Data Breach Today
DECEMBER 15, 2022
EU Legislation Says Mobile Platforms Must Grant Access to Third-Party Apps, Stores Apple is advancing plans to allow Europeans to access third-party app stores via their iPhone and iPad, as will soon be required under European law. What this means in practice for its vaunted walled garden security model, and whether most users will bother, remains unclear.
eSecurity Planet
DECEMBER 15, 2022
Released on November 30, ChatGPT has instantly become a viral online sensation. In a week, the app gained more than one million users. Unlike most other AI research projects, ChatGPT has captivated the interest of ordinary people who do not have PhDs in data science. They can type in queries and get human-like responses. The answers are often succinct.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 15, 2022
Threat Actors Searched Email Inboxes for Cryptocurrency and Financial Information A forensic examination of an email hosting service offered by subsidiaries of Australian telecom firm TPG revealed an intrusion affecting up to 15,000 customers, the company disclosed Wednesday. The breach adds to a growing list of cyber incidents experienced by Australia's telecommunication sector.
IT Governance
DECEMBER 15, 2022
Intersport recently fell victim to a ransomware attack during what should have been the busiest time of the year. The incident occurred in late November, with the sports retail giant gearing up for Black Friday and the start of the World Cup. However, a malware intrusion froze cash registers across its French stores, leaving customers unable to make purchases or use loyalty cards and gift vouchers.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 15, 2022
Krishnamurthy Rajesh on Cyber, Physical Security for Growing Number of Satellites As the world looks into adapting 5G and studying 6G, satellite IoT is opening a new front for connectivity. There will be a demand for more LEO-based satellites for low-power communication, and these satellites will require completely new kinds of security, says Krishnamurthy Rajesh of GreyOrange.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 15, 2022
Businesses should capitalize on AI, ML and robotic process automation to address every event rather than just ignoring the ones deemed unimportant by a SIEM. Palo Alto Networks founder and CTO Nir Zuk says AI can be used to probe security incidents in real time rather than waiting for a breach.
Dark Reading
DECEMBER 15, 2022
Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform.
Data Breach Today
DECEMBER 15, 2022
A ransomware attack knocking out a medical center's imaging and lab equipment is an incident felt by an entire network of healthcare providers. Entities everywhere should plan for outages even when they don't directly experience an attack, say Aftin Ross of the FDA and Penny Chase of MITRE.
Security Affairs
DECEMBER 15, 2022
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote code execution.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 15, 2022
Feds Seize 48 Booter Service Domains U.S. federal prosecutors charged six men ranging in age from 19 to 37 with running distributed denial-of-service attacks for sale on the internet. One of the accused allegedly ran a site, Ipstresser.com, responsible for more than 30 million DDoS attacks.
Collibra
DECEMBER 15, 2022
In November at Data Citizens ‘22, we were thrilled to announce a wave of innovations to make data intelligence easy and accessible to more enterprise data users. These innovations include new capabilities for Collibra Data Intelligence Cloud including the Collibra Data Marketplace. The Collibra Data Marketplace is a user-friendly search interface designed for business users to easily find, understand, and collaborate on data.
Data Breach Today
DECEMBER 15, 2022
Dispute is HHS' 42nd HIPAA 'Right of Access' Enforcement Action Since 2019 A Florida primary care practice will pay a $20,000 financial penalty and implement a corrective action plan to settle a HIPAA right of patient access dispute. The case is the 42nd such dispute resolved by the Department of Health and Human Services since April 2019.
Security Affairs
DECEMBER 15, 2022
The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum. InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emer
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
DECEMBER 15, 2022
How Banks Are Using Behavioral-based Controls and Detecting Malicious Accounts Banks using behavioral-based controls are detecting malicious accounts in 92% of cases before traditional AML and transaction monitoring systems alert the bank.
Security Affairs
DECEMBER 15, 2022
The U.S. Department of Justice (DoJ) seized forty-eight domains that offered DDoS-for-Hire Service Platforms to crooks. The U.S. Department of Justice (DoJ) this week announced the seizure of 48 domains associated with the DDoS-for-Hire Service platforms (aka Booter services) used by threat actors. Below is the list of domains seized by the FBI: anonboot.com. api-sky.xyz astrostress.com booter.sx booter.vip brrsecurity.org buuter.cc cyberstress.us dragonstresser.com dreams-stresser.io freestress
Data Breach Today
DECEMBER 15, 2022
From Medical IoT Security to AppSec Testing, Here's Where Palo Alto Is Going All-In Staying one step ahead of both threat actors and competitors is a tall task for Palo Alto Networks given the breadth of its cybersecurity portfolio. Palo Alto Networks has committed to having best of breed features and functionality in each of the technology categories where it chooses to play.
Security Affairs
DECEMBER 15, 2022
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a spear-phishing campaign targeting Japanese political entities and attributed it to the Chinese-speaking APT group tracked as MirrorFace. The experts tracked the campaign as Operation LiberalFace, it aimed at Japanese political entities, especially the members of a specific political party.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Breach Today
DECEMBER 15, 2022
Companies have transitioned since COVID-19 began from lifting and shifting their existing apps to the cloud to entirely rebuilding their applications in cloud-native form. Palo Alto President BJ Jenkins says companies need "shift left" security to get protection as they're coding and building apps.
Dark Reading
DECEMBER 15, 2022
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?
Data Breach Today
DECEMBER 15, 2022
How to Get the Most Out of Firewall Management Processes Experiencing an attack is only a matter of time. Most organizations are unaware when a breach is made, and threats go undetected for months at a time due to a global lack of visibility, especially when it concerns endpoints. But there are X5 firewall practices to prevent a data breach.
Schneier on Security
DECEMBER 15, 2022
Security researchers found a software bug in the KmsdBot cryptomining botnet: With no error-checking built in, sending KmsdBot a malformed command—like its controllers did one day while Akamai was watching—created a panic crash with an “index out of range” error. Because there’s no persistence, the bot stays down, and malicious agents would need to reinfect a machine and rebuild the bot’s functions.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
WIRED Threat Level
DECEMBER 15, 2022
Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks.
Dark Reading
DECEMBER 15, 2022
InfraGard's members include key security decision-makers and stakeholders from all 16 US civilian critical-infrastructure sectors.
IBM Big Data Hub
DECEMBER 15, 2022
Virtual assistants are valuable, transformative business tools that offer a compelling ROI while improving the customer experience. By 2030, conversational AI chatbots and virtual assistants will handle 30% of interactions that would have otherwise been handled by a human agent—up from 2% in 2022. [i] So why haven’t more companies adopted this solution?
Dark Reading
DECEMBER 15, 2022
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
National Archives Records Express
DECEMBER 15, 2022
As we announced in a previous post , we are requesting comments on the Universal Electronic Records Management Requirements as part of our Federal Electronic Records Modernization Initiative (FERMI). Please share widely so we can receive comments from a variety of stakeholders. We would like to receive all comments by Friday, December 30, 2022. If you have any questions, please leave a comment or email us at rmpolicy@nara.gov.
Dark Reading
DECEMBER 15, 2022
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
WIRED Threat Level
DECEMBER 15, 2022
How do you keep Facebook easy to use without being trivial to exploit? The company is trying to chart a middle ground.
Expert insights. Personalized for you.
144 
Let's personalize your content