Data Breach Today
DECEMBER 7, 2022
Campaign May Originate From North Korean Group Infamous for Social Engineering Hackers, possibly North Korea's Lazarus Group, are behind a campaign that socially engineers cryptocurrency traders into opening an Excel spreadsheet loaded with a malicious macro. Pyongyang hackers specialize in cryptocurrency theft as the regime seeks hard currency to fuel weapons development.
eSecurity Planet
DECEMBER 7, 2022
It has certainly been a rough year for the tech industry. There have been many layoffs, the IPO market has gone mostly dark, and venture funding has decelerated. Despite all this, there is one tech category that has held up fairly well: Cybersecurity. Just look at a report from M&A advisory firm Houlihan Lokey , which found that private cybersecurity company funding grew by 9.4% to $26.9 billion between September 2021 and September 2022.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 7, 2022
Indian Firm Accuses 'Notorious Cyber Security Company' for Ongoing Incident Indian cybersecurity firm CloudSEK says another cybersecurity firm used a compromised collaboration platform credential to obtain access to its training webpages. CEO Rahul Sasi did not identify the alleged perpetrator says the hacker did not obtain access to the company code base and database.
Hunton Privacy
DECEMBER 7, 2022
The UK Information Commissioner’s Office (“ICO”) recently published a package of detailed guidance and checklists for direct marketing activities. The ICO’s new webpage on direct marketing now includes various resources, including specific guidance for SMEs , business-to-business marketing , and organizations using the marketing services of data brokers , as well as direct marketing FAQs and checklists , and a training module for businesses.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 7, 2022
Black Hat Europe Speakers Focus on Upsides of Failing Faster as Complexity Mounts "Who here thinks your network or environment will become more complex next year?" a cybersecurity veteran asked the audience at Black Hat Europe this week in London. As attackers' capabilities continue to improve, Jeff Moss said defenders must learn to succeed or fail faster.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 7, 2022
Announcement Comes After Apple Reportedly Delayed the Backups at the FBI's Request Smartphone giant Apple says that starting later this year, users can enable end-to-end encryption of iPhone backups stored in the company's commercial cloud. Apple took pains to frame its announcement in the context of cloud computing data breaches.
Thales Cloud Protection & Licensing
DECEMBER 7, 2022
Thales CipherTrust Data Security Platform Validated For Microsoft Azure Stack Hub and HCI. divya. Thu, 12/08/2022 - 07:05. As security breaches continue with alarming regularity and compliance mandates become more pervasive, companies must discover and protect sensitive data across on premises, hybrid, and multi-cloud environments. Thales continues to facilitate risk management options for customer deployment choices no matter where their data resides.
Data Breach Today
DECEMBER 7, 2022
7 Hospitals Affected by Breaches So Far; CommonSpirit Is Still Reviewing Data Files Patients of at least seven hospitals affiliated with CommonSpirit have been affected by a data breach involving the Chicago-based hospital chain's October ransomware incident. None of the affected hospitals appear to have filed a breach report with the U.S. Department of Health and Human Services.
Security Affairs
DECEMBER 7, 2022
Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. “This botnet , known as Zerobot, contains several modules, including self-replication, attacks for different protocols, and self-propagation.” reads
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 7, 2022
Google TAG Attributes Expoloits to State-Sponsored APT37, aka Reaper Microsoft Office's use of Internet Explorer to render HTML is the gift that keeps giving for North Korean hackers. Security researchers at Google say they spotted a Pyongyang threat actor using a now-patched JavaScript engine flaw via a malicious Office document.
Security Affairs
DECEMBER 7, 2022
The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. White hat hackers that participated in the competition hacked the Samsung Galaxy S22 smartphone twice during the first day of the hacking competition, the 10th edition of the consumer-focused event.
KnowBe4
DECEMBER 7, 2022
Recent attacks are helping cyber insurers better understand what security strategies need to be in place and how to price policies based on the risk those policies cover.
Micro Focus
DECEMBER 7, 2022
Plotting the right course towards digital transformation requires considering so many factors, the choices are bewildering. But, as Dana Korch discovers, help is at hand in the form of brand-new market insights. IT organizations are on a continuous path for digital transformation. Much as they’ve made huge recent leaps in their digital growth, there is.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
DECEMBER 7, 2022
The botnet exploits flaws in various routers, firewalls, network-attached storage, webcams, and other products and allows attackers to take over affected systems.
KnowBe4
DECEMBER 7, 2022
A Russia-linked threat actor tracked as TAG-53 is running phishing campaigns impersonating various defense, aerospace, and logistic companies, according to The Record by Recorded Future. Recorded Future’s Insikt Group identified overlaps with a threat actor tracked by other companies as Callisto Group, COLDRIVER, and SEABORGIUM.
Schneier on Security
DECEMBER 7, 2022
This is a really interesting paper that discusses what the authors call the Decoupling Principle: The idea is simple, yet previously not clearly articulated: to ensure privacy, information should be divided architecturally and institutionally such that each entity has only the information they need to perform their relevant function. Architectural decoupling entails splitting functionality for different fundamental actions in a system, such as decoupling authentication (proving who is allowed to
Jamf
DECEMBER 7, 2022
Jamf can help you remediate security vulnerabilities in the future—and stop them before they become exploits. Learn how in this blog.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
DECEMBER 7, 2022
It's three weeks before Christmas, and the latest video game console is getting harder and harder to find in stores. You've checked all the large retail stores online and visited them locally as well. You've talked to the retail workers to see if they know when more game consoles are coming in, and they don't even know. You've seen them on the various auction sites, but at three, four, and ten times the actual cost, you know they're worth online.
Dark Reading
DECEMBER 7, 2022
After an uproar, the city board voted to rescind last week's bill to allow police to use robots to deliver deadly force. The fight isn't over, but there's a good reason it should be.
KnowBe4
DECEMBER 7, 2022
Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.
Dark Reading
DECEMBER 7, 2022
Cybercrooks allegedly stole personal data, used it to file IRS tax documents, and routed refunds to bank accounts under their control.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
WIRED Threat Level
DECEMBER 7, 2022
The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.
Dark Reading
DECEMBER 7, 2022
At AWS re:Invent last week, the cloud giant previewed security services including Amazon Security Lake for security telemetry, Verified Permissions for developers, and a VPN bypass service.
Hunton Privacy
DECEMBER 7, 2022
On December 6, 2022, the California Privacy Protection Agency (“CPPA”) announced that it will hold a virtual public meeting to discuss the status of the California Privacy Rights Act of 2020 (“CPRA”) rulemaking process and other topics. Anticipated topics for discussion include: An update from the CPRA Rules Subcommittee regarding the CPRA Rulemaking process and next steps; The CPPA’s participation in the California Children’s Data Protection Working Group under the California Age-Appropriate De
KnowBe4
DECEMBER 7, 2022
Ransomware strikes organizations almost every two seconds. Tales of bad actors doing their worst fill the InfoSec news cycle, but what happens when the hackers get hacked?
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
DECEMBER 7, 2022
On cybercrime forums, user complaints about being duped may accidentally expose their real identities.
Dark Reading
DECEMBER 7, 2022
A ransomware attack on the company's Hosted Exchange environment disrupted email for thousands of mostly small and midsize businesses.
WIRED Threat Level
DECEMBER 7, 2022
The company plans to expand its Communication Safety features, which aim to disrupt the sharing of child sexual abuse material at the source.
Expert insights. Personalized for you.
231 
Let's personalize your content