Data Breach Today
DECEMBER 1, 2022
Feds Warn Impermissible Disclosures of Patient Health Data is Prohibited Federal regulators issued a warning to healthcare entities and their tech vendors that the use of tracking code embedded in patient portals that transmits patient information to third-parties could be a violation of HIPAA, and punishable with monetary fines.
Krebs on Security
DECEMBER 1, 2022
ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 1, 2022
Australian Information Commissioner Will Investigate Insurer's Security Practices The Russia-based ransomware gang behind the hack of Australia's largest private health insurer says it posted a full set of stolen data. The Australian Information Commissioner said it will probe the insurer's personal information handling practices.
Security Affairs
DECEMBER 1, 2022
Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. Threat actors are exploiting a critical vulnerability, tracked as CVE-2022-0543 , in Redis (Remote Dictionary Server) servers.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 1, 2022
CIOs Are Using the Economic Downturn as Rationale to Consolidate on Zscaler's Tools Zscaler has notched large, multi-year, multi-pillar deals as the economic downturn prompts clients to seek replacements for expensive legacy point products, says CEO Jay Chaudhry. Clients are increasingly buying Zscaler's secure web gateway, private access and digital experience tools as one bundle.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 1, 2022
Attrition Falls, Customer Identity Sales Rise, But Some SMBs Are Pumping the Brakes Okta has stemmed employee attrition and accelerated customer identity sales by clarifying product function but now has to grapple with longer sales cycles for small to midsized businesses. Okta says efforts to reposition its customer identity offering over the past quarter have borne fruit.
IT Governance
DECEMBER 1, 2022
Welcome to our November 2022 review of data breaches and cyber attacks. We identified 95 security incidents throughout the month, accounting for 32,051,144 breached records. Almost half of that figure comes from two incidents. The first was a data breach at Twitter, in the latest PR disaster for the social media giant. Reports emerged late last week that user records were stolen using an API vulnerability that has since been fixed.
Data Breach Today
DECEMBER 1, 2022
The latest edition of the ISMG Security Report discusses why too few organizations admit to being victims of ransomware attacks, how delayed enterprise subscription start dates forced CrowdStrike to cut sales forecasts, and leveraging threat intelligence to protect critical infrastructure.
Dark Reading
DECEMBER 1, 2022
The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of development environment.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 1, 2022
Search and Security Firm Will Adopt Automated, Low-Touch Motion for SMB Customers Security, observability and search vendor Elastic will shrink its workforce by 13% due to small and medium businesses reducing their purchases amid the economic downturn. Elastic will lay off nearly 400 of its 3,056 employees as it adopts an automated, low-touch motion for SMB customers.
Security Affairs
DECEMBER 1, 2022
North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37 , Reaper, and Group123) in attacks aimed at targets in South Korea. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnera
DLA Piper Privacy Matters
DECEMBER 1, 2022
Authors: Ewa Kurowska-Tober, Andrew Serwin, John N Gevertz and Piotr Czulak. The CJEU recently ruled that a Luxembourg law adopted in 2019 in accordance with the amended anti-money-laundering directive [1] (“ AML Directive ”), which required the disclosure and publication of certain information on the beneficial owners of entities registered in the Register of Beneficial Ownership, was invalid because it interfered with the right to privacy.
Hunton Privacy
DECEMBER 1, 2022
On November 22, 2022, the Court of Justice of the European Union (“CJEU”) determined in a preliminary ruling that the general public’s access to information on beneficial ownership constitutes a serious interference with the fundamental rights to respect for private life and to the protection of personal data, enshrined in Articles 7 and 8 of the Charter of Fundamental Human Rights (the “Charter”).
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
eSecurity Planet
DECEMBER 1, 2022
Archive files are now the most common file type used to deliver malware – eclipsing Microsoft Office files for the first time – according to HP Wolf Security’s Q3 2022 Quarterly Threat Insights Report. Forty-four percent of malware was delivered via archive files in the third quarter of 2022, 11 percent more than the previous quarter and far more than the 32 percent delivered through Office files.
Security Affairs
DECEMBER 1, 2022
Data breaches can be devastating for organizations, these are 3 of the worst incidents that could have been prevented. Data breaches can be devastating for organizations and even entire countries. Eliminating the risk of a data breach is nearly impossible, but some things can be done to reduce it significantly. Here are three of the worst data breaches that could have been avoided: Yahoo.
Schneier on Security
DECEMBER 1, 2022
This is new : Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed security bug that would have allowed a savvy hacker to hijack vehicles and steal user data. According to researchers, the bug was in the car’s Sirius XM telematics infrastructure and would have allowed a hacker to remotely locate a vehicle, unlock and start it, flash the lights, honk the horn, pop the trunk, and access sensit
KnowBe4
DECEMBER 1, 2022
Law enforcement authorities across Europe, Australia, the United States, Ukraine, and Canada have taken down a popular website used by cybercriminals to impersonate major corporations in voice phishing (vishing) attacks. The website, called “iSpoof,” allowed scammers to pay for spoofed phone numbers so they could appear to be calling from legitimate organizations.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
DECEMBER 1, 2022
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
WIRED Threat Level
DECEMBER 1, 2022
As authorities hit citizens with more violence, the social network is proving key to documenting abuses. If it breaks, a human rights lifeline may disappear.
Dark Reading
DECEMBER 1, 2022
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
Jamf
DECEMBER 1, 2022
Jamf Safe Internet now protects students from inappropriate content as well as over-surveillance on Chromebook.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
DECEMBER 1, 2022
As consumers catch on to the dangers, protection could become a major topic for legislative bodies.
The Guardian Data Protection
DECEMBER 1, 2022
Experts suggest using multifactor authentication and telling your bank to put extra security checks in place Follow our Australia news live blog for the latest updates Get our morning and afternoon news emails, free app or daily news podcast Millions of Medibank’s current and former customers have had their personal information, including health claims, exposed in a hack of the company’s customer database.
Dark Reading
DECEMBER 1, 2022
No longer the realm of lone wolves, the world of cybercrime is increasingly strategic, commoditized, and collaborative.
Micro Focus
DECEMBER 1, 2022
On December 1, 2022, Micro Focus announced its renewed partnership with Jaguar TCS Racing as part of our overall commitment to embracing environmental sustainability and shifting to a lower-carbon economy. The post Micro Focus + Jaguar TCS Racing Renewed for Season 9 and Beyond appeared first on Micro Focus Blog.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
DECEMBER 1, 2022
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
Hunton Privacy
DECEMBER 1, 2022
On November 21, 2022, Meta Platforms, Inc. (“Meta”) announced updated practices designed to protect the privacy of young people on Facebook and Instagram, including default privacy settings for new accounts, measures to limit unwanted interactions with adult users, and a tool to limit the spread of teens’ intimate images online. Beginning on November 21, 2022, Meta will default all new Facebook users under the age of 16 (or under 18 in certain countries) into more private settings.
Dark Reading
DECEMBER 1, 2022
Amazon Security Lake will allow organizations to create a purpose-built, standards-based data lake to aggregate and store security data.
Expert insights. Personalized for you.
308 
Let's personalize your content