Mon.Sep 19, 2022

article thumbnail

Hacker Accessed LastPass Internal System for 4 Days

Data Breach Today

Company's Source Code, Proprietary Data Stolen in August Breach Password manager LastPass says the attackers behind the August security incident had access to its systems for four days. LastPass CEO Karim Toubba, sharing details about last month's breach, confirms that there is no evidence of any threat actor activity beyond the established timeline.

Access 246
article thumbnail

Social Engineering Targets Healthcare Payment Processors

KnowBe4

The US Federal Bureau of Investigation (FBI) has issued an alert warning of an increase in phishing and other social engineering attacks against healthcare payment processors.

Phishing 109
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Vista Equity Bids to Take KnowBe4 Private at $4.2B Valuation

Data Breach Today

Vista's $24-Per-Share Bid Comes 17 Months After Security Awareness Firm Went Public Vista Equity Partners has joined Thoma Bravo in the take-private cybersecurity spree, offering to buy security awareness training behemoth KnowBe4 at a $4.22 billion valuation. KnowBe4 says it has received a nonbinding offer from Vista of $24 per share for the shares not currently owned by Vista.

article thumbnail

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

Security Affairs

Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online game acceleration. Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts multiple Netgear router models.

Passwords 100
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Exploring “green” finance offerings, part 4

CGI

Banks face increasing pressure from customers, shareholders, employees and regulators to be more sustainable in their operations and service delivery. Their ability to provide capital puts them in a unique position to impact market direction. For many banks, the move toward sustainability is a new activity where there is much to be learned.

More Trending

article thumbnail

Large-Scale Collection of Cell Phone Data at US Borders

Schneier on Security

The Washington Post is reporting that the US Customs and Border Protection agency is seizing and copying cell phone, tablet, and computer data from “as many as” 10,000 phones per year, including an unspecified number of American citizens. This is done without a warrant, because “…courts have long granted an exception to border authorities, allowing them to search people’s devices without a warrant or suspicion of a crime.” CBP’s inspection of people̵

article thumbnail

Uber says there is no evidence that users’ private information was compromised

Security Affairs

Uber hack update: There is no evidence that users’ private information was compromised in the data breach. Uber provided an update regarding the recent security breach of its internal computer systems, the company confirmed that there is no evidence that intruders had access to users’ private information. “We have no evidence that the incident involved access to sensitive user data (like trip history).” reads the update provided by the company. “Internal software to

article thumbnail

The Deep Roots of Nigeria’s Cybersecurity Problem

WIRED Threat Level

Despite having one of the strongest data-protection policies in Africa, the country’s enforcement and disclosure practices remain dangerously broken.

article thumbnail

Revolut security breach: data of +50,000 users exposed

Security Affairs

Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial technology company Revolut suffered a ‘highly targeted’ cyberattack over the weekend, threat actors had access to the personal information of 0.16% of its customers (approximately 50,000 users). The company states that it has already contacted the impacted customers. “We have contacted the impacted individuals by email with further informati

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

TPx Introduces Penetration Scanning, Expands Security Advisory Services

Dark Reading

TPx, a leading nationwide managed services provider (MSP) delivering cybersecurity, managed networks, and cloud communications, today announced the addition of penetration scanning to its Security Advisory Services portfolio.

article thumbnail

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Security Affairs

Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security Labs discovered a couple of critical vulnerabilities, tracked as CVE–2022–36158 and CVE–2022–36159, impacting the Contec Flexlan FXA3000 and FXA2000 series LAN devices. The FXA3000 and FXA2000 Series are access points that are manufactured by Japan-based firm Contec that conform to IEEE 802.11n/a/b/g wireless.

article thumbnail

FTC Commences Civil Action Against Data Broker for Selling Geolocation Data

Hunton Privacy

On August 29, 2022, the Federal Trade Commission announced a civil action against digital marketing data broker Kochava Inc. for “selling geolocation data from hundreds of millions of mobile devices that can be used to trace the movements of individuals to and from sensitive locations.” The lawsuit seeks a permanent injunction to stop Kochava’s sale of geolocation data and to require the company to delete the geolocation data it has collected. .

Sales 64
article thumbnail

Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online

Security Affairs

Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar Game. Threat actors allegedly compromised Rockstar Game’s Slack server and Confluence wiki and leaked Grand Theft Auto 6 gameplay videos and source code. On September 18, 2022, threat actors that go on GTAForums as ‘teapotuberhacker’ shared on GTAForums a link to a RAR archive containing tens of gameplay videos. teapotuberhacker did not share details of the alleged

Sales 85
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

The California Age-Appropriate Design Code Act Dramatically Expands Business Obligations

Data Matters

On September 2, 2022, the California Age-Appropriate Design Code Act (the “Act”) (effective July 1, 2024) was passed by the California legislature, and on September 15, 2022 was signed into law by Governor Newsom. This Act dramatically expands business obligations and will force entities that provide an online service, product, or feature that is “likely to be accessed by children” (“Product”) to implement stringent privacy settings for users under 18.

Privacy 78
article thumbnail

Cyberattack Costs for US Businesses up by 80%

Dark Reading

Cyberattacks keep inflicting more expensive damage, but firms are responding decisively to the challenge.

84
article thumbnail

Threat Actor of the Month - Shathak

Outpost24

Threat Actor of the Month - Shathak. 19.Sep.2022. Florian Barre. Mon, 09/19/2022 - 07:25. Threat Intelligence. Teaser. Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia.

52
article thumbnail

5 Ways to Improve Fraud Detection and User Experience

Dark Reading

If we know a user is legitimate, then why would we want to make their user experience more challenging?

77
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Tech Rally Haunted by ‘Palpable Fear’ of Chip Industry Weakness via Bloomberg

IG Guru

Check out the article here.

article thumbnail

Jamf Nation introduces Tech Thoughts as a member-requested enhancement

Jamf

Jamf introduces Tech Thoughts, Jamf Nation's technical blog.

52
article thumbnail

DIR 9-19-2022

Info Source

DIR 9-19-2022. To open and read this issue as a PDF (or to download): Cl ick here.

40
article thumbnail

8 Best Password Management Software & Tools for 2022

eSecurity Planet

These days, users need an ever-growing number of online accounts to stay connected with their friends, colleagues, and employers. Since many people use the same passwords or patterns when generating passwords, hackers have more and more opportunities to gain access to sensitive company data. For enterprise organizations with a large workforce that must access a wide variety of applications and databases, the risk is exponentially greater.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

The 8 aspects and 4 layers of data intelligence you must know

Collibra

The information deluge has become a tsunami. Now, more than ever, there’s a huge amount of data available to businesses. Indeed, consumers alone generate 2.5 quintillion bytes of data every day. Yes, we have more information than ever before. But this abundance can be overwhelming. If your organization wants to take full advantage of it, it first needs to make sense of it.

article thumbnail

Real-time analytics on IoT data

IBM Big Data Hub

Join SingleStore and IBM on September 21, 2022 for our webinar “ Accelerating Real-Time IoT Analytics with IBM Cognos and SingleStore ”. Why real-time analytics matters for IoT systems. IoT systems access millions of devices that generate large amounts of streaming data. For some equipment, a single event may prove critical to understanding and responding to the health of the machine in real time, increasing the importance of accurate, reliable data.