Data Breach Today
FEBRUARY 3, 2023
Spoofed Polish Police Websites Also Found Ukrainian and Polish cyber defenders are warning against a slew of phishing websites that mimic official sites, in particular a page that mimics the Ministry of Foreign Affairs of Ukraine. A hacking group likely comprised of Russian speakers uses the pages to lure users into downloading software.
Security Affairs
FEBRUARY 3, 2023
VMware addressed a high-severity privilege escalation vulnerability, tracked as CVE-2023-20854, in VMware Workstation. VMware fixed a high-severity privilege escalation flaw, tracked as CVE-2023-20854, that impacts Workstation. An attacker can exploit the vulnerability to delete arbitrary files on Workstation version 17.x for Windows OS. “An arbitrary file deletion vulnerability in VMware Workstation was privately reported to VMware.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 3, 2023
Mary O'Brien on How External Attack Surface Management Finds Internet-Facing Issues Companies can be blinded by their inside-out view and often benefit from another set of eyes that see their business the same way an attacker would, says IBM's Mary O'Brien. IBM's acquisition of attack surface management firm Randori gives clients another view of areas that need to be remediated.
Security Affairs
FEBRUARY 3, 2023
Cisco fixed a high-severity flaw in the IOx application hosting environment that can be exploited in command injection attacks. Cisco has released security updates to address a command injection vulnerability, tracked as CVE-2023-20076, in the Cisco IOx application hosting environment. “A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system.” reads the
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 3, 2023
Hospitals Restrict Patient Services In At Least One Ransomware Incident A Florida healthcare system says it is diverting emergency patients and is only accepting certain Level 1 trauma cases while it deals with an "IT security incident." Meanwhile, a Maryland hospital is responding to its own ransomware incident.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 3, 2023
Reminder: Real-World Attacks Often Focus on Small Subset of Known Vulnerabilities Criminals lately have been prioritizing two types of attacks: exploiting Remote Desktop Protocol and penetrating cloud databases. So warns cyber insurer Coalition, based on analyzing in-the-wild attacks seen in 2022 via underwriting and claims data, scans of IP addresses and honeypots.
Schneier on Security
FEBRUARY 3, 2023
Interesting research: “ Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons “: Abstract: In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization).
Data Breach Today
FEBRUARY 3, 2023
George Kurtz on How Reposify Helps Customers Locate and Safeguard Priority Assets Organizations today struggle with both new attack surface challenges such as cloud configuration and exposed buckets and long-standing ones around vulnerable ports and infrastructure. CEO George Kurtz says CrowdStrike's recent purchase of Reposify will help customers defend their priority assets.
KnowBe4
FEBRUARY 3, 2023
Check out the 39 new pieces of training content added in January, alongside the always fresh content update highlights, events and new features.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
FEBRUARY 3, 2023
Yaki Faitelson on How a SaaS Delivery Model Reduces the Hardware, Personnel Burden Varonis has dedicated most of its engineering resources to SaaS since the onset of COVID-19 to provide more automation to customers, says CEO Yaki Faitelson. The company has focused on delivering robust data protection to customers without them having to dedicate hardware or personnel to the task.
Security Affairs
FEBRUARY 3, 2023
Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published. Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published. Since Jan 21st we are seeing exploitation attempts in our honeypot sensors for Oracle E-Business Suite CVE-2022-21587 (CVSS 9.8 RCE) shortly after a PoC was published.
Data Breach Today
FEBRUARY 3, 2023
Djvu Camouflages Itself as Cracked Software An Indian cybersecurity official highlighted Djvu ransomware as a threat, saying that "maximum companies" are attacked by the malware, a variant of the Stop family of ransomware. Djvu often infects computers by masquerading as software whose activation key has been cracked by hackers.
Data Matters
FEBRUARY 3, 2023
China’s new Measures for the Security Assessment of Outbound Data Transfers (the Measures) came into force on September 1, 2022. Pharma companies now have until February 28 to work out whether their activities mean they are affected, and to apply for the new type of data security assessment if they need it. The post It Is Now More Difficult For International Pharma To Transfer Data Out Of China appeared first on Data Matters Privacy Blog.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
FEBRUARY 3, 2023
A popular military tool during the Cold War, spy balloons have since fallen out of favor—for good reason.
Dark Reading
FEBRUARY 3, 2023
The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.
Hunton Privacy
FEBRUARY 3, 2023
On February 1, 2023, the Federal Trade Commission announced that it entered into a proposed order with GoodRx, a telehealth and prescription drug discount provider, for violations of the FTC’s Health Breach Notification Rule stemming from GoodRx’s unauthorized disclosures of consumers’ personal health information to third party advertisers and other companies.
WIRED Threat Level
FEBRUARY 3, 2023
As unsecured docs pile up, a bipartisan group of lawmakers is itching to overhaul the nation’s secret secret-sharing operation.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Schneier on Security
FEBRUARY 3, 2023
A Hacker’s Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. It’s been chosen as a “ February 2023 Must-Read Book ” by the Next Big Idea Club. And an “Editor’s Pick”—whatever that means—on Amazon. There have been three reviews so far. I am hoping for more.
Dark Reading
FEBRUARY 3, 2023
The greatly expanding attack surface created by the cloud needs to be protected.
IG Guru
FEBRUARY 3, 2023
Check out the page here.
Dark Reading
FEBRUARY 3, 2023
At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
John Battelle's Searchblog
FEBRUARY 3, 2023
Sam Altman, CEO of OpenAI (left), and Microsoft CEO Satya Nadella. Image Microsoft Do generative AI innovations like OpenAI’s ChatGPT and Google’s LaMDA represent a new and foundational technology platform like Microsoft Windows, Apple iOS or the Internet? Or are they just fun and/or useful new products that millions will eventually use, like Google Docs or Instagram?
Dark Reading
FEBRUARY 3, 2023
Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.
Security Affairs
FEBRUARY 3, 2023
Atlassian fixed a critical flaw in Jira Service Management Server and Data Center that can allow an attacker to impersonate another user and gain access to a Jira Service Management instance. Atlassian has released security updates to address a critical vulnerability in Jira Service Management Server and Data Center, tracked as CVE-2023-22501 (CVSS score: 9.4), that could be exploited by an attacker to impersonate another user and gain unauthorized access to other Jira Service Management instanc
Schneier on Security
FEBRUARY 3, 2023
A survey of giant squid science. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Breach Today
FEBRUARY 3, 2023
Cisco GM on Why a Consistent User Experience Across Products Democratizes Security Cisco plans to debut a common design language across its network and security offerings so that products such as Cisco Meraki and Umbrella will no longer look or feel different from one another, says Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco.
Collibra
FEBRUARY 3, 2023
It’s no secret: state and local agencies are deluged with data. To speed modernization, we’ve seen the introduction of solutions like Collibra that can help agencies overcome data challenges and data silos. Collibra Data Intelligence Cloud can build a common foundation of data so you can: Speed data discovery Improve data literacy Drive greater collaboration with trustworthy data Download the solution brief to see how Collibra can help your state or local agency.
Expert insights. Personalized for you.
244 
Let's personalize your content