Fri.Dec 16, 2022

article thumbnail

ISMG Editors: Payments Special

Data Breach Today

Expert Troy Leach Joins Panel to Discuss Payment Innovation, Cloud Adoption In the latest weekly update, Troy Leach, chief strategy officer at Cloud Security Alliance, joins ISMG editors to discuss the latest innovation in the payments space and accompanying risks, as well as how the case of Sam Bankman-Fried's failed cryptocurrency exchange will affect regulatory actions.

Cloud 144
article thumbnail

The importance of governance: What we’re learning from AI advances in 2022

IBM Big Data Hub

Over the last week, millions of people around the world have interacted with OpenAI’s ChatGPT, which represents a significant advance for generative artificial intelligence (AI) and the foundation models that underpin many of these use cases. It’s a fitting way to end what has been another big year for the industry. We’re at an exciting inflection point for AI.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Synack CEO Jay Kaplan on Doing Adversarial Pen Tests of APIs

Data Breach Today

Synack Co-Founder on Why Assessing the Security of Headless APIs Is Such a Struggle APIs increasingly drive everything from web and mobile application development to IoT devices since they streamline communication among disparate systems, says Synack CEO Jay Kaplan. But testing the efficacy and security of APIs remains challenging given the size of API endpoints.

IoT 130
article thumbnail

FTC Releases Updated Mobile Health App Compliance Tool

Hunton Privacy

On December 7, 2022, the Federal Trade Commission released an updated Mobile Health App Interactive Tool to help developers determine what federal laws and regulations apply to apps that collect and process health data. The updated version of the tool, which revises the initial release in 2016, aims to assist developers of mobile apps that will access, collect, share, use or maintain information related to an individual consumer’s health, such as information related to diagnosis, treatment, fitn

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog

Security Affairs

US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities impacting Veeam Backup & Replication software, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS 3.1 Base Score 9.8), to its Known Exploited Vulnerabilities Catalog.

More Trending

article thumbnail

Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia

Security Affairs

An ex Twitter employee has been sentenced to three-and-a-half years in prison for spying on individuals on behalf of Saudi Arabia. On august 2022, the former Twitter employee, Ahmad Abouammo (44), was found guilty of gathering private information of certain Twitter users and passing them to Saudi Arabia. Now Abouammo was has been sentenced to three-and-a-half years in prison for spying on individuals on behalf of Saudi Arabia. “A California man was sentenced yesterday to 42 months in fed

article thumbnail

Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe

Dark Reading

Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London.

article thumbnail

Social Blade discloses security breach

Security Affairs

Social media analytics service Social Blade disclosed a security breach after a database containing allegedly stolen data from the company was offered for sale. Social Blade is an American social media analytics platform, the company disclosed the security breach after a database containing company data was offered for sale on a hacker forum this week.

article thumbnail

Cyber Threats Loom as 5B People Prepare to Watch World Cup Final

Dark Reading

The 2022 FIFA Men's World Cup final in Qatar will be the most-watched sporting event in history — but will cybercriminals score a hat trick off its state-of-the-art digital footprint?

IT 86
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

MCCrash botnet targets private Minecraft servers, Microsoft warns

Security Affairs

Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers. Microsoft spotted a cross-platform botnet, tracked as MCCrash, which has been designed to launch distributed denial-of-service (DDoS) attacks against private Minecraft servers. The IT giant tracks this cluster of activity as DEV-1028.

IoT 92
article thumbnail

Less Than One-Third of Organizations Leverage Multiple Authentication Factors to Secure Their Environment

KnowBe4

Demonstrating a complete lack of focus on the need for additional authentication factors, surprising new data highlights a material security gap that enables cybercrime.

article thumbnail

FBI: Criminals Using BEC Attacks to Scavenge Food Shipments

Dark Reading

Cybercriminal rats are at play: Several food suppliers and distributors have experienced hundreds of thousands of dollars in losses after fulfilling fraudulently placed orders for food and ingredient shipments.

83
article thumbnail

Data of 5.7M Gemini users available for sale on hacking forums

Security Affairs

Gemini crypto exchange warns users of an ongoing phishing campaign after a third-party vendor suffered a security breach. Gemini crypto exchange is warning of phishing campaigns targeting its users after a threat actor obtained their data by breaching a third-party vendor. The company pointed out that its systems were not impacted. “Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor.

Sales 84
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Compliance Is Not Enough: How to Manage Your Customer Data

Dark Reading

Effective customer data management helps companies avoid data breaches and the resulting cascade of issues. From validating "clean" data to centralized storage and a data governance strategy, management steps can help keep data safe.

article thumbnail

Apple Patches iPhone Zero-Day

Schneier on Security

The most recent iPhone update—to version 16.1.2—patches a zero-day vulnerability that “may have been actively exploited against versions of iOS released before iOS 15.1.” News : Apple said security researchers at Google’s Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug.

article thumbnail

Chinese APT Group MirrorFace Interferes in Japanese Elections

Dark Reading

The MirrorFace group has deployed popular malware LodeInfo for spying and data theft against certain members of the Japanese House of Representatives.

86
article thumbnail

NSW brings in controls on how renters’ data can be stored and used

The Guardian Data Protection

Victor Dominello says renters are at risk since there are ‘essentially no rules’, and enforceable guidelines will be in place early in the new year Follow our Australia news live blog for the latest updates Get our morning and afternoon news emails , free app or daily news podcast New South Wales will introduce new guidelines on the personal data security of renters in a bid to crack down on cyber-attacks and identity fraud.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Researcher Bypasses Akamai WAF

Dark Reading

Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code.

89
article thumbnail

How data, AI and automation can transform the enterprise

IBM Big Data Hub

Today’s data leaders are expected to make organizations run more efficiently, improve business value, and foster innovation. Their role has expanded from providing business intelligence to management, to ensuring high-quality data is accessible and useful across the enterprise. In other words, they must ensure that data strategy aligns to business strategy.

article thumbnail

Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping

Dark Reading

The not-so-charming APT's intelligence-gathering initiatives are likely being used by the Iranian state to target kidnapping victims.

88
article thumbnail

Five benefits of a data catalog

IBM Big Data Hub

Imagine walking into the largest library you’ve ever seen. You have a specific book in mind, but you have no idea where to find it. Fortunately, the library has a computer at the front desk you can use to search its entire inventory by title, author, genre, and more. You enter the title of the book into the computer and the library’s digital inventory system tells you the exact section and aisle where the book is located.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Organizations Unprepared for Upcoming Data Privacy Regulations

Dark Reading

A comprehensive data privacy program requires involvement from all parts of the business that deal with personal data.

article thumbnail

Use Swift with the Jamf API, Part 4: Implementing a new object

Jamf

Part four in a technical series focused on using Apple’s Swift programming language to manage devices in Jamf Pro. In this installment, you'll learn how to implement a new type of object, teach the command line tool to read arguments from the command and add funtionality to read passwords from the keychain.

article thumbnail

New Botnet Targeting Minecraft Servers Poses Potential Enterprise Threat

Dark Reading

Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers.

80
article thumbnail

Delivering Secure and Trusted Access Within the UK Health Service

HID Global

Smart card approach solves managing users across the health economy, and IT help desks avoid the costs of supporting users who forget passwords & combinations.

Access 52
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

GitHub Expands Secret Scanning, 2FA Across Platform

Dark Reading

Microsoft-owned GitHub is taking steps to secure the open source software ecosystem by rolling out security features to protect code repositories.

article thumbnail

As Long as We’re on the Subject of CAPTCHAs

Schneier on Security

There are these.

110
110
article thumbnail

With SASE Definition Still Cloudy, Forum Proposes Standard

Dark Reading

Even without an overarching dictionary of common definitions, the concept of a secure access service edge (SASE) has spread, but a standard could help cloud services work better together.

Cloud 89