Krebs on Security
MARCH 20, 2023
A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how.
Data Breach Today
MARCH 20, 2023
Now-Patched Bug Allowed Thief to Remotely Steal User Passwords, Private Keys Bitcoin ATM manufacturer General Bytes suspended its cloud services supporting more than 15,000 machines after a hacker exploited a vulnerability in its software to steal user passwords and private keys and made off with cryptocurrency worth millions of dollars.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
MARCH 20, 2023
One common misconception is that scammers usually possess a strong command of computer science and IT knowledge. Related: How Google, Facebook enable snooping In fact, a majority of scams occur through social engineering. The rise of social media has added to the many user-friendly digital tools scammers, sextortionists, and hackers can leverage in order to manipulate their victims.
Data Breach Today
MARCH 20, 2023
Victims Lured Using Loan Offer with a Low Interest Rate Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Hunton Privacy
MARCH 20, 2023
On March 16, 2023, the Federal Trade Commission announced it issued orders to eight social media and video streaming platforms seeking Special Reports on how the platforms review and monitor commercial advertising to detect, prevent and reduce deceptive advertisements, including those related to fraudulent healthcare products, financial scams and the sale of fake goods.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Hunton Privacy
MARCH 20, 2023
On March 3, 2023, the U.S. Department of Justice (“DOJ”) released an update to its Evaluation of Corporate Compliance Programs guidance (“ECCP Guidance”). The ECCP Guidance serves as a guidance document for prosecutors when evaluating a corporate compliance program. Among other updates, the ECCP Guidance now includes new guidance for assessing how companies govern employees’ use of personal devices, communication platforms and messaging applications.
Data Breach Today
MARCH 20, 2023
Chinese Hackers and Others Increasingly Favor Unpatched Vulnerabilities Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.
Hunton Privacy
MARCH 20, 2023
On February 16, 2023, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP held a virtual roundtable to discuss the role of age assurance and age verification tools as part of its Children’s Data Privacy Project. Representatives from CIPL member companies, data protection authorities, civil society and experts exchanged views on the effectiveness of different methodologies and emerging best practices to shield minors from harmful or inappropriate content.
Security Affairs
MARCH 20, 2023
The Acropalypse flaw in the Markup tool of Google Pixel allowed the partial recovery of edited or redacted screenshots and images. Security researchers Simon Aarons and David Buchanan have discovered a vulnerability, named ‘Acropalypse,’ in the Markup tool of Google Pixel. The Markup tool is a built-in Markup utility, released with Android 9 Pie that allows Google Pixel users to edit (crop, add text, draw, and highlight) screenshots.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
MARCH 20, 2023
There are a number of solutions that can help ensure security and compliance mandates are met in the cloud, but organizations should prioritize integration and policy-based management.
Security Affairs
MARCH 20, 2023
The infamous Emotet malware is back after a short hiatus, threat actors are spreading it via Microsoft OneNote email attachments. The Emotet malware returns after a three-month hiatus and threat actors are distributing it via Microsoft OneNote email attachments to avoid detection. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542.
KnowBe4
MARCH 20, 2023
A new law in Québec, Canada, that goes into effect this June will require all policies and training materials assigned to employees within the province be provided in French.
Dark Reading
MARCH 20, 2023
Users of affected devices that want to mitigate risk from the security issues in the Exynos chipsets can turn off Wi-Fi and Voice-over-LTE settings, researchers from Google's Project Zero say.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
MARCH 20, 2023
Secureworks has published a report looking at cybercrime over the course of 2022, finding that business email compromise (BEC) attacks nearly doubled last year. Additionally, attacks in which phishing was used as the initial access vector (IAV) increased by nearly three times last year.
Dark Reading
MARCH 20, 2023
With HinataBot, malware authors have created a beast many times more efficient than even the scariest botnets of old, packing more than 3Tbit/s DDoS speeds.
KnowBe4
MARCH 20, 2023
Yikes. Loz Blain at NewAtlas just reported that Stanford has copied the ChatGPT AI for less than $600. The article started out with: "Stanford's Alpaca AI performs similarly to the astonishing ChatGPT on many tasks – but it's built on an open-source language model and cost less than US$600 to train up. It seems these godlike AIs are already frighteningly cheap and easy to replicate.
Dark Reading
MARCH 20, 2023
The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
MARCH 20, 2023
Threat actors are abusing the legitimate Adobe Acrobat Sign service to distribute the RedLine information stealer. Avast researchers reported that threat actors are abusing the legitimate Adobe Acrobat Sign service to distribute the RedLine information stealer. Adobe Acrobat Sign allows registered users to sign documents online and send a document signature request to anyone.
Dark Reading
MARCH 20, 2023
UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks.
Thales Cloud Protection & Licensing
MARCH 20, 2023
Self-Sovereign Identities, The Next Step in Privacy-First User Experience divya Tue, 03/21/2023 - 06:10 There is a growing momentum around Self-Sovereign Identities (SSI) with real value to be captured by individuals, countries, and businesses. When privacy is at stake, SSI puts individuals back in control of their personal data. Moreover, it helps organizations to operate in an environment they trust and control to significantly reduce Know Your Customer (KYC) and GDPR costs and to more easily
WIRED Threat Level
MARCH 20, 2023
Amid ongoing protests, the Iranian regime has lost control of its image, pushing it to employ increasingly drastic tactics where everyone loses.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MARCH 20, 2023
The alleged mastermind of hacker forum Breach Forums, "pompompurin," has been arrested in New York City, according to court documents.
OpenText Information Management
MARCH 20, 2023
While digitizing content is a critical first step for digital transformation, going paperless is no longer enough for managing the increasingly high volume of enterprise content. According to IDC research, more than half of the documents that require processing now originate as digital file types – emails, attachments, SMS, PDF, PNG, and more – and … The post What is intelligent document processing?
Dark Reading
MARCH 20, 2023
No-code has lowered the barrier for non-developers to create applications. AI will completely eliminate it.
Adapture
MARCH 20, 2023
Bot attacks are on the rise. From record breaking DDoS attacks to credential stuffing attacks , businesses are paying with lost profits and customer trust. For websites that rely on online sales, the effects can be devastating. While many already have measures in place to mitigate bot traffic, these measures are often not enough. In response to this increasing need, many businesses have begun managing bots with Cloudflare.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
MARCH 20, 2023
Aembit launches from stealth with a cloud-based identity access management platform for enterprise workloads.
Jamf
MARCH 20, 2023
MacAdmins, are you tired of working on repetitive, often redundant management tasks? Automation is great, but often merely simplifying processes can offer a huge boost, freeing up time to work on other more critical tasks. Enter MUT: your ally when updating device records and more in Jamf Pro.
DLA Piper Privacy Matters
MARCH 20, 2023
Authors: Denise Lebeau-Marianna, Divya Shanmugathas and Lucie Dubecq-Princeteau On 15 March 2023, the French Supervisory Authority (the “ CNIL ”) unveiled in a post its four key priorities regarding its upcoming investigations for 2023 targeting specific sectors (I), to which it added another topic related to DPO in line with the coordinated enforcement framework of the European Data Protection Board to gauge whether DPOs can exercise properly their job (II).
Expert insights. Personalized for you.
275 
Let's personalize your content