Data Breach Today
MARCH 2, 2023
Focus Includes Critical Infrastructure Security, Secure Software Development The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations, and liability for poor software development practices.
KnowBe4
MARCH 2, 2023
This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when communications systems are designed without built-in security from the get-go. It is an excellent wake-up call for your C-level execs and powerful budget ammo.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 2, 2023
Judge Rejects Recommendations to Drop Case in Medical Center Incident A Georgia man who is the chief operating officer of a network security firm can't escape criminal charges related to a 2018 cyberattack against a local medical center. Vikas Singla faces 18 charges of illegal hacking, including 15 charges for disrupting a Lexmark printer network.
Hunton Privacy
MARCH 2, 2023
On February 28, 2023, the Colorado Office of the Attorney General announced that revised draft Colorado Privacy Act (“CPA”) rules were adopted for review by the Colorado Attorney General prior to finalization and publication in the Colorado Register. The revised rules are not final, and, as drafted, will take effect on July 1, 2023. The revised draft rules follow prior drafts dated October 10, 2022 , December 21, 2022 , and January 27, 2023.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
MARCH 2, 2023
Deal Comes As Pressure Increases on Pure-Play Vendors to Deliver Native SASE Stack Hewlett Packard Enterprise will soon offer clients single-vendor SASE after agreeing to buy a security service edge startup founded by a Symantec security researcher. HPE will combine the cloud, web and data security technology acquired from Axis Security with its SD-WAN tool bought from SilverPeak.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 2, 2023
Holding Vendors Liable for Insecure Apps Fuels Safe Harbor, Transparency Questions A new federal strategy to make commercial manufacturers liable for insecure software requires an attainable safe harbor policy and could be a disincentive for software manufacturers in sharing important vulnerability information with the U.S. government, according to industry observers.
Hanzo Learning Center
MARCH 2, 2023
Tools like Slack and Microsoft Teams were on the rise before the global pandemic; now, they’ve become integral for employee communication at large enterprises, whether they’re in the office, working from home, or a hybrid.
Data Breach Today
MARCH 2, 2023
Under Proposed Settlement, BetterHelp Will Also Pay Fine of $7.8 Million Online counseling provider BetterHelp is set to come under two decades of privacy monitoring by the U.S. Federal Trade Commission after settling allegations that it violated users' privacy by sharing identifying information with social media platforms including Facebook.
Dark Reading
MARCH 2, 2023
The same "sophisticated" threat actor has pummeled the domain host on an ongoing basis since 2020, making off with customer logins, source code, and more. Here's what to do.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 2, 2023
Gen. Gregory Touhill Weighs in on Merits of Product Security by Design and Default Retired Air Force Gen. Gregory Touhill, the very first U.S. federal CISO back in the Obama administration, says he's encouraged by the new U.S. National Cybersecurity Strategy. His top takeaway: the shift of cybersecurity responsibility from consumers to manufacturers of vulnerable products.
Dark Reading
MARCH 2, 2023
The Decider tool is designed to make the ATT&CK framework more accessible and usable for security analysts of every level, with an intuitive interface and simplified language.
Data Breach Today
MARCH 2, 2023
Big Enterprises Embrace Okta Identity Governance in Competitive Bake-Offs, CEO Says Okta Identity Governance has enjoyed success in its first quarter of global availability as businesses unify access management and governance. Okta is surprised by the amount of traction its governance offering has gained with large enterprises and in competitive bake-offs, says CEO Todd McKinnon.
WIRED Threat Level
MARCH 2, 2023
Every DJI quadcopter broadcasts its operator's position via radio—unencrypted. Now, a group of researchers has learned to decode those coordinates.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MARCH 2, 2023
Website Unaffected and No Customer Accounts or Databases Exposed, Company Reports High street retailer WH Smith reports that it suffered a hack attack that led to the exposure of current and former employees' personal data, but no exposure of customer data or website disruption. It's the latest big British business in recent months to suffer a data breach or ransomware attack.
Dark Reading
MARCH 2, 2023
There's never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies.
Troy Hunt
MARCH 2, 2023
Guns! You know, the things you kinda want to keep pretty well protected and out of the hands of nefarious parties, like the kinds of folks that following their data breach could match firearms to an individual at an address on a phone number of a gender and specific age. But don't worry, no financial information was compromised! 🤦♂️ All that and more in the 337th addition of my weekly update, enjoy!
Security Affairs
MARCH 2, 2023
Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. The firms were targeted as part of two distinct campaigns aimed at distributing GootLoader and FakeUpdates (aka SocGholish) malware. “The attacks emanated from two separate threat campaigns.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
MARCH 2, 2023
Researchers exploited issues in the authentication protocol to force an open redirection from the popular hotel reservations site when users used Facebook to log in to accounts.
Security Affairs
MARCH 2, 2023
Hackers compromised the website GunAuction.com , a website that allows people to buy and sell guns, and stole users’ data. Hackers have compromised GunAuction.com , a website that allows people to buy and sell guns, TechCrunch reported. The attackers have stolen sensitive personal data from more than 550,000 users. Compromised customers’ data include full names, home addresses, email addresses, plaintext passwords, and telephone numbers.
Dark Reading
MARCH 2, 2023
License Scanner and SBOM Utility will boost the capabilities of OWASP's CycloneDX Software Bill of Materials standard.
Security Affairs
MARCH 2, 2023
Cisco addressed a critical vulnerability, tracked as CVE-2023-20078, impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. Cisco released security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The flaw, tracked as CVE-2023-20078 (rated 9.8 out of 10), is a command injection issue that resides in the web-based management interface.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
MARCH 2, 2023
It's 10 p.m. Do you know what your children are playing? In the age of remote work, hackers are actively targeting kids, with implications for enterprises.
KnowBe4
MARCH 2, 2023
Researchers at CloudSEK have published a report looking at fraudulent customer service phone numbers in India. The researchers found around 20,000 of these phone numbers targeting users in India. The scammers purchase SIM cards from dark web markets, then trick people into handing over their financial information.
IG Guru
MARCH 2, 2023
Congratulations to NIRMA member, Shaikhah Rashed Alabdouli, from Nawah Energy Company, the operating subsidiary of Emirates Nuclear Energy Corporation (ENEC) based in Abu Dhabi, United Arab Emirates (UAE), for this winning logo design! Shaikhah was a first-time attendee at the 2022 NIRMA Symposium.
Dark Reading
MARCH 2, 2023
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Security Affairs
MARCH 2, 2023
Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees. The company immediately launched an investigation into the incident with the help of specialist support services, it also notified the relevant authorities.
KnowBe4
MARCH 2, 2023
Time is the one resource you never get back. Cutting the amount of time between the moment your user reports a suspicious email and when your InfoSec team responds can mean the difference between a risk mitigated and a catastrophic security incident.
Dark Reading
MARCH 2, 2023
Overcoming the obstacles of this security principle can mitigate the damages of an attack.
Expert insights. Personalized for you.
292 
Let's personalize your content