Tue.Jun 11, 2024

article thumbnail

UK Sides With APP Fraud Victims - Despite Industry Pressure

Data Breach Today

Payments Regulator Says Banks Should Prioritize Customer Protection Over Losses The U.K. Payments Systems Regulator has denied The Payment Association's request to delay the contentious APP fraud reimbursement plan by a year. The association, the largest community in payments, had warned that failing to delay the plan would permanently damage the payments industry.

277
277
article thumbnail

Patch Tuesday, June 2024 “Recall” Edition

Krebs on Security

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond’s flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

Mining 217
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

AI Will Soon Exhaust the Internet. What's Next?

Data Breach Today

Researchers Expect an AI Training Data Drought in the Next 2 to 8 Years Artificial intelligence models consume training data faster than humans can produce it, and large language model researchers warn that the stocks of public text data are set to be exhausted as early as two years from now. They also say that bottlenecks aren't inevitable.

article thumbnail

RSAC Fireside Chat: Ontinue ups the ‘MXDR’ ante — by emphasizing wider automation, collaboration

The Last Watchdog

Companies that need to protect assets spread across hybrid cloud infrastructure face a huge challenge trying to mix and match disparate security tools. Related: Cyber help for hire Why not seek help from a specialist? At RSAC 2024 , I visited with Geoff Haydon , CEO, and Alex Berger , Head of Product Marketing, at Ontinue , a new player in the nascent Managed Extended Detection and Response ( MXDR ) space.

Marketing 130
article thumbnail

Provide Real Value in Your Applications with Data and Analytics

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

article thumbnail

Ransomware Gang TellYouThePass Exploits PHP Vulnerability

Data Breach Today

Flaw Allows Unauthenticated Attackers to Execute Arbitrary Code A ransomware operation with a history of exploiting widespread internet vulnerabilities lost little time in making use of a critical severity vulnerability in scripting language PHP. The TellYouThePass ransomware group sees opportunity whenever system administrators must scramble to patch systems.

More Trending

article thumbnail

Privacy Regulators Probe Impact of 23andMe's Mega-Breach

Data Breach Today

6.9 Million Individuals' Genetic Details Stolen via 2023 Credential-Stuffing Attack Privacy regulators in the U.K. and Canada have launched a joint investigation into 23andMe following the direct-to-consumer genetic testing service suffering a massive data breach in October 2023 that led to the theft of 6.9 million individuals' ancestry details.

Privacy 184
article thumbnail

LLMs Acting Deceptively

Schneier on Security

New research: “ Deception abilities emerged in large language models “: Abstract: Large language models (LLMs) are currently at the forefront of intertwining AI systems with human communication and everyday life. Thus, aligning them with human values is of great importance. However, given the steady increase in reasoning abilities, future LLMs are under suspicion of becoming able to deceive human operators and utilizing this ability to bypass monitoring efforts.

article thumbnail

Dutch Agency Renews Warning of Chinese Fortigate Campaign

Data Breach Today

Chinese Cyber Espionage Campiagn Is 'Much Larger Than Previously Known' Chinese hackers breached thousands of vulnerable Fortigate network security appliances in a cyber-espionage campaign "much larger than previously known," a Dutch cybersecurity agency warned Tuesday. Even fully patched FortiGate devices may still be infected.

article thumbnail

Beware: Major AI Chatbots Now Intentionally Spreading Election Disinformation

KnowBe4

Just when you thought the disinformation landscape couldn't get any worse, an alarming new report from Democracy Reporting International reveals that popular AI chatbots have started intentionally spreading false information related to elections and the voting process.

article thumbnail

Entity Resolution: Your Guide to Deciding Whether to Build It or Buy It

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

article thumbnail

Protecting the data of our commercial and public sector customers in the AI era

Data Breach Today

Empowering Industries with Secure AI Solutions for Enhanced Growth and Productivity How are multiple industries leveraging Microsoft Azure OpenAI and Copilot to drive growth and ensure robust data security?

Security 176
article thumbnail

Bruce Schneier: "AI Will Increase the Quantity—and Quality—of Phishing Scams"

KnowBe4

Wow. It does not happen often that the godfather of infosec comes out this strong about phishing risks. He co-published new research in the Harvard Business Review May 30, 2024, which in turn links back to the actual study that was published at the IEEE. This is the best budget ammo I have seen in the last few years.

article thumbnail

Cyberhaven Secures $88M to Strengthen Data Security Platform

Data Breach Today

Adams Street Partners, Khosla Ventures Lead Series C Funding for Data Security Firm Cyberhaven secured $88 million in a Series C round led by Adams Street Partners and Khosla Ventures. The company wants to bolster product development, expand AI detection capabilities and increase market reach in hope of becoming a leader in the fragmented data security market.

Security 167
article thumbnail

Arm zero-day in Mali GPU Drivers actively exploited in the wild

Security Affairs

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, tracked as CVE-2024-4610, in Mali GPU Kernel Driver. The vulnerability is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) and Valhall GPU Kernel Driver (all versions from r34p0 to r40p0). “A local non-privileged user can make improper GPU memory pr

Access 99
article thumbnail

Deliver Mission Critical Insights in Real Time with Data & Analytics

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

article thumbnail

Cleveland Cyber Incident Prompts Shutdown of City IT Systems

Data Breach Today

Cleveland Investigating Cyber Incident that Forced City to Shutdown IT Systems The city of Cleveland, Ohio is launching an investigation into an apparent cyber event that forced a shutdown of its information technology systems throughout the start of the week, officials said Tuesday, though additional details surrounding the incident remain unclear.

IT 167
article thumbnail

New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

KnowBe4

Analysis of this latest phishing campaign exposes exactly how the digital signature platform is misused to create a simple and easily avoidable.

Phishing 100
article thumbnail

Chinese-Made Biometric Access System Has 24 Vulnerabilities

Data Breach Today

Kaspersky Unveils 24 Flaws in ZKTeco Terminals A promise of better security through biometrics fell short after security researchers dismantled an access system manufactured by a Chinese manufacture, only to discover 24 vulnerabilities contained inside. ZKTeco specializes in hybrid biometric verification technology.

Access 167
article thumbnail

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

KnowBe4

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Microsoft Patch Tuesday security updates for June 2024 fixed only one critical issue

Security Affairs

Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; Dynamics Business Central; and Visual Studio. Eight of these bugs were reported through the ZDI program.

article thumbnail

Genetic testing company 23andMe investigated over hack that hit 7m users

The Guardian Data Protection

Data watchdogs in UK and Canada to look at whether there were enough safeguards on personal information Business live – latest updates The California genetic testing company 23andMe faces investigations by the data watchdogs of the UK and Canada over a security breach affecting nearly 7 million people last October. Hackers who broke into the site gained access to personal information by using customers’ old passwords.

article thumbnail

Nationwide Building Society gives member communications the personal touch 

OpenText Information Management

Nationwide isn’t like most other financial services organisations. Because we’re owned by our millions of members across the UK, we can invest everything back into the business. Our mission is to provide outstanding services that make life better for our members—and our product offering includes personal banking, credit cards, mortgages, and more. As the CIO for customer experience platforms, I’m responsible for everything relating to customer communications—from account statements to the latest

article thumbnail

The best AirTag wallets of 2024: Expert tested

Collaboration 2.0

Lose your wallet often? ZDNET went hands-on with the best Apple AirTag wallets and accessories to help you keep track of your cards and cash.

75
article thumbnail

Using Data & Analytics for Improving Healthcare Innovation and Outcomes

In the rapidly evolving healthcare industry, delivering data insights to end users or customers can be a significant challenge for product managers, product owners, and application team developers. The complexity of healthcare data, the need for real-time analytics, and the demand for user-friendly interfaces can often seem overwhelming. But with Logi Symphony, these challenges become opportunities.

article thumbnail

Unlocking AI/ML Success with Trusted, Unified Data

Reltio

Imagine a skilled chef trying to cook a gourmet meal with rotten ingredients; the dish won’t turn out great. Similarly, for businesses using any AI, including machine learning and gen AI, to make decisions or automate processes, data quality is as crucial as the technology itself. Like a meal prepared with subpar ingredients, AI solutions won’t deliver the desired results when fueled with bad data, and those investments won’t pay off.

article thumbnail

Celebrating Collibra: 2024 Databricks Governance Partner of the Year

Collibra

We’re thrilled to announce that Collibra has been recognized as the 2024 Databricks Data Governance Partner of the Year. This prestigious award is a testament to our unwavering commitment to excellence in data and AI governance. Join us as we celebrate this achievement and explore the transformative power of our partnership with Databricks. The time is now to do more with trusted data There has never been a more critical moment to invest your time into understanding how to do more with data, and

article thumbnail

CyberheistNews Vol 14 #24 [NEW 2024 RESEARCH] Reveals that 34% of Green Users Will Fail a Phishing Test

KnowBe4

[NEW 2024 RESEARCH] Reveals that 34% of Green Users Will Fail a Phishing Test

article thumbnail

Tech partner spotlight: Jamf + 1GLOBAL

Jamf

Learn how integrating Jamf with 1GLOBAL mitigates security risks while automating eSIM deployment.

Risk 40
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Approaches to migrating your VMware workloads to AWS   

IBM Big Data Hub

The VMware® acquisition by Broadcom has changed VMware’s product and partner strategies. In November 2023, Broadcom finalized its acquisition (link resides outside ibm.com) of VMware for USD 69 billion, with an aim to enhance its multicloud strategy. Further to the acquisition, Broadcom decided to discontinue (link resides outside ibm.com) its AWS authorization to resell VMware Cloud on AWS as of 30 April 2024.

Cloud 66
article thumbnail

Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. Patch it now!

Security Affairs

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 and a proof of concept exploit for this issue. The flaw CVE-2024-29849 is a critical vulnerability (CVSS score: 9.8) in Veeam Backup Enterprise Manager that could allow attackers to bypass authentication.

IT 86
article thumbnail

US Leaders Dodge Questions About Israel’s Influence Campaign

WIRED Threat Level

Democratic leader Hakeem Jeffries has joined US intelligence officials in ignoring repeated inquiries about Israel’s “malign” efforts to covertly influence US voters.

Security 116