KnowBe4

SEPTEMBER 14, 2022

October is Cybersecurity Awareness Month, and you are undoubtedly being bombarded with some fantastic advice on how to stay cyber safe.

Security awareness 132

Security awareness Security Cybersecurity 132

Data Breach Today

SEPTEMBER 14, 2022

Rapid Security Response, Lockdown Mode and Passkey Among Security Enhancements Apple issued a patch for a zero day vulnerability likely exploited in the wild that allows a malicious iPhone app to execute arbitrary code with kernel-level privileges, marking the second smartphone kernel code execution bug fixed by the company in as many months.

Security 240

Security 240

Krebs on Security

SEPTEMBER 14, 2022

This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16 , which offers a new privacy and security feature called “ Lockdown Mode.” And Adobe axed 63 vulnerabilities i

Privacy 175

Privacy Security Authentication Cybersecurity 175

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. In 2021 alone, IC3 received 847,376 complaints which amounted to $6.9 billion in reported losses, up from 2020’s 791,790 complaints and $4.2 billion in reported losses.

Energy and Utilities 116

Energy and Utilities Phishing Blockchain Cybersecurity 116

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

KnowBe4

SEPTEMBER 14, 2022

Security researchers at Cisco Talos have issued an update on the cyberattack Cisco sustained earlier this year. The attack began with a phishing attack against a Cisco employee, which led to the attackers stealing data and attempting to extort the company with the threat of releasing the stolen information.

Phishing 99

Phishing Security 99

Dark Reading

SEPTEMBER 14, 2022

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

Honeypots 97

Honeypots Cloud Security 97

Security Affairs

SEPTEMBER 14, 2022

Twitter whistleblower, and former head of security, Peiter Zatko, told the US Congress that the platform ignored his security concerns. Peiter ‘Mudge’ Zatko , former head of security, testified in front of Congress on Tuesday, sustaining that the platform ignored his security concerns and was vulnerable to cyber attacks. Zatko filed a whistleblower complaint in July with Congress, the justice department, the Federal Trade Commission and the Securities and Exchange Commission, arguing that Twitte

Security 82

Security Cybersecurity IT Information Security 82

Dark Reading

SEPTEMBER 14, 2022

With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background.

Cybersecurity 98

Cybersecurity Education 98

Jamf

SEPTEMBER 14, 2022

Apple's iOS 16 is out and iPadOS 16 is on the way. Learn what these new operating systems mean for commercial organizations.

98

98

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

SEPTEMBER 14, 2022

Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.

96

96

WIRED Threat Level

SEPTEMBER 14, 2022

Yurii Shchyhol gives WIRED a rare interview about running the country’s Derzhspetszviazok and the state of the online conflict with Russia.

Security 85

Security 85

Security Affairs

SEPTEMBER 14, 2022

Microsoft released September 2022 Patch Tuesday security updates to address 64 flaws, including an actively exploited Windows zero-day. Microsoft September 2022 Patch Tuesday security updates address 64 vulnerabilities, including an actively exploited Windows zero-day. The flaws fixed by the IT giant impact Microsoft Windows and Windows Components; Azure and Azure Arc; NET and Visual Studio and.NET Framework; Microsoft Edge (Chromium-based); Office and Office Components; Windows Defender; and Li

Access 73

Access Security IT Information Security 73

Schneier on Security

SEPTEMBER 14, 2022

People are trying to dig up dirt on Peiter Zatko, better known as Mudge. For the record, I have not been contacted. I’m not sure if I should feel slighted.

77

77

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

John Battelle's Searchblog

SEPTEMBER 14, 2022

Well, until it’s not. I hope to write something more thoughtful soon, but this piece from CNBC prompted me to at least jot down a placeholder: Apple is clearly coming for the ads business, and it’s starting exactly where Facebook did ten years ago: The app download marketplace. First, the news – not that it’s that new given many smarter observers have noticed Apple’s recent pivot to advertising.

Privacy 72

Privacy IT 72

Dark Reading

SEPTEMBER 14, 2022

Twitter did not know what data it had nor who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.

Access 72

Access IT 72

WIRED Threat Level

SEPTEMBER 14, 2022

Peiter “Mudge” Zatko’s allegations about the social media platform renewed a sense of urgency for lawmakers to rein in Big Tech.

Privacy 76

Privacy Security 76

OpenText Information Management

SEPTEMBER 14, 2022

We are excited to be back to an in-person event again for OpenText World in Las Vegas. Transformation and change continue to be at the top of most companies’ agendas during these times and while digital transformation was happening before, now it is at an accelerated pace. Information management is taking center stage as organizations … The post Join us for Customer Solutions Sessions at OpenText World Las Vegas 2022 appeared first on OpenText Blogs.

Digital transformation 59

Digital transformation IT Cloud Security 59

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

SEPTEMBER 14, 2022

Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.

Access 84

Access 84

The Security Ledger

SEPTEMBER 14, 2022

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.”. The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related Stories Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen Episode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko

Cloud 52

Cloud Passwords Retail Business Services 52

Dark Reading

SEPTEMBER 14, 2022

New executive order stops short of mandating NIST's guidelines, but recommends SBOMs for federal agencies across government.

Government 70

Government 70

Zapproved

SEPTEMBER 14, 2022

Even with the proliferation of digital platforms and channels, email remains far and away the biggest data source for ediscovery. And while the process has come a long way from the days of lugging around boxes of paper and laboring over copious digital data, there are still enormous challenges facing legal teams in the world […].

Paper 52

Paper 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Collibra

SEPTEMBER 14, 2022

Seven years ago, Collibra coined the term Data Citizens and dreamed of bringing our data intelligence community together from all around the world. Today, we now have the world’s most innovative community of data intelligence leaders. Come join us in San Diego Nov. 1-3 and experience the very latest in insights, trends, and cutting-edge training to get you thriving with data across your organization.

Cloud 52

Cloud IT 52

Dark Reading

SEPTEMBER 14, 2022

This Tech Tip walks through the steps to set up signed commits with SSH keys stored in 1Password.

70

70

IG Guru

SEPTEMBER 14, 2022

Check out the font here.

Records Management 81

Records Management Education 81

Archive-It

SEPTEMBER 14, 2022

by Melody Kramer, Graduate Student (Master of Library and Information Science), University of North Carolina at Greensboro. Each year, thousands of people run for local political offices across the United States. Many of them create websites and social media sites to reach potential voters. But after each election cycle, thousands of candidate websites disappear from the web.

Archiving 26

Archiving Libraries Metadata Communications 26

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Schneier on Security

SEPTEMBER 14, 2022

This is a current list of where and when I am scheduled to speak: I’m speaking as part of a Geneva Centre for Security Policy course on Cyber Security in the Context of International Security , online, on September 22, 2022. I’m speaking at IT-Security INSIDE 2022 in Zurich, Switzerland, on September 22, 2022. The list is maintained on this page.

Security 14

Security IT 14

ForAllSecure

SEPTEMBER 14, 2022

Playing Capture the Flag challenges you to solve problems creatively -- something that is missing in computer science programs. What else is needed? In this episode of The Hacker Mind, we return to where we started in Episode One: Why is West Point -- and for that matter, others -- Training Hackers? Think of this as the greatest hits from The Hacker Mind, with insights from @sciencemanz , @zaratec4 , @eryeh , @tjbecker_ , and @_johnhammond offering insights on how playing Capture the Flag helped

Military 40

Military IT Education Cybersecurity 40

Security Affairs

SEPTEMBER 14, 2022

Threat actors are actively exploiting a zero-day vulnerability in the WPGateway premium plugin to target WordPress websites. The Wordfence Threat Intelligence team reported that threat actors are actively exploiting a zero-day vulnerability ( CVE-2022-3180 ) in the WPGateway premium plugin in attacks aimed at WordPress sites. The WPGateway plugin is a premium plugin that allows users of the WPGateway cloud service to setup and manage WordPress sites from a single dashboard.

Cloud 81

Cloud Access IT Security 81