Data Breach Today
MARCH 23, 2023
Utility Vendors Have Cut Back on Buying Chinese Transformers Due to Security Risks Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks. Lawmakers sparred with the Energy Department's cybersecurity leader over how much of the electric grid contains components manufactured in China.
IT Governance
MARCH 23, 2023
Ferrari is racing to contain the damage after it was targeted by cyber criminals this week. The supercar manufacturer said that its systems were compromised and that customer data has been stolen. In a breach notification letter sent to affected individuals, Ferrari noted that a limited number of IT systems were breached, and some customers’ names, addresses, email addresses and telephone numbers were exposed.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 23, 2023
International Financial Crimes Expert Mark Solomon on Card Fraud Tactics and Trends EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.
IT Governance
MARCH 23, 2023
This week, we discuss ransomware attacks on Ferrari and the Dole Food Company, another TikTok ban – this time by the BBC – and vulnerabilities that allow some Android phones to be hacked with only the victim’s phone number. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 2023-6: Ferrari, Dole, TikTok (again), Android appeared first on IT Governance UK Blog.
Advertisement
With its unparalleled flexibility, rapid development and cost-saving capabilities, open source is proving time and again that it’s the leader in data management. But as the growth in open source adoption increases, so does the complexity of your data infrastructure. In this Analyst Brief developed with IDC, discover how and why the best solution to this complexity is a managed service, including: Streamlined compliance with some of the most complex regulatory guidelines Simplified operations, li
Data Breach Today
MARCH 23, 2023
SideCopy APT Used Decoy Documents in Spear-Phishing Attack On DRDO Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defence Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file with information about India-developed K4 missile.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 23, 2023
Also: Fireblocks, BitGo Clash; Bitzlato Users can Withdraw Some Funds Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 17 and 23: New York State Department of Financial Services reminds BitPay that regulations exist. Also, Euler Finance, Gala Games, BitGo, ZenGo, General Bytes, Bitzlato and ParaSpace.
Dark Reading
MARCH 23, 2023
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
Data Breach Today
MARCH 23, 2023
MageCart Operators Hide Infection in Legitimate Payment Processing Software Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. Hackers inject PHP and JavaScript code and hide stolen credit card numbers in.jpg files.
Hunton Privacy
MARCH 23, 2023
On March 15, 2023, the Securities and Exchange Commission (“SEC”) proposed three rules related to cybersecurity and the protection of consumer information. The SEC’s first proposal would amend Regulation S-P. Regulation S-P imposes privacy, data security, and data disposal rules on broker-dealers, investment advisers, and investment companies subject to the SEC’s authority under the Gramm-Leach-Bliley Act.
Advertisement
The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.
Data Breach Today
MARCH 23, 2023
Also: Lionsgate, Royal Dirkzwager, New LockBit Claims and Latitude Financial This week's roundup of cybersecurity incidents around the world includes attacks on luxury car manufacturer Ferrari, the Indian health system and a Dutch maritime logistics company. Other data breach incidents involve the NBA, Lionsgate, the city of Oakland, McDonald's and Samsung.
Jamf
MARCH 23, 2023
The aviation industry is always on the move; their technology needs to be able to keep up. Apple and Jamf help airlines stay efficient and effective on the go—read this blog to learn more.
Data Breach Today
MARCH 23, 2023
Foxpass Purchase Will Thwart Password Sharing and Simplify Developer Onboarding Remote access provider Splashtop has bought server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments. The acquisition of Foxpass will simplify the onboarding experience for developers while ensuring passwords aren't being shared.
KnowBe4
MARCH 23, 2023
As cyber insurers become more experienced in what kinds of claims are being presented, and the threat action details therein, specific types of coverages are no longer being included.
Advertisement
Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.
Security Affairs
MARCH 23, 2023
On the first day of Pwn2Own Vancouver 2023, the organization awarded $375,000 (and a Tesla Model 3) for 12 zero-day flaws. The Pwn2Own Vancouver 2023 has begun, this hacking competition has 19 entries targeting nine different targets – including two Tesla attempts. On the first day of the event, the organization awarded $375,000 (and a Tesla Model 3) for 12 zero-day vulnerabilities demonstrated by the participants.
Dark Reading
MARCH 23, 2023
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
Security Affairs
MARCH 23, 2023
Researchers released a PoC exploit code for a high-severity vulnerability in Veeam Backup & Replication (VBR) software. Veeam recently addressed a high-severity flaw, tracked as CVE-2023-27532 , in Veeam Backup and Replication (VBR) software. An unauthenticated user with access to the Veeam backup service (TCP 9401 by default) can exploit the flaw to request cleartext credentials.
KnowBe4
MARCH 23, 2023
New data on the current state of cybersecurity shows that organizations are experiencing challenges, falling behind, and seeing the impact of all this post-attack.
Advertisement
In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.
Security Affairs
MARCH 23, 2023
South Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one million people. Established in 2003, PowderRoom is a South Korean beauty content platform connecting 3.5 million members and thousands of beauty brands It calls itself the first and the biggest beauty community in South Korea that “allows you to experience new brand products faster than anyone else and share the experience” It exposed up to a million users’ full names, phone numbers, emails, Insta
Schneier on Security
MARCH 23, 2023
A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack : TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is widening, the known impact is murky at best.
KnowBe4
MARCH 23, 2023
As scammers continue to see massive returns on their phishing attacks, the use of impersonation with well-known brands continues to circle around the dominant players.
Security Affairs
MARCH 23, 2023
Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees’ data. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 products in 75 countries.
Advertisement
It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.
WIRED Threat Level
MARCH 23, 2023
The embattled social media company brought out the checkbook to ensure at least 30 of its biggest assets—creators—were in DC to help fend off critics.
Security Affairs
MARCH 23, 2023
Cisco addressed tens of vulnerabilities in its IOS and IOS XE software, six of these issues have been rated ‘high severity’. Cisco published the March 2023 Semiannual IOS and IOS XE Software Security Advisory that addresses several vulnerabilities in IOS and IOS XE software. Below is the list of flaws addressed by the IT giant in this bundled publication: Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial
Dark Reading
MARCH 23, 2023
Open source software continues to pose a challenge for companies. With the proper security practices, you can reduce your open source risk and manage it.
Security Affairs
MARCH 23, 2023
Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications. The Nexus ransomware was first analyzed in early March by researchers from the threat intelligence firm Cyble.
Advertisement
In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.
Dark Reading
MARCH 23, 2023
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
KnowBe4
MARCH 23, 2023
Do you ever feel like you are always playing catch up regarding cybersecurity? That it is a never-ending game; no matter what you do, you are always one step behind. You are not alone. Joanna Burkey, the CISO for HP, Inc., has seen the field's evolution firsthand.
WIRED Threat Level
MARCH 23, 2023
The interrogation of CEO Shou Zi Chew highlighted US lawmakers’ own failure to pass privacy legislation.
Expert insights. Personalized for you.
233 
Let's personalize your content