Data Breach Today
NOVEMBER 16, 2022
Cybereason's Sam Curry on the Financial and Business Impact of After-Hours Strikes Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays.
Krebs on Security
NOVEMBER 16, 2022
A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
NOVEMBER 16, 2022
Claims Processing Firm Says Affected Data Is Up to a Decade or More Old A server misconfiguration at Kentucky-based CorrectCare Integrated Health Inc., a firm that provides medical claims processing for correctional facilities, has exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.
Security Affairs
NOVEMBER 16, 2022
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS. The experts also discovered several bypasses of security controls that the security vendor F5 does not recognize as exploitable vulnerabilities.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
NOVEMBER 16, 2022
Scanlan Wants to Get NDR Vendor to $500M ARR by Revamping the Go-to-Market Plan ExtraHop has snagged high-profile Check Point, Cylance and Optiv executive Chris Scanlan to help the network security provider reach $500 million in annual recurring revenue. The Seattle-based network detection and response vendor has tasked Scanlan with strengthening ExtraHop's go-to-market motion.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
NOVEMBER 16, 2022
Hackers Exploited an Unpatched VMWare Horizon Server to Gain Access Iranian hackers used Log4Shell to penetrate the network of an unnamed federal agency where they stole passwords and implanted cryptocurrency mining software. Whether the Iranians were acting wholly on Tehran's behalf, on their own behalf, or both, is uncertain.
Security Affairs
NOVEMBER 16, 2022
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised a Federal Civilian Executive Branch (FCEB) organization using an exploit for the Log4Shell flaw ( CVE-2021-44228 ) and deployed a cryptomining malware.
Data Breach Today
NOVEMBER 16, 2022
Complexity is the enemy of security, and information technology grows ever more complex. Have we created a problem space in computing so complicated that we will be unable to safely operate in it for its intended purposes? Fred Cohen says that's unlikely. He discusses managing risk in the future.
Schneier on Security
NOVEMBER 16, 2022
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a software company that also carries out data processing.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
NOVEMBER 16, 2022
European Data Protection Authorities Advise Using Loaner Phones Soccer fans watching the 2022 FIFA World Cup live from Doha should think twice about installing two apps developed for the Qatari government, warn multiple European data protection authorities. The apps likely open the door to surveillance by authorities with a spotty human rights track record.
Security Affairs
NOVEMBER 16, 2022
Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android 13 devices in early 2023. Google announced it will roll out the Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year. The Privacy Sandbox aims at creating technologies to protect people’s privacy online limiting covert tracking.
Data Protection Report
NOVEMBER 16, 2022
2022 has been a record year for Illinois Biometric Information Privacy Act (“BIPA”) litigation. Since its enactment in 2008, BIPA has been one of the most litigated privacy-related laws with some of the highest penalties. However, it wasn’t until last month that the first BIPA jury verdict was ever rendered. The award, a whopping $228 million, cements BIPA as one of the most important laws for businesses to be aware of when shaping their privacy practices.
Hanzo Learning Center
NOVEMBER 16, 2022
When looking at any process, there are often things to consider before step one, and HR investigations are no different. Here are three best practices your investigations team should follow once a triggering event has taken place but before the investigation has begun.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
NOVEMBER 16, 2022
Suzanne Smalley at Cyberscoop reported: "FBI Director Christopher Wray told Congress on Tuesday he is “extremely concerned” that Beijing could weaponize data collected through TikTok, the wildly popular app owned by the Chinese company ByteDance. Wray said during a House Homeland Security Committee hearing on worldwide threats that application programming interfaces, or APIs, that ByteDance embeds in TikTok are a national security concern since Beijing could use them to “control data collection
Dark Reading
NOVEMBER 16, 2022
President Zelensky offers hard-won Ukrainian cybersecurity expertise to other countries that want to protect citizen populations.
KnowBe4
NOVEMBER 16, 2022
Researchers at Cyjax describe a large phishing campaign being run by a China-based financially motivated threat actor called “Fangxiao.” The threat actor has been active since at least 2017, and has used more than 42,000 domains in its phishing operations.
Dark Reading
NOVEMBER 16, 2022
Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
NOVEMBER 16, 2022
New research found pervasive use of tracking tech on substance-abuse-focused health care websites, potentially endangering users in a post-Roe world.
Dark Reading
NOVEMBER 16, 2022
The cybersecurity industry is facing a challenge to find qualified candidates. Here’s what recruiters, educators, and employers can do to fill the talent gap.
OpenText Information Management
NOVEMBER 16, 2022
Healthcare runs on fax. Depending on the crowd, it may draw sighs of frustration, but fax is a vital tool in an industry that demands secure information exchange. Despite many efforts over the years to eliminate it, fax persists. As one of the only genuinely secure, affordable, and seamlessly compatible tools for information exchange, it’s … The post Fax and the future of healthcare delivery appeared first on OpenText Blogs.
Dark Reading
NOVEMBER 16, 2022
Fresh startup BoostSecurity has an SaaS platform for developers and security teams that provides automated tools to shore up cybersecurity within the software supply chain.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
OpenText Information Management
NOVEMBER 16, 2022
The workplace is changing. The traditional, office-based approach to work is being replaced by digital processes that deliver on the demands of today’s market. Without transitioning from manual processes and legacy applications to modern ways of work, businesses risk being left behind by the competition. At the heart of modern work is information management.
Dark Reading
NOVEMBER 16, 2022
A service that allows organizations to back up data in the cloud can accidentally leak sensitive data to the public Internet, paving the way for abuse by threat actors.
KnowBe4
NOVEMBER 16, 2022
Major cryptocurrency company FTX recently filed for bankruptcy, and there's a big phishing campaign on the loose targeting FTX users.
Dark Reading
NOVEMBER 16, 2022
Security executives are leaning into the powerful twinning of XDR and automated management to reduce the risk and impact of ransomware.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
The Guardian Data Protection
NOVEMBER 16, 2022
Snug gives renters a score based on their profile that is meant to match them to properties, but critics say the process is opaque and skirts the law on rental bidding Get our morning and afternoon news emails , free app or daily news podcast One of Australia’s fastest growing rental application platforms is using renters’ data in obscure and potentially discriminatory ways to “score” their applications against rental properties, and gives them a higher score when they offer to pay more rent, a
Dark Reading
NOVEMBER 16, 2022
Be proactive about data defense. Start with the right data, leverage domain expertise, and create models that help you target the most critical vulnerabilities.
Hunton Privacy
NOVEMBER 16, 2022
On November 14, 2022, Judge Edward J. Davila of the Northern District of California approved a $90 million privacy settlement against Meta Platforms, Inc. (formerly Facebook, Inc.) for unlawfully tracking user information when users were logged out of the site. Under the order granting plaintiffs’ motion for final approval of the class action settlement and attorney fees, Facebook must pay $90 million dollars in settlements, of which $26.1 million will be for attorney fees, and delete certain “w
Expert insights. Personalized for you.
279 
Let's personalize your content