Fri.Nov 04, 2022

article thumbnail

Cyberattack at Boeing Disrupts Flight Planning

Data Breach Today

Services from Boeing Subsidiary Jeppesen Affected By Ongoing Incident Distribution of airspace safety notices are affected by a cyber incident at Boeing subsidiary Jeppesen, the nature of which the company won't disclose. "At this time we have no reason to believe that this incident poses a threat to aircraft or flight safety," a company spokesperson said.

328
328
article thumbnail

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. Many LinkedIn profiles now display a creation date, and the company is expanding its domain validation offering, which allows users to publicly confirm that they can reply to emails at the domain of their stated current employer.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

SolarWinds May Face SEC Investigation Over Hack Disclosure

Data Breach Today

Company Settles Shareholder Lawsuit for $26M SolarWinds, maker of network management software famously hacked by the Russian government, may be the subject of an investigation by the U.S. Securities and Exchange Commission after staff made a preliminary determination in its favor. The company says it will contest the staff recommendation.

article thumbnail

Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics

Dark Reading

The software giant also recorded an increase in attacks on IT services companies as state-backed threat actors have adapted to better enterprise defenses and cast a wider net, Microsoft says.

IT 117
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Sexual Assault, Abuse Victims' Data at Risk in Australia

Data Breach Today

Investigators to Determine if Hacker Accessed Legal Aid Group’s Client Information A hack of an Australian legal aid group this week may have exposed the personal information of domestic violence, sexual assault victims and other vulnerable people around the nation’s capital. Legal Aid ACT says systems are disrupted and an investigation will find out if data was stolen.

Risk 176

More Trending

article thumbnail

LockBit Claims Attack on German Auto Parts Giant Continental

Data Breach Today

Company Acknolweged an Attack in August, Silent Since on Hackers Ransomware-as-a-service group LockBit is threatening the release of data it says it stole from German auto parts maker Continental. The company in August acknowledged an incident involving its IT systems, but didn't respond Friday with additional information.

article thumbnail

DHL Tops the List of Most Impersonated Brand in Phishing Attacks

KnowBe4

As scammers shift their campaigns and learn from their successes, new data shows that the global delivery service is the current brand of choice, with equally familiar brands trailing slightly.

Phishing 104
article thumbnail

Palo Alto, Fortinet, Check Point Top Firewall Forrester Wave

Data Breach Today

Fortinet, Check Point Enter Leaders Segment While Cisco Falls in Latest Rankings A surging Fortinet and Check Point have joined perennial stalwart Palo Alto atop the firewall Forrester Wave while Cisco slipped to the strong performers category. The leaderboard now belongs solely to pure-play cybersecurity vendors, with all three having at least 15 years of firewall experience.

article thumbnail

NSA on Supply Chain Security

Schneier on Security

The NSA (together with CISA) has published a long report on supply-chain security: “ Securing the Software Supply Chain: Recommended Practices Guide for Suppliers. “: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment.

Security 107
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

ISMG Editors: How the Ransomware Ecosystem is Fracturing

Data Breach Today

Also: Rise of Online Scams; ISMG Crypto and Payments Summit In the latest weekly update, ISMG editors share how amateur tactics employed by ransomware gangs are leading fewer victims to pay ransoms, why traditional identity controls can't protect against the growing authorized payment scams, and highlights from ISMG's Crypto and Payments Summit.

article thumbnail

RomCom Malware Woos Victims With 'Wrapped' SolarWinds, KeePass Software

Dark Reading

An analysis of the RomCom APT shows the group is expanding its efforts beyond the Ukrainian military into the UK and other English-speaking countries.

Military 105
article thumbnail

Number Matching Push-Based MFA Is Only Half the Solution

KnowBe4

When push-based multifactor authentication (MFA) first came out, I was a big fan. I promoted it as a strong and safe MFA option in my book, Hacking Multifactor Authentication. That was before I realized that a non-small percentage of users would willingly approve logins they otherwise had nothing to do with, once again undermining the best intentions of the latest technology with unexpected human behavior.

article thumbnail

W4SP Stealer Stings Python Developers in Supply Chain Attack

Dark Reading

Threat actors continue to push malicious Python packages to the popular PyPI service, striking with typosquatting, authentic sounding file names, and hidden imports to fool developers and steal their information.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

New LinkedIn-Impersonated Phishing Attack Uses Bad Sign-In Attempts to Harvest Credentials

KnowBe4

With compromised LinkedIn credentials providing cybercriminals with ample means to socially engineer business contacts, this campaign is a stark warning for organizations.

article thumbnail

Human Security Tackles Malvertising With Clean.io Buy

Dark Reading

Dark Reading's analysis suggests that Human Security's acquisition of clean.io will significantly expand the company's fraud prevention and anti-malvertising portfolio.

article thumbnail

California Privacy Protection Agency Holds Board Meeting on CCPA/CPRA Modified Proposed Regulations

Hunton Privacy

On October 28-29, 2022, the California Privacy Protection Agency (“CPPA”) held a Board Meeting to discuss the modified proposed regulations promulgated for compliance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA/CPRA”), as well as the remainder of the rulemaking process. The CPPA previously released the modified proposed regulations on October 17, 2022. .

Privacy 67
article thumbnail

Cyberattackers Focus In on State-of-the-Art ALMA Observatory

Dark Reading

Operations at the world's most expensive ground-based telescope, high in the Atacama Desert, remain disrupted.

101
101
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Influence, Inspire, and Lead: A Fireside Chat with OpenText  

OpenText Information Management

Build strong work relationships. Find a mentor, and consider a sponsor. Work hard ? but carve out time for life outside of work. All these things are so important for the advancement of women to the highest levels of an organization, and they are just a few pieces of advice that OpenText senior leaders shared … The post Influence, Inspire, and Lead: A Fireside Chat with OpenText appeared first on OpenText Blogs.

62
article thumbnail

Build Security Around Users: A Human-First Approach to Cyber Resilience

Dark Reading

Security is more like a seat belt than a technical challenge. It's time for developers to shift away from a product-first mentality and craft defenses that are built around user behaviors.

article thumbnail

IBM named a leader in the 2022 Gartner® Magic Quadrant™ for Data Quality Solutions

IBM Big Data Hub

Data is the new oil and organizations of all stripes are tapping this resource to fuel growth. However, data quality and consistency are one of the top barriers faced by organizations in their quest to become more data-driven. So, it is imperative to have a clear data quality strategy that relies on proactive data quality management as data moves from producers to consumers.

article thumbnail

A holistic approach to security: Mobile Device Management

Jamf

You probably have a good idea of what Mobile Device Management (MDM) is. But did you know the crucial role that a well-built MDM plays in organizational security?

MDM 52
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Detecting Malicious User Behavior Within and Across Applications

Dark Reading

The solution lies in analyzing sequences of activities as user journeys, instead of analyzing each activity on its own.

IT 55
article thumbnail

No trust assumed: strengthen cybersecurity with ZTNA

Jamf

A mobile workforce requires secure remote access solutions: learn why Zero Trust Network Access is the future of workplace cybersecurity.

article thumbnail

In re Grand Jury: Supreme Court to Consider Attorney-Client Privilege in “Dual-Purpose Communications”

eDiscovery Law

Because of the volumes of information and the complexities of data found in many cases that require extensive electronic discovery, issues related to attorney-client privilege can require significant attention during the document search, review, and production processes for these cases. Addressing attorney-client privilege requires particular nuance when considering “dual-purpose communications,” in which both legal advice […].

article thumbnail

DOJ announces far-reaching guidance on corporate criminal enforcement via Reuters

IG Guru

Check out the post here.

76
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Simplilearn and the University of California, Irvine Division of Continuing Education Partner for a Cybersecurity Boot Camp

Dark Reading

The boot camp is for aspiring security analysts, network consultants, and penetration testers.

article thumbnail

Versa Networks, Apiiro Show VCs Still Focused on Cybersecurity

eSecurity Planet

A pair of recent $100 million funding rounds show that venture capital is still flowing into cybersecurity startups despite economic headwinds and rising interest rates. Versa Networks announced a funding round for $120 million last week, while Apiiro followed this week with a $100 million funding round. The two are addressing major issues like sprawling cloud and software supply chain risks, showing that good companies addressing real needs are having little trouble finding investors.

article thumbnail

Calamu Partners With Wasabi Technologies to Deliver Cloud Storage Vaults

Dark Reading

Companies combine award-winning data security with the hot cloud storage service.

Cloud 40