Wed.Nov 29, 2023

article thumbnail

Demystifying Vulnerability Management: Cutting Through the Noise

Data Breach Today

Vulnerability Management is a well-known cybersecurity essential. However the lines have blurred over the years regarding which vital practices fall under the VM classification.

article thumbnail

Public AI: Bad. Internal AI: Good. With Information Governance: Great!

Weissman's World

We’ve talked a lot about the perils of using generative AI, which while improving is still prone to making stuff up and exposes our data to privacy problems if used as engine fodder. But I don’t know that I’ve properly distinguished between the “bad” public technologies and the possible “good” of those installed internally –… Read More » Public AI: Bad.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

US House Members Eye Potential Regulations in Healthcare AI

Data Breach Today

Industry Experts Share Concerns Over Misuse, Privacy and Security With Committee As Congress weighs potential legislative and regulatory guardrails for the use of AI in healthcare, issues such as human oversight, privacy and security risk need close attention, said healthcare industry experts who testified during a House Energy and Commerce subcommittee hearing on Wednesday.

Privacy 216
article thumbnail

Breaking Laptop Fingerprint Sensors

Schneier on Security

They’re not that good : Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft’s own Surface Pro Type Covers.

Security 132
article thumbnail

The Tumultuous IT Landscape Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

ChatGPT Turns One - and the Future of Generative AI

Data Breach Today

Gartner's Avivah Litan on Impact of OpenAI Drama and State of Gen AI Nov. 30 marks the one-year public birthday of ChatGPT. Gartner's Avivah Litan shared insights on the current state and future of generative AI, as well as the potential market after-effects of the pre-Thanksgiving drama involving OpenAI, its board and fired/reinstated CEO Sam Altman.

Marketing 213

More Trending

article thumbnail

US Sanctions, Seizes Sinbad Cryptomixer

Data Breach Today

Sinbad Was the 'Preferred Mixing Service' of North Korean Hackers The U.S. federal government Wednesday added cryptocurrency mixer Sinbad.io to a growing blacklist of virtual asset platforms under sanctions that prevent Americans from doing business with them. The FBI seized the Sinbad website in an international operation.

article thumbnail

OpenAI’s Custom Chatbots Are Leaking Their Secrets

WIRED Threat Level

Released earlier this month, OpenAI’s GPTs let anyone create custom chatbots. But some of the data they’re built on is easily exposed.

article thumbnail

Experts Urge Congress to Establish Clear SBOM Guidance

Data Breach Today

Federal Agencies Lack Comprehensive Guidelines For Developing SBOMs, Experts Say Procurement experts testified to the House subcommittee on cybersecurity, information technology and government innovation Wednesday that government requirements leave too many unanswered questions and ambiguities for federal agencies when it comes to implementing SBOMs.

article thumbnail

Google addressed the sixth Chrome Zero-Day vulnerability in 2023

Security Affairs

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. The CVE-2023-5217 is a high-severity integer overflow in Skia. Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms.

Libraries 114
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Stopping Cloud Workload Attacks

Data Breach Today

In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.

Cloud 198
article thumbnail

Thousands of secrets lurk in app images on Docker Hub

Security Affairs

Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unauthorized access, data breaches, or identity theft, the latest Cybernews research reveals. The Docker Hub store has at least 5,493 container images that contain secrets and could be considered as exposing sensitive information.

Analytics 108
article thumbnail

Okta Says Hacker Stole Every Customer Support User's Details

Data Breach Today

Beware Phishing and Social Engineering Attacks Targeting Passwords, Vendor Warns Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system, and warned customers to beware potential follow-on phishing and social engineering attacks.

Phishing 197
article thumbnail

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

KnowBe4

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Attackers Actively Target Critical ownCloud Vulnerability

Data Breach Today

Content Collaboration Platform Sent Updates and Alert Directly to Users Last Month Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.

Security 197
article thumbnail

Okta reveals additional attackers’ activities in October 2023 Breach

Security Affairs

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. In October, the Cloud identity and access management solutions provider said that threat actors broke into its support case management system and stole authentication data, including cookies and session tokens, that can be abused in future

article thumbnail

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Data Breach Today

Deal Will Expand BlueVoyant's Footprint in US Government, Defense Industrial Base BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations. Buying Conquest Cyber will allow BlueVoyant to provide cyber risk maturity and compliance assessments to both federal and commercial customers.

article thumbnail

NHS England faces lawsuit over patient privacy fears linked to new data platform

The Guardian Data Protection

Four groups claim no legal basis exists for setting up the Federated Data Platform which facilitates information sharing The NHS has been accused of “breaking the law” by creating a massive data platform that will share information about patients. Four organisations are bringing a lawsuit against NHS England claiming that there is no legal basis for its setting up of the Federated Data Platform (FDP).

Privacy 109
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

KnowBe4

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

article thumbnail

Okta Breach Impacted All Customer Support Users—Not 1 Percent

WIRED Threat Level

Okta upped its original estimate of customer support users affected by a recent breach from 1 percent to 100 percent, citing a “discrepancy.

IT 101
article thumbnail

Real-time artificial intelligence and event processing  

IBM Big Data Hub

By leveraging AI for real-time event processing, businesses can connect the dots between disparate events to detect and respond to new trends, threats and opportunities. In 2023, the IBM® Institute for Business Value (IBV) surveyed 2,500 global executives and found that best-in-class companies are reaping a 13% ROI from their AI projects—more than twice the average ROI of 5.9%.

article thumbnail

Partnership to Campaign: Green Libraries is growing

CILIP

Partnership to Campaign: Green Libraries is growing Global leaders, thinkers, and activists from industry and politics will gather this weekend in Dubai for the first day of COP28 to rethink, reboot, and refocus the climate agenda. Meanwhile libraries across the UK and beyond have been working hard to bring climate action and awareness to their communities as part of the Green Libraries Partnership.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

QR Code Phishing Campaigns on the Rise

KnowBe4

There’s been a “precipitous rise” in QR code phishing (quishing) campaigns in 2023, according to Matthew Tyson at CSO.

Phishing 101
article thumbnail

Synthetic data generation: Building trust by ensuring privacy and quality

IBM Big Data Hub

With the emergence of new advances and applications in machine learning models and artificial intelligence, including generative AI, generative adversarial networks, computer vision and transformers, many businesses are seeking to address their most pressing real-world data challenges using both types of synthetic data: structured and unstructured. Structured synthetic data types are quantitative and includes tabular data, such as numbers or values, while unstructured synthetic data types are qu

Privacy 80
article thumbnail

Australian privacy watchdog refuses to investigate employer that allegedly accessed worker’s personal emails

The Guardian Data Protection

Legal expert says court ruling in case where information accessed on work laptop at Mecrus confirms ‘Australians still don’t have a right to privacy’ Follow our Australia news live blog for latest updates Get our morning and afternoon news emails , free app or daily news podcast The Australian information commissioner refused to investigate an employer that allegedly accessed an employee’s personal emails, on the grounds the information was accessed on the employee’s work laptop.

Access 75
article thumbnail

How blockchain enables trust in water trading

IBM Big Data Hub

Australia pioneered water rights trading in the early 1900s, becoming a world leader in water sharing between valleys. The initiative extended throughout the states of Australia across the Murray-Darling Basin (MDB). However, findings from the water market’s inquiry of the MDB, completed by the Australian Consumer and Competition Commission (ACCC) and the Department of Climate Change, Energy, the Environment and Water (DCCEEW), highlighted a great many challenges of the system.

article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

Navigating the landscape of digital accessibility

OpenText Information Management

Over the past decade, the notion of a customer has changed significantly. How individuals engage with businesses, their evolving expectations, their demand for quicker responses, and recent global events, such as the COVID-19 pandemic, have compelled organizations to re-evaluate how they serve their customers. Whether an organization offers financial services, healthcare, or operates in the … The post Navigating the landscape of digital accessibility appeared first on OpenText Blogs.

Access 57
article thumbnail

Sensors, signals and synergy: Enhancing Downer’s data exploration with IBM

IBM Big Data Hub

In the realm of urban transportation, precision is pivotal. Downer, a leading provider of integrated services in Australia and New Zealand, considers itself a guardian of the elaborate transportation matrix, and it continually seeks to enhance its operational efficiency. With over 200 trains and a multitude of sensors, Downer has accumulated a vast amount of data.

article thumbnail

New Futurum Report: How Mainframe Modernization Begins with Application Modernization

OpenText Information Management

Download report and watch discussion exploring smarter mainframe modernization. The post New Futurum Report: How Mainframe Modernization Begins with Application Modernization appeared first on OpenText Blogs.