Security Affairs

JUNE 13, 2024

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS and other products, including some code execution flaws. The company states that multiple stack-based buffer overflow vulnerabilities in the command line interpreter of FortiOS [CWE-121], collectively tracked as CVE-2024-23110 (CVSS score of 7.4), can be exploited by an authenticated attacker to achieve

Authentication 354

Authentication Security Access Information Security 354

Data Breach Today

JUNE 13, 2024

Also: Ukraine Arrests Alleged Ransomware Developer; Patches Galore; and Burnout This week, feds counted cyber incidents; Ukraine made arrest; BlackBasta seemed to exploit flaw; 51 flaws in Patch Tuesday; SolarWinds, JetBrains patched flaws; Alan Turning Institute debunked paper on AI; Santander wants password changes; Christie's spoke of data breach and cyber pros face burnout.

Data breaches 304

Data breaches Paper Passwords Ransomware 304

Security Affairs

JUNE 13, 2024

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. “There are indications that CVE-2024-32896 may be under limited, targeted exploitation.” reads the advisory.

Security 311

Security IT Information Security 311

Data Breach Today

JUNE 13, 2024

It's critical for CISOs to study what went wrong in major ransomware IT disruptions and breaches hitting the healthcare sector and to look closely within their own organizations for similar gaps or vulnerabilities, said Michael Prakhye, CISO of Adventist HealthCare.

Ransomware 298

Ransomware IT 298

Speaker: Dr. Christine Gall, DrPH, MS, BSN, RN

The promise of virtual care is no longer theoretical and is now a critical solution to many of healthcare’s most urgent challenges. Yet many healthcare leaders remain unsure how to build a business case for investment and launching the right program at the right time can be the difference between value and failure. For organizations seeking a financially sound, clinically effective entry point, Virtual Patient Observation (VPO) offers a compelling case to lead with.

The Last Watchdog

JUNE 13, 2024

Confidence in the privacy and security of hyper-connected digital services is an obvious must have. Related: NIST’s quantum-resistant crypto Yet, Digital Trust today is not anywhere near the level it needs to be. At RSAC 2024 I had a wide-ranging conversation with DigiCert CEO Amit Sinha all about why Digital Trust has proven to be so elusive.

IT 162

IT Encryption Authentication Communications 162

KnowBe4

JUNE 13, 2024

A new phishing- as-a-service toolkit that leverages credential interception and anti-detection capabilities has put EU banks at severe risk of fraud.

Phishing 122

Phishing Risk 122

Data Breach Today

JUNE 13, 2024

Brad Smith Says the Tech Giant 'Accepts Responsibility' for Cyber Breaches Microsoft President Brad Smith testified Thursday to the House Homeland Security Committee that the tech giant "accepts responsibility" for a series of security failures identified in a federal report following multiple high-profile cyberattacks targeting government agencies and major organizations.

Security 189

Security Government 189

KnowBe4

JUNE 13, 2024

My hacker story occurred not too long ago at the Hong Kong office of an undisclosed multinational corporation. The hackers pulled off a first-of-its-kind scam that leveraged a phishing email as the initial attack vector followed by a deepfake video call.

Phishing 117

Phishing IT 117

Data Breach Today

JUNE 13, 2024

Also: Personal Data Theft From OKX; Terraform-SEC Settlement Terms This week, the Norwegian government froze funds from the Ronin hack, a hacker stole personal data of OKX users, Terraform Labs' SEC released settlement terms, "Ethereum's most secure wallet" was breached, Orbit Chain spoke about its hacked funds and scammers exploited AI hype.

Personal data 173

Personal data Government Security IT 173

Speaker: Lee Andrews, Founder at LJA New Media & Tony Karrer, Founder and CTO at Aggregage

This session will walk you through how one CEO used generative AI, workflow automation, and sales personalization to transform an entire security company—then built the Zero to Strategy framework that other mid-market leaders are now using to unlock 3.5x ROI. As a business executive, you’ll learn how to assess AI opportunities in your business, drive adoption across teams, and overcome internal resource constraints—without hiring a single data scientist.

Marketing

Lenny Zeltser

JUNE 13, 2024

Creating an informative and readable report is among the many challenges of responding to cybersecurity incidents. A good report not only answers its reader's questions but also instills confidence in the response and enables the organization to learn from the incident. This blog highlights my advice on writing such incident reports. It's based on the presentation I delivered at the RSA Conference , which offers more details and is available to you on YouTube.

Cybersecurity 110

Cybersecurity Communications IT Security 110

Data Breach Today

JUNE 13, 2024

Acquiring Hubble Means NetSPI Can Now Manage External and Internal Attack Surfaces NetSPI acquired startup Hubble to bolster its attack surface management capabilities, promising a consolidated offering for both internal and external visibility within four months. The transaction aims to drive significant cross-selling opportunities and operational efficiencies.

IT 173

IT 173

Jamf

JUNE 13, 2024

At WWDC 2024, Apple unveiled a suite of updates across its platforms. This year, Apple re-iterated its focus on privacy, user experience and seamless integration within its ecosystem. Apple also introduced Apple Intelligence, which will deliver major enhancements across all platforms.

IT 81

IT Security Privacy 81

Data Breach Today

JUNE 13, 2024

Researchers Infiltrate Major Organizations Using Fake Extension Cybersecurity researchers say an experiment in developing a fake, malicious extension for Microsoft's Visual Studio Code, the world's most popular integrated development environment, succeeded beyond their wildest expectations. VSCode doesn't manage permissions or visibility, the researchers said.

Cybersecurity 173

Cybersecurity 173

Speaker: Alex Salazar, CEO & Co-Founder @ Arcade | Nate Barbettini, Founding Engineer @ Arcade | Tony Karrer, Founder & CTO @ Aggregage

There’s a lot of noise surrounding the ability of AI agents to connect to your tools, systems and data. But building an AI application into a reliable, secure workflow agent isn’t as simple as plugging in an API. As an engineering leader, it can be challenging to make sense of this evolving landscape, but agent tooling provides such high value that it’s critical we figure out how to move forward.

Security

CILIP

JUNE 13, 2024

CILIP response to the Labour Party Manifesto Image of Houses of Parliament via Flickr, by Wally Gobetz There are some positive proposals from the Labour Party manifesto. It recognises the importance of knowledge and information as key components for the nation's future economic prosperity. A National Data Library could ensure public services are built on the latest data and high-quality research, delivering world-leading innovation in a way that makes the most of public funding.

Libraries 78

Libraries Education Communications Access 78

Data Breach Today

JUNE 13, 2024

Department Is Asking for Information About How AI Is Used in Financial Products The financial services industry is no stranger to artificial intelligence - leading the sector's U.S. regulator to pose questions such as whether institutions can explain AI outcomes and the technology's role in risk management and internal operations.

Risk 173

Risk Artificial Intelligence Financial Services 173

CILIP

JUNE 13, 2024

CILIP response to the Green Party Manifesto Image of Victoria Tower via UK Parliament Flickr CILIP welcomes the Green Party manifesto's focus on funding libraries and other cultural organisations with an additional £5bn. We agree that arts, culture and sports are central to people’s enjoyment of life, to their mental and physical wellbeing, and to thriving communities.

Libraries 70

Libraries Communications 70

Data Breach Today

JUNE 13, 2024

All Patients, Employees Offered Credit Monitoring While Investigation Continues Ransomware attackers stole files that potentially contain patient and employee data from seven of Ascension's 25,000 servers. The hackers gained access to the organization's network when an employee inadvertently downloaded a file containing malware, said the Missouri-based healthcare system.

Ransomware 162

Ransomware Access 162

Speaker: Frank Taliano

Documents are the backbone of enterprise operations, but they are also a common source of inefficiency. From buried insights to manual handoffs, document-based workflows can quietly stall decision-making and drain resources. For large, complex organizations, legacy systems and siloed processes create friction that AI is uniquely positioned to resolve.

IT

IBM Big Data Hub

JUNE 13, 2024

With 109 million customers and counting, “uncarrier” T-Mobile is one of the top mobile communications providers in the U.S. The company always puts the customer first, which it achieves by delivering the right experiences and content to the right customers at the right time. But with different sub-brands and business units, T-Mobile’s marketing and content workflows were complex—and often inefficient and disconnected.

Marketing 68

Marketing Customer Experience Analytics Retail 68

Data Breach Today

JUNE 13, 2024

Threat Actor Uses Admin Panel to Track Multiple Campaigns A likely Pakistani cyberespionage operation has expanded its tool set since it first targeted Indian officials, likely in 2016. That's probable evidence the threat actor has "seen a high degree of success," say researchers from Cisco Talos. They dubbed the threat actor "Cosmic Leopard.

IT 162

IT 162

IBM Big Data Hub

JUNE 13, 2024

Microcontroller units (MCUs) and microprocessor units (MPUs) are two kinds of integrated circuits that, while similar in certain ways, are very different in many others. Replacing antiquated multi-component central processing units (CPUs) with separate logic units, these single-chip processors are both extremely valuable in the continued development of computing technology.

Computer and Electronics 61

Computer and Electronics IoT Mining Manufacturing 61

OpenText Information Management

JUNE 13, 2024

In the ever-evolving cybersecurity landscape, staying ahead of the growing number of threats is a continuous challenge. Two critical resources in this fight are the MITRE ATT&CK framework and the Tidal Cyber Vendor Registry. These platforms provide invaluable insights and tools to help organizations fortify their cyber defenses against attackers.

Cybersecurity 59

Cybersecurity Artificial Intelligence Analytics Phishing 59

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

National Archives Records Express

JUNE 13, 2024

On May 23, 2024, GSA hosted a webinar on the new Subgroup under SIN 518210DC: NARA-Compliant Digitization Services for Federal Records. We presented an overview of the digitization regulations and GSA shared how to add this new subgroup to vendor contracts. We also had a Q&A segment to address attendee questions. We recommend vendors who meet the capabilities add this Subgroup to their contracts (if you have not already done so).

Records Management 59

Records Management 59

Enterprise Software Blog

JUNE 13, 2024

When we are building Angular apps with heavy data communications, we need to consider a holistic approach, addressing factors like data efficiency, network latency, scalability, resource management, testing, and UX. And one of the things that is extremely vital for avoiding data conflicts while keeping the app scalable and consistent is effective Angular State Management.

Libraries 52

Libraries Access IT Authentication 52

Jamf

JUNE 13, 2024

As manufacturing and hard hat industries approach the next industrial revolution, mobile technologies are poised to drive the transformation. Learn how having Jamf and Apple help this industry transition to the digital age.

Manufacturing 40

Manufacturing 40

Schneier on Security

JUNE 13, 2024

As India concluded the world’s largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies—and what lessons that holds for the rest of the world. The campaigns made extensive use of AI, including deepfake impersonations of candidates, celebrities and dead politicians.

Artificial Intelligence 128

Artificial Intelligence Communications Government Access 128

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Jamf

JUNE 13, 2024

Get an overview of the exciting announcements from the 2024 Apple Worldwide Developers Conference (WWDC). Learn how these updates to iOS 18, iPadOS 18 and watchOS 11 empower deskless employees to do their best work.

40

40