf’s Spring Event — is now available to Jamf Business and Enterprise Plan customers in the U.S. Read on to learn how Jamf Routines automates workflows, the templates that are available today and why we created it.

IT 105
article thumbnail

Should We Just Accept the Lies We Get From AI Chatbots?

Data Breach Today

NYC's New Chatbot, Hallucinating LLMs Just Can't Be Fixed, Says Linguistics Expert Employers can now fire an employee who complains about sexual harassment, take a cut of their workers' tips and serve customers cheese nibbled on by rats: at least according to advice doled out by New York City's AI chatbot meant to help small business owners navigate the city's bureaucratic maze.

169
169
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

In Memoriam: Ross Anderson, 1956-2024

Schneier on Security

Last week I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version.

article thumbnail

Cybercrime Group Uses Likely AI Script to Load Info Stealer

Data Breach Today

Proofpoint Spots Novel Threat Against German Organizations A financially motivated threat group used a script apparently coded by artificial intelligence to download an info stealer onto victim computers. The script, used to load the Rhadamanthys info stealer, contains "grammatically correct and hyper specific comments above each component of the script.

article thumbnail

Regulatory Update: National Association of Insurance Commissioners Spring 2024 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Spring 2024 National Meeting (Spring Meeting) March 15 through 18, 2024. This Sidley Update summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Spring Meeting. Highlights include proposed updates to the regulatory review process for affiliated investment management agreements, continued discussion of considerations related to private equity ownership of insurers, an

article thumbnail

Wiz Buys Startup Gem Security for $350M to Spot Cloud Issues

Data Breach Today

Buying CDR Startup Gem Will Help Wiz Address Needs of SecOps, Incident Responders Wiz bought a cloud detection and response startup founded by a longtime Israeli Military Intelligence leader to address security operations and incident response use cases. The deal will bring Wiz's chops in securing infrastructure and cloud environments together with Gem's expertise inside the SOC.

Cloud 161
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Security Affairs

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017.

article thumbnail

Cloud Computing - Gain Network-Level Control From Anywhere

Data Breach Today

Why Moving to the Cloud Is a Strategic Gain for Federal Agencies Cloud adoption is on the rise across the U.S. government, and there are many reasons why moving to the cloud is a strategic gain for federal agencies. Here are tips on how to leverage secure cloud computing to gain network-level control from anywhere.

Cloud 161
article thumbnail

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

AT&T confirmed that the data breach impacted 51 million former and current customers and is notifying them. AT&T revealed that the recently disclosed data breach impacts more than 51 million former and current customers and is notifying them. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

article thumbnail

The future of application delivery starts with modernization

IBM Big Data Hub

IDC estimates that 750 million cloud native will be built by 2025. Where and how these applications are deployed will impact time to market and value realization. The reality is that application landscapes are complex, and they challenge enterprises to maintain and modernize existing infrastructure, while delivering new cloud-native features. Three in four executives reported disparate systems in their organizations and that a lack of skills, resources and common operational practices challenge

Cloud 95
article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

PCI DSS 4.0: The Compliance Countdown – A Roadmap Through Phases 1 & 2

Thales Cloud Protection & Licensing

PCI DSS 4.0: The Compliance Countdown – A Roadmap Through Phases 1 & 2 madhav Thu, 04/11/2024 - 05:17 While compliance mandates can sometimes feel burdensome, PCI DSS 4.0 presents an opportunity to future-proof your payment card security. Its heightened focus on flexibility and risk-based controls empowers organizations to tailor security measures more closely to their individual needs.

article thumbnail

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Security Affairs

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017.

article thumbnail

Introducing Collibra Data Notebook

Collibra

We’re excited to announce a new addition to the Collibra platform: Collibra Data Notebook. This innovative capability is the result of our acquisition of Husprey and represents a significant step forward in empowering data citizens to work more efficiently and collaboratively within Collibra. In today’s data-driven landscape, organizations are grappling with increasing data volumes and the proliferation of siloed tools.

article thumbnail

NIST Unveils New Consortium to Operate National Vulnerability Database via Infosecurity Magazine

IG Guru

Check out the article here. The post NIST Unveils New Consortium to Operate National Vulnerability Database via Infosecurity Magazine first appeared on IG GURU.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

Ignite UI for jQuery Release Notes - April 2024: 23.1 and 23.2 Service Release

Enterprise Software Blog

With every release comes a set of release notes that reflects the state of resolved bugs and new additions from the previous release. You’ll find the notes useful to help determine the resolution of existing issues from a past release and as a means of determining where to test your applications when upgrading from one version to the next. Release notes are available in both PDF and Excel formats.

IT 52
article thumbnail

Cybersecurity in the Evolving Threat Landscape

Security Affairs

As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their assets and data. The battle between cybersecurity defenders and malicious actors rages on in the vast digital expanse of today’s interconnected world.

article thumbnail

Infragistics ASP.NET Release Notes - April 2024: 23.1 Service Release

Enterprise Software Blog

With every release comes a set of release notes that reflects the state of resolved bugs and new additions from the previous release. You’ll find the notes useful to help determine the resolution of existing issues from a past release and as a means of determining where to test your applications when upgrading from one version to the next. Release notes are available in both PDF and Excel formats.

IT 52
article thumbnail

Trump Loyalists Kill Vote on US Wiretap Program

WIRED Threat Level

An attempt to reauthorize Section 702, the so-called crown jewel of US spy powers, failed for a third time in the House of Representatives after former president Donald Trump criticized the law.

Privacy 90
article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.