Data Breach Today
MARCH 16, 2023
Microsoft Patches Another SmartScreen Signature-Based Vulnerability A financial motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group. Microsoft issued a patch in its March dump of fixes.
IT Governance
MARCH 16, 2023
The UK government has announced plans to ban ministers and civil servants from using TikTok on work devices. It follows concern regarding the data privacy practices of the Chinese-owned app, with the European Parliament making a similar ruling last week. The problems stem from TikTok’s ties to the Chinese government and the ways that people’s personal data could be used for nefarious purposes.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 16, 2023
Cybereason Enters Leaders Quadrant While Trellix Falls From Leader to Niche Player Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.
KnowBe4
MARCH 16, 2023
I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they do. This post is aimed to help clarify some common misunderstandings.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
MARCH 16, 2023
Also: Please Help the Sector Pay for Cybersecurity, Execs Tell Senate Panel Healthcare executives called on Congress to ensure minimum cybersecurity standards, saying a wholly voluntary approach is failing clinics and hospitals. Gaps are widest at small rural hospitals, testified a former hospital CISO before the Senate Homeland Security and Governmental Affairs Committee.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 16, 2023
On Radar: Zoll, CHU Saint-Pierre, Latitude Financial, LA Housing Authority In this week's data breach roundup: medical device manufacturer Zoll, CHU University hospitals, Australian company Latitude Financial, Hawaiian death registry, Los Angeles Housing Authority, Indian Railway ticketing app, updates on U.S. Marshals Service and Congress, and a new ransomware decryptor!
Dark Reading
MARCH 16, 2023
The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said.
Data Breach Today
MARCH 16, 2023
More Than 300,000 Customers Affected by Breach at Latitude Financial Services Australian personal lending provider Latitude Financial Services disclosed to regulators on Thursday hacking incidents affecting more than 300,000 consumers. "Sophisticated" hackers made off with nearly 103,000 driver's licenses and an additional 225,000 "customer records," the company said.
Security Affairs
MARCH 16, 2023
US CISA added an actively exploited vulnerability in Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Adobe ColdFusion, tracked as CVE-2023-26360 (CVSS score: 8.6), to its Known Exploited Vulnerabilities Catalog. This week Adobe released security updates for ColdFusion versions 2021 and 2018 to resolve the critical flaw CVE-2023-26360 that was exploited in very limited attacks.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 16, 2023
Also: Dero, Poolz Finance Hack and a Report on Ransomware Financing Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 10 and 16: a ChipMixer takedown, Euler Finance and Poolz Finance hacks, bugs on 280 blockchains, Dero coin, and a report from the Financial Action Task Force on ransomware financing.
Security Affairs
MARCH 16, 2023
Polish intelligence dismantled a cell of Russian spies that gathered info on military equipment deliveries to Ukraine via the EU member. Polish counter-intelligence has dismantled a cell of Russian spies that gathered information on the provisioning of military equipment to Ukraine via the EU member. “The ABW counter-intelligence agency has arrested nine people suspected of working for the Russian secret service,” Poland’s Interior Minister Mariusz Kaminski told reporters.
Data Breach Today
MARCH 16, 2023
Microsoft Predicts Uptick in Ransomware, Initial Access Hacks, Influence Operations What happens next in Russia's all-out invasion of Ukraine isn't clear, but experts have been tracking signs that Moscow may be preparing for intensified cyber operations ahead of a spring offensive, developing new wiper malware and getting ready to interfere in European elections and foreign policy.
The Guardian Data Protection
MARCH 16, 2023
Exclusive: Voiceprint program used by millions of Australians to access data held by government agencies shown to have a serious security flaw Get our morning and afternoon news emails , free app or daily news podcast A voice identification system used by the Australian government for millions of people has a serious security flaw, a Guardian Australia investigation has found.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MARCH 16, 2023
CISOs have faced a broad and varied set of challenges in recent years. Remote environments, increasingly sophisticated threats and expanding supply chains are just some of the many concerns keeping them up at night.
Security Affairs
MARCH 16, 2023
Google’s Project Zero hackers found multiple flaws in Samsung ’s Exynos chipsets that expose devices to remote hack with no user interaction. White hat hackers at Google’s Project Zero unit discovered multiple vulnerabilities Samsung ’s Exynos chipsets that can be exploited by remote attackers to compromise phones without user interaction. The researchers discovered a total of eighteen vulnerabilities, the four most severe of these flaws (CVE-2023-24033 and three other vulnerabilities that
Data Breach Today
MARCH 16, 2023
Cybercriminals have been launching attacks against our people, networks, and services for decades with varying success. So, the need to realign our defences to meet the demands of evolving threats is nothing new.
eSecurity Planet
MARCH 16, 2023
Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. According to Crowdstrike researchers , 40 percent of the patched vulnerabilities are remote code execution flaws, down from 48 percent last month; 31 percent are elevation of privilege flaws, up from almost 16 percent last month; and 22 percent are information disclosure flaws, up from 10 percent last month.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
MARCH 16, 2023
Multiple threat actors exploited a critical flaw in Progress Telerik to breach an unnamed US federal agency, said the US government. A joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) revealed that multiple threat actors, including a nation-state actor, exploited a critical vulnerability in Progress Telerik to breach an unnamed US federal agency.
KnowBe4
MARCH 16, 2023
Phishing emails increase in volume every month and every year, so we created this free resource kit to help you defend against attacks. Request your kit now to learn phishing mitigation strategies, what new trends and attack vectors you need to be prepared for, and our best advice on how to protect your users and your organization.
Dark Reading
MARCH 16, 2023
The 'ChipMixer' cryptocurrency service for cybercriminals was shut down by law enforcement, and its alleged operator has been charged.
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. The report found that in 2022 there was a 240% increase in phishing pages that attempted to redirect potential security researchers and bots away from the sites.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
MARCH 16, 2023
Attackers are increasingly staying under the radar by using your own tools against you. Only behavioral AI can catch these stealthy attacks.
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. The report found that in 2022 there was a 240% increase in phishing pages that attempted to redirect potential security researchers and bots away from the sites.
Dark Reading
MARCH 16, 2023
Minerva's robust technology and talented engineering team extend Rapid7's end-to-end managed threat detection and orchestration capabilities from the endpoint to the cloud.
IG Guru
MARCH 16, 2023
The MER Conference invites you to consider your students for full-tuition scholarship to this May’s MER Conference.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MARCH 16, 2023
After years of relative stability and steady growth, Omdia research indicates the NDR segment is poised for rapid change.
WIRED Threat Level
MARCH 16, 2023
WIRED spoke with the coauthor of the Restrict Act, a bipartisan bill to crack down on tech from six “hostile” countries.
Dark Reading
MARCH 16, 2023
The challenges are steep, but school districts can fight back with planning.
Expert insights. Personalized for you.
348 
Let's personalize your content