Fri.Mar 29, 2024

article thumbnail

UK Nuclear Cleanup Site Faces Criminal Cybersecurity Charges

Data Breach Today

Probe Finds 'Largest and Most Hazardous Nuclear Site' Violated Security Laws Britain's nuclear power watchdog said it plans to prosecute the country's "largest and most hazardous nuclear site," Sellafield, for violating nuclear industry cybersecurity regulations from 2019 to 2023. Both Russian and Chinese nation-state hackers reportedly infiltrated the site's networks.

Cleanup 317
article thumbnail

Infostealers continue to pose threat to macOS users

Jamf

Jamf Threat Labs dissects ongoing infostealer attacks targeting macOS users. Each with different means of compromising victim’s Macs but with similar aims: to steal sensitive user data.

143
143
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Malware Flood Causes PyPI to Temporarily Halt New Accounts

Data Breach Today

Hackers Are Now Using Code Repositories as Malware Vectors Python code repository PyPI temporarily halted new user registration for a second time in three months following a surge in malware-ridden code mimicking legitimate software packages. PyPI is not the only code repository to recently be attacked by hackers.

289
289
article thumbnail

New Malware Loader Delivers Agent Tesla Remote Access Trojan Via Phishing

KnowBe4

A new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with malicious attachments.

Phishing 106
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

ISMG Editors: Apple's Antitrust Showdown With the Feds

Data Breach Today

Legal Expert Jonathan Armstrong Unpacks Issues in Big Tech, Ransomware, AI and More In the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI copyright infringement fears - highlighting the intricate legal issues shaping big tech and cybersecurity.

More Trending

article thumbnail

DHS Calls Political Campaigns 'Ripe Target' for Cyberattacks

Data Breach Today

Foreign Adversaries Increasingly See Campaigns as Prime for Hacking, Official Says The U.S. Department of Homeland Security's assistant secretary for cyber, infrastructure, risk and resilience is sounding the alarm over hackers targeting political campaigns ahead of the 2024 elections, warning that campaigns could be left vulnerable if they fail to practice basic cyber hygiene.

Risk 283
article thumbnail

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

KnowBe4

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.

Phishing 112
article thumbnail

Is It Generative AI's Fault, or Do We Blame Human Beings?

Data Breach Today

AI is on the way to embedding itself in our daily lives. CISO Sam Curry and his brother, CMO Red Curry, discuss what generative AI means for copyrights and plagiarism, the "AI bubble," and whether governing AI-derived speech will wind up limiting free speech.

IT 280
article thumbnail

Lessons from a Ransomware Attack against the British Library

Schneier on Security

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

Libraries 100
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

ShadowRay Attack Strikes AI Workloads

Data Breach Today

Thousands of AI Workloads Compromised Amid CVE Vulnerability Dispute An active attack campaign dubbed ShadowRay is targeting the widely used Ray open-source artificial intelligence scaling framework. It stems from a vulnerability that researchers say is a flaw but that Ray's developers say is a deliberate design choice.

article thumbnail

75% of Organizations Believe They Are at Risk of Careless or Negligent Employees

KnowBe4

New data shows organizations are well aware that their users are one of their greatest cybersecurity risks today, and yet aren’t taking the right steps to remediate the risk.

Risk 92
article thumbnail

Feds Warn of Credential Harvesting Threats in Healthcare

Data Breach Today

HHS Says Tried-and-True Hacker Methods Can Compromise Patient Data, Safety Federal regulators are sounding an alarm to warn healthcare sector entities of cyberattacks involving a tried-and-true hacking method - credential harvesting, which can be used to compromise patient data, disrupt healthcare operations and enable other crimes.

272
272
article thumbnail

Russian Federation-backed threat group APT29 Now Targeting German Political Parties

KnowBe4

New analysis of APT29’s (aka Cozy Bear) activities and their association with Russia’s Foreign Intelligence Service (SVR) has revealed suspected attempts to collect political intelligence.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Weekly Update 393

Troy Hunt

A serious but not sombre intro this week: I mentioned at the start of the vid that I had the classic visor hat on as I'd had a mole removed from my forehead during the week, along with another on the back of my hand. Here in Australia, we have one of the highest rates of skin cancer in the world with apparently about two-thirds of us being diagnosed with it before turning 70.

article thumbnail

Integrating AI into Asset Performance Management: It’s all about the data

IBM Big Data Hub

Imagine a future where artificial intelligence (AI) seamlessly collaborates with existing supply chain solutions, redefining how organizations manage their assets. If you’re currently using traditional AI, advanced analytics, and intelligent automation, aren’t you already getting deep insights into asset performance? Undoubtedly. But what if you could optimize even further?

article thumbnail

Your KnowBe4 Fresh Content Updates from March 2024

KnowBe4

Check out the 35 new pieces of training content added in March, alongside the always fresh content update highlights, events and new features.

article thumbnail

OpenText World Europe 2024 is coming to London

OpenText Information Management

OpenText World Europe 2024 is coming to London, UK on April 15, the first stop of our European tour. Join global thought leaders and regional experts for an unforgettable, event-packed day of experiences that demonstrate how AI can be a force multiplier for human potential. Hosted at the QEII Centre in London, this full-day, complimentary event gives you the singular opportunity to hear, see, and explore what’s new and next in AI-led information management.

IoT 72
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Create a lasting customer retention strategy

IBM Big Data Hub

Customer retention must be a top priority for leaders of any company wanting to remain competitive. An effective customer retention strategy should support the company to maintain a healthy stable of loyal customers and bring in new customers. Generating repeat business is critical: McKinsey’s report on customer acquisition states (link resides outside of ibm.com) that companies need to acquire three new customers to make up the business value of losing one existing customer.

article thumbnail

A guide to understanding Advanced Endpoint Protection

Jamf

Learn about Advanced Endpoint Protection, what it is and how its integrated features contribute to a defense-in-depth security strategy that strengthens device and organizational security postures.

article thumbnail

Navigating perpetual healthcare challenges with new thinking and innovation

CGI

Reflecting on my journey in the healthcare sector—from my years as a practitioner, through my tenures as U.S. Army Surgeon General and Secretary of Veterans Affairs, to my time in industry with CGI—I’m struck by the seismic shifts impacting public and private health systems and their stakeholders. Two decades ago, healthcare looked vastly different than it does today.

Access 52
article thumbnail

Free Expert Insights

IT Governance

At least once a week, we sit down with an expert from within the Group to get their insights on a technical topic or business area. Here are all our Q&As to date, grouped by broad topic: AI Cyber attacks and data breaches Cyber Essentials Cyber resilience Cyber security Data privacy DORA Incident response ISO 27001 PCI DSS PECR Security testing Training Miscellaneous To get new expert insights straight to your inbox, sign up to our weekly newsletter, the Security Spotlight.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

What Is Data Loss Prevention (DLP)? Definition & Best Practices

eSecurity Planet

Data loss prevention (DLP) refers to a set of security solutions that identify and monitor information content across storage, operations, and networks. DLP solutions help detect and prevent potential data exposure or leaks. They apply policies dynamically, manage business data rights, and automate data processes to effectively protect sensitive information.

article thumbnail

Db2 for z/OS Data Sets: If You're Worrying About Extents, You Can Probably Stop Worrying

Robert's Db2

Not long ago, a Db2 for z/OS DBA sent to me, via a colleague of mine, a question. He described in an email the procedure that his team regularly used to consolidate extents, when the number of these got into double digits for a Db2 table space-related data set, back down to one. He noted that this extent-consolidation procedure was more time-consuming and CPU-intensive than desired, and he wanted to know if I had any suggestions for making the procedure more efficient.

Mining 62
article thumbnail

In Full Bloom: Still Photographs of Cherry Blossoms

Unwritten Record

Original Caption: Cherry Blossoms at the Jefferson Memorial, Washington, DC. April 1975. (Local ID: 111-CC-96905) Original Caption: Cherry Blossoms at the Jefferson Memorial, Washington, DC. April 1975. (Local ID: 111-CC-96905) Original Caption: Cherry Blossoms at the Jefferson Memorial, Washington, DC. April 1975. (Local ID: 111-CC-96905) For more than a hundred years, we have celebrated cherry blossoms blooming along the Tidal Basin.

article thumbnail

NHS AI test spots tiny cancers missed by doctors via BBC

IG Guru

Check out the article here. The post NHS AI test spots tiny cancers missed by doctors via BBC first appeared on IG GURU.

74
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Empowering career growth amidst global challenges 

IBM Big Data Hub

Finding the right recipe for career growth can challenge global clients. At Conagra, a leading food manufacturer, prioritizing employee growth and career mobility became paramount, especially amidst the recent pandemic. The company recognized the need for a strong skills foundation, empowering its workforce to develop talents and explore new career opportunities within the organization.

article thumbnail

Revolutionizing healthcare: Navigating the opportunities and challenges of AI integration

CGI

Governments around the globe are issuing rules and frameworks for responsible artificial intelligence (AI) development and deployment. In the U.S., the landmark Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence underscores the imperative to ensure the safety and security of AI systems, emphasizing the importance of building trust in these technologies.

article thumbnail

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Security Affairs

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. The company published a document containing recommendations against password spray attacks aimed at Remote Access VPN (RAVPN) services.

Passwords 114