Data Breach Today
JANUARY 20, 2023
Since Hydra Market Got Shuttered by Police, Russian Rivals Battle for Market Share Competition between rival Russian-language darknet markets remains fierce since police shuttered Hydra last year. The latest to fall dark is Solaris, which controlled an estimated 25% of the darknet drug trade. It got hacked by newcomer rival Kraken. But that wasn't Solaris' only problem.
eSecurity Planet
JANUARY 20, 2023
CyberArk researchers are warning that OpenAI’s popular new AI tool ChatGPT can be used to create polymorphic malware. “[ChatGPT]’s impressive features offer fast and intuitive code examples, which are incredibly beneficial for anyone in the software business,” CyberArk researchers Eran Shimony and Omer Tsarfati wrote this week in a blog post that was itself apparently written by AI. “However, we find that its ability to write sophisticated malware that holds no mali
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 20, 2023
Also: Netskope's SASE Vision; The Compassionate CISO In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.
KnowBe4
JANUARY 20, 2023
An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails claiming to be from DocuSign.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JANUARY 20, 2023
Why Clients Should Go Beyond Logs and Probe Transaction Data and System Interfaces Optiv has gone beyond examining log data and classic managed security services work to pursue threats across a broader swath of structured and unstructured data. The company has focused on finding threats outside of a log environment by examining system-to-system interfaces and transactional data.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JANUARY 20, 2023
Internet-Facing Appliances Are a Target for State-Backed Hackers Security appliances are targets for sophisticated threat actors who take advantage of devices' limited configuration and logging features, as well as their incompatibility with endpoint detection and response. Suspected Chinese hackers took advantage of a Fortinet zero-day to implant a backdoor.
WIRED Threat Level
JANUARY 20, 2023
Research shows that relatively few people exist in perfectly sealed-off media bubbles—but they’re still having an outsize impact on US politics.
Data Breach Today
JANUARY 20, 2023
In this episode of "Cybersecurity Unplugged," Galit Lubetzky Sharon, CTO of Wing Security, discusses the challenge of securing SaaS applications, which are decentralized and ever-expanding. She describes how Wing Security manages app inventories and issues of compliance, remediation and privacy.
Dark Reading
JANUARY 20, 2023
Head off account takeover attacks by being proactive about IoT security. Start with designing and building better security protocols into IoT devices, always change weak default configurations, and regularly apply patches to ensure that IoT devices are secure.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JANUARY 20, 2023
How eSentire Used Its $325 Million Investment to Boost Customers' Cyber Resiliency eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency. The Kitchener, Canada-based company has shifted its focus from alerts and data to business worries and business risk.
KnowBe4
JANUARY 20, 2023
Finally some good news from the ransomware front! Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an estimated $456.8 million - 40% less than the astounding total of $765 million in ransom payments from 2020 and 2021.
Data Breach Today
JANUARY 20, 2023
Human Error, Not Hackers, Behind Hourslong System Outage That Grounded Flights Contractors for the Federal Aviation Administration who attempted to correct a database synchronization issue ended up causing an hourslong outage to a key flight safety system, says the agency. No evidence exists that hackers caused the Jan. 11 airspace snafu.
Dark Reading
JANUARY 20, 2023
Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
JANUARY 20, 2023
An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a European government entity and a managed service provider located in Africa.
HID Global
JANUARY 20, 2023
MFA can serve as a fundamental piece of a cybersecurity puzzle for small and medium businesses by allowing them to quickly increase security and convenience.
Security Affairs
JANUARY 20, 2023
PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. The company added that the unauthorized accessed were the result of credential stuffing attacks and that its systems were not breached.
KnowBe4
JANUARY 20, 2023
Malicious use of the text-based AI has already begun to be seen in the wild, and speculative ways attackers can use ChatGPT may spell temporary doom for cybersecurity solutions.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Micro Focus
JANUARY 20, 2023
As a technical partner, Micro Focus provides world-class software and services that support Jaguar TCS Racing with the goal of developing more sustainable mobility solutions. The post Jaguar TCS Racing and Micro Focus— Sustainability at Peak Velocity appeared first on Micro Focus Blog.
KnowBe4
JANUARY 20, 2023
New data shows that SMBs can clearly see where they have cybersecurity issues and are taking great strides to put their devoted budget to security technology and services that actually have a chance at solving the problem!
WIRED Threat Level
JANUARY 20, 2023
New research from Cloudflare shows that connectivity disruptions are becoming a problem around the globe, pointing toward a troubling new normal.
Dark Reading
JANUARY 20, 2023
This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
WIRED Threat Level
JANUARY 20, 2023
The mobile operator just suffered at least its fifth data breach since 2018, despite promising to spend a fortune shoring up its systems.
Dark Reading
JANUARY 20, 2023
Serious security flaws go unpatched, and ransomware attacks increase against manufacturers.
OpenText Information Management
JANUARY 20, 2023
Anyone familiar with packet forensics or packet recording knows you can spend hours poring over bulk information and waiting for a response. With Smart PCAP, you get information that is instant, meaningful, and finely tuned to your needs. Smart PCAP solutions provide a more intelligent way to diagnose and solve network problems. OpenText’s Network Detection … The post Smart PCAP: A time machine for the SOC appeared first on OpenText Blogs.
Dark Reading
JANUARY 20, 2023
Orca Security is one of the companies integrating conversational AI technology into its products.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Hunton Privacy
JANUARY 20, 2023
On January 4, 2023, the Irish Data Protection Commission (“DPC”) announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. (“Meta”) with respect to the company’s Instagram and Facebook platforms. As a result of the investigations, the DPC fined Meta a combined €390 million for breaches of the EU General Data Protection Regulation (“GDPR”) and, following consultation with the European Data Protection Board (“EDPB”), notably held that Meta can no longer r
Dark Reading
JANUARY 20, 2023
Two new reports show ransomware revenues for threat actors dropped sharply in 2022 as more victims ignored ransom demands.
The Security Ledger
JANUARY 20, 2023
U.S. Telecommunications giant T-Mobile disclosed on Thursday that hackers obtained data on 37 million customers through a vulnerable API (application program interface). The disclosure was included in an 8-K filing with the U.S. Securities and Exchange Commission. The post T-Mobile: Leaky API Exposes Data on 37 Million appeared first on The. Read the whole entry. » Related Stories IoCs vs.
Expert insights. Personalized for you.
218 
Let's personalize your content