Tue.Sep 13, 2022

article thumbnail

Efficient Ediscovery for Gmail & Other Complex Collaboration Data

Hanzo Learning Center

Organizations that use Gmail for business communications need a way to preserve and extract discoverable information in the event of litigation. The question is, how?

article thumbnail

Tesla Hack Could Allow Car Theft, Security Researchers Warn

Data Breach Today

Attack Requires 2 People, Customized Gear and Very Close Proximity to the Victim Security researchers revealed yet another method for stealing a Tesla although the brand is one of the least-stolen cars and among the most recovered once pilfered. The newest example comes from internet of things security company IOActive in an attack involving two people and customized gear.

Security 286
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Apple fixed the eighth actively exploited zero-day this year

Security Affairs

Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple has released security updates to fix a zero-day vulnerability, tracked as CVE-2022-32917, which is actively exploited in attacks against iPhone and Mac devices. This is the eighth zero-day vulnerability fixed by the IT giant since the start of the year. “An application may be able to execute arbitrary code with kernel privileges.” reads the advisor

Security 112
article thumbnail

Assessing the Security Risks of Emerging Tech in Healthcare

Data Breach Today

Federal Authorities Urge Healthcare Sector Entities to Take Caution A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

How Defence in Depth Can Help Organisations Tackle Complex Cyber Security Risks

IT Governance

The war against cyber crime has, for some time, been a losing battle. Organisations are reporting record numbers of data breaches, while the costs associated with those incidents continue to spiral. According to Cisco’s 2022 Cybersecurity Almanac , the amount of money organisations spend recovering from cyber attacks is expected to increase by 75% in the five-year period from 2021 to 2025, reaching as much as $10.5 trillion (about £8.9 trillion). .

Risk 110

More Trending

article thumbnail

FTC Commercial Surveillance and Data Security Forum Highlights Industry and Consumer Perspectives

Hunton Privacy

On September 8, 2022, the Federal Trade Commission hosted a virtual public forum on its Advanced Notice of Proposed Rulemaking (“ANPR”) concerning “commercial surveillance and lax data security.” The forum featured remarks from FTC Chair Lina Kahn, Commissioner Rebecca Kelly Slaughter and Commissioner Alvaro Bedoya, as well as panels with industry leaders and consumer advocates.

Security 101
article thumbnail

Ex-Twitter Security Honcho Peiter Zatko Faces Senate Panel

Data Breach Today

Appearing on Capitol Hill, Peiter Zatko Accuses Executives of Prioritizing Profits Twitter security exec-turned-whistleblower Peiter Zatko today listed alleged security and privacy shortcomings of the social media company for a Senate panel. "It's not farfetched to say that an employee inside the company could take over the accounts of all of the senators in this room," he said.

Security 242
article thumbnail

The importance of web application security: keeping your web apps safe

Outpost24

The importance of web application security: keeping your web apps safe. 13.Sep.2022. Florian Barre. Tue, 09/13/2022 - 07:32. Application security. Teaser. Web application security is crucial for any organization that relies on web-based applications. Learn about the importance of web application security and best practices for keeping your organization safe.

article thumbnail

California Prison System Says 236,000 Affected by Hack

Data Breach Today

Mental Health Records Dating Back 14 Years, Plus COVID Test Info Breached The California Department of Corrections and Rehabilitation reported a hacking incident that affected 236,000 individuals, potentially including any current or former inmate who since 2008 received a mental health diagnosis while incarcerated.

238
238
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Trend Micro addresses actively exploited Apex One zero-day

Security Affairs

Trend Micro addressed multiple vulnerabilities in its Apex One endpoint security product, including actively exploited zero-day flaws. Trend Micro announced this week the release of security patches to address multiple vulnerabilities in its Apex One endpoint security product, including a zero-day vulnerability, tracked as CVE-2022-40139 (CVSS 3.0 SCORE 7.2), which is actively exploited.

article thumbnail

Hitachi Sells Identity Management Business to Volaris Group

Data Breach Today

CEO Says Newly Renamed Bravura Security a Good Fit With Volaris' Software Strength Japanese conglomerate Hitachi has sold its small identity-as-a-service practice to Canadian software specialist Volaris Group to drive better execution around core products. The firm found it was easy to get lost within Hitachi given the conglomerate's size and focus on electronics and engineering.

Security 237
article thumbnail

Scammer Continues Phishing From Prison

KnowBe4

Dutch authorities have announced that an imprisoned scammer was running a phishing operation from his jail cell, Cybernews reports. The crook used four mobile phones to post malicious ads on Marktplaats, a popular Dutch classifieds site. The Northern Netherlands District Prosecutor's Office said in a statement that the scammer targeted more than a thousand people over the course of a few months.

article thumbnail

Feds Get 1st Guilty Plea in Coinbase Insider Trading Case

Data Breach Today

Nikhil Wahi to Be Sentenced on Dec. 13 for Conspiracy to Commit Wire Fraud The U.S. Department of Justice obtained its first ever guilty plea in a cryptocurrency insider trading case after Nikhil Wahi, 26, admitted to a scheme to buy crypto assets ahead of their listing on Coinbase. Wahi is one of a trio facing charges that includes his brother, a former Coinbase employee.

IT 236
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Report: 80% of Phishing Attacks Leverage Legitimate Web Infrastructure and Services

KnowBe4

Threat actors are taking advantage of every free tool and service they can to improve their changes of successfully fooling security solutions, with compromised websites taking the lead.

article thumbnail

Behind Agency Doors: Where Is Security Progress Being Made?

Data Breach Today

In this episode of "Cybersecurity Unplugged," U.S. Air Force Chief Software Officer Nicolas M. Chaillan, a former DHS and DOD adviser, shares his opinions about the government's handling of DevSecOps and cybersecurity, where progress is being made and where more work needs to be done.

article thumbnail

Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems

Dark Reading

The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.

article thumbnail

Identity is a Human Rights Issue

HID Global

Proving who you are is integral to taking part in today’s world. Lack of legal ID systemically limits people’s lives & is a global issue.

98
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Cyber espionage campaign targets Asian countries since 2021

Security Affairs

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a

article thumbnail

U-Haul Customer Contract Search Tool Compromised

Dark Reading

Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.

article thumbnail

Ransomware Gangs Improve Attack Speed and Evade Detection with New "Intermittent Encryption" Tactic

KnowBe4

As ransomware gangs look for new ways to improve their execution, this relatively new encryption tactic has been gaining popularity in multiple ransomware families.

article thumbnail

Student empowerment: Amplifying student voices through technology

Jamf

The Jamf Student app makes it easier for learners to access assigned content and to communicate flexibly and efficiently with teachers.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

FBI Seizes Stolen Cryptocurrencies

Schneier on Security

The Wall Street Journal is reporting that the FBI has recovered over $30 million in cryptocurrency stolen by North Korean hackers earlier this year. It’s only a fraction of the $540 million stolen, but it’s something. The Axie Infinity recovery represents a shift in law enforcement’s ability to trace funds through a web of so-called crypto addresses, the virtual accounts where cryptocurrencies are stored.

article thumbnail

A reasoned approach to managing digital sovereignty

Thales Cloud Protection & Licensing

A reasoned approach to managing digital sovereignty. sparsh. Tue, 09/13/2022 - 05:43. The cloud is getting bigger and more complex to manage by the minute. According to the global edition of Thales’s 2022 Cloud Security Study : The shift to modern, multicloud infrastructure is in full swing, and organizations have to build security capabilities that will support it.

Cloud 70
article thumbnail

ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools

Dark Reading

Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer.

article thumbnail

Striving for 100% Completion Rates: Getting Compliance on Your Compliance Training

KnowBe4

You might think 100% completion rates on any employee training sounds too good to be true. But, getting compliance on your compliance training is possible!

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign

Dark Reading

Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.

article thumbnail

[HEADS UP] Online Scams on Queen Elizabeth's Death is Here

KnowBe4

The Sun just reported that experts are sending a warning about online scams in relation to Queen Elizabeth's passing.

article thumbnail

Cisco Data Breach Attributed to Lapsus$ Ransomware Group

Dark Reading

Analysis shows attackers breached employee credentials with voice phishing and were preparing a ransomware attack against Cisco Systems.