Data Breach Today
MARCH 23, 2023
Utility Vendors Have Cut Back on Buying Chinese Transformers Due to Security Risks Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks. Lawmakers sparred with the Energy Department's cybersecurity leader over how much of the electric grid contains components manufactured in China.
IT Governance
MARCH 23, 2023
Ferrari is racing to contain the damage after it was targeted by cyber criminals this week. The supercar manufacturer said that its systems were compromised and that customer data has been stolen. In a breach notification letter sent to affected individuals, Ferrari noted that a limited number of IT systems were breached, and some customers’ names, addresses, email addresses and telephone numbers were exposed.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 23, 2023
International Financial Crimes Expert Mark Solomon on Card Fraud Tactics and Trends EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.
IT Governance
MARCH 23, 2023
This week, we discuss ransomware attacks on Ferrari and the Dole Food Company, another TikTok ban – this time by the BBC – and vulnerabilities that allow some Android phones to be hacked with only the victim’s phone number. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 2023-6: Ferrari, Dole, TikTok (again), Android appeared first on IT Governance UK Blog.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 23, 2023
SideCopy APT Used Decoy Documents in Spear-Phishing Attack On DRDO Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defence Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file with information about India-developed K4 missile.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 23, 2023
Also: Fireblocks, BitGo Clash; Bitzlato Users can Withdraw Some Funds Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 17 and 23: New York State Department of Financial Services reminds BitPay that regulations exist. Also, Euler Finance, Gala Games, BitGo, ZenGo, General Bytes, Bitzlato and ParaSpace.
Dark Reading
MARCH 23, 2023
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
Data Breach Today
MARCH 23, 2023
MageCart Operators Hide Infection in Legitimate Payment Processing Software Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. Hackers inject PHP and JavaScript code and hide stolen credit card numbers in.jpg files.
Hunton Privacy
MARCH 23, 2023
On March 15, 2023, the Securities and Exchange Commission (“SEC”) proposed three rules related to cybersecurity and the protection of consumer information. The SEC’s first proposal would amend Regulation S-P. Regulation S-P imposes privacy, data security, and data disposal rules on broker-dealers, investment advisers, and investment companies subject to the SEC’s authority under the Gramm-Leach-Bliley Act.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MARCH 23, 2023
Also: Lionsgate, Royal Dirkzwager, New LockBit Claims and Latitude Financial This week's roundup of cybersecurity incidents around the world includes attacks on luxury car manufacturer Ferrari, the Indian health system and a Dutch maritime logistics company. Other data breach incidents involve the NBA, Lionsgate, the city of Oakland, McDonald's and Samsung.
Jamf
MARCH 23, 2023
The aviation industry is always on the move; their technology needs to be able to keep up. Apple and Jamf help airlines stay efficient and effective on the go—read this blog to learn more.
Data Breach Today
MARCH 23, 2023
Foxpass Purchase Will Thwart Password Sharing and Simplify Developer Onboarding Remote access provider Splashtop has bought server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments. The acquisition of Foxpass will simplify the onboarding experience for developers while ensuring passwords aren't being shared.
KnowBe4
MARCH 23, 2023
As cyber insurers become more experienced in what kinds of claims are being presented, and the threat action details therein, specific types of coverages are no longer being included.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
MARCH 23, 2023
On the first day of Pwn2Own Vancouver 2023, the organization awarded $375,000 (and a Tesla Model 3) for 12 zero-day flaws. The Pwn2Own Vancouver 2023 has begun, this hacking competition has 19 entries targeting nine different targets – including two Tesla attempts. On the first day of the event, the organization awarded $375,000 (and a Tesla Model 3) for 12 zero-day vulnerabilities demonstrated by the participants.
Dark Reading
MARCH 23, 2023
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
Security Affairs
MARCH 23, 2023
Researchers released a PoC exploit code for a high-severity vulnerability in Veeam Backup & Replication (VBR) software. Veeam recently addressed a high-severity flaw, tracked as CVE-2023-27532 , in Veeam Backup and Replication (VBR) software. An unauthenticated user with access to the Veeam backup service (TCP 9401 by default) can exploit the flaw to request cleartext credentials.
KnowBe4
MARCH 23, 2023
New data on the current state of cybersecurity shows that organizations are experiencing challenges, falling behind, and seeing the impact of all this post-attack.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
MARCH 23, 2023
The embattled social media company brought out the checkbook to ensure at least 30 of its biggest assets—creators—were in DC to help fend off critics.
KnowBe4
MARCH 23, 2023
As scammers continue to see massive returns on their phishing attacks, the use of impersonation with well-known brands continues to circle around the dominant players.
Security Affairs
MARCH 23, 2023
South Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one million people. Established in 2003, PowderRoom is a South Korean beauty content platform connecting 3.5 million members and thousands of beauty brands It calls itself the first and the biggest beauty community in South Korea that “allows you to experience new brand products faster than anyone else and share the experience” It exposed up to a million users’ full names, phone numbers, emails, Insta
Schneier on Security
MARCH 23, 2023
A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack : TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is widening, the known impact is murky at best.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Security Affairs
MARCH 23, 2023
Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees’ data. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 products in 75 countries.
Dark Reading
MARCH 23, 2023
Open source software continues to pose a challenge for companies. With the proper security practices, you can reduce your open source risk and manage it.
Security Affairs
MARCH 23, 2023
Cisco addressed tens of vulnerabilities in its IOS and IOS XE software, six of these issues have been rated ‘high severity’. Cisco published the March 2023 Semiannual IOS and IOS XE Software Security Advisory that addresses several vulnerabilities in IOS and IOS XE software. Below is the list of flaws addressed by the IT giant in this bundled publication: Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial
Dark Reading
MARCH 23, 2023
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
MARCH 23, 2023
Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications. The Nexus ransomware was first analyzed in early March by researchers from the threat intelligence firm Cyble.
WIRED Threat Level
MARCH 23, 2023
The interrogation of CEO Shou Zi Chew highlighted US lawmakers’ own failure to pass privacy legislation.
KnowBe4
MARCH 23, 2023
Do you ever feel like you are always playing catch up regarding cybersecurity? That it is a never-ending game; no matter what you do, you are always one step behind. You are not alone. Joanna Burkey, the CISO for HP, Inc., has seen the field's evolution firsthand.
Expert insights. Personalized for you.
232 
Let's personalize your content