Fri.Feb 23, 2024

article thumbnail

Change Healthcare Outage Hits Military Pharmacies Worldwide

Data Breach Today

Experts Speculate About Whether the Hack Involved the ScreenConnect Flaw Exploit Pharmacies at U.S. military hospitals and clinics worldwide are among the entities affected by the cyberattack on Optum's Change Healthcare this week, which has forced the IT services company to take many of its applications offline. Change Healthcare disconnected its IT systems on Wednesday.

Military 273
article thumbnail

CIPL Releases White Paper on Accountable AI Best Practices

Hunton Privacy

On February 21, 2024, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP (“CIPL”) published a white paper on Building Accountable AI Programs: Mapping Emerging Best Practices to the CIPL Accountability Framework. The white paper showcases how 20 leading organizations are developing accountable AI programs and best practices. The white paper discusses how organizational accountability is fundamental to the responsible development and deployment of AI.

Paper 118
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who is LockBitSupp? Police Delay Promise to Reveal Identity

Data Breach Today

Officials Reschedule Big Reveal of LockBit Ransomware Group Leadership's Identity Who is LockBitSupp? On Friday morning, when law enforcement promised to reveal the identity of the public mouthpiece of the LockBit ransomware-as-a-service operation they infiltrated and disrupted earlier this week, authorities instead announced a delay.

article thumbnail

Nearly One in Three Cyber Attacks In 2023 Involved The Abuse of Valid Accounts

KnowBe4

Thirty percent of all cyber incidents in 2023 involved abuse of valid credentials, according to IBM X-Force’s latest Threat Intelligence Index. This represents a seventy-one percent increase compared to 2022.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Binance Restricts 85 LockBit Crypto Wallets

Data Breach Today

Authorities Uncover 30,000 LockBit Bitcoin Addresses Cryptocurrency trading platform Binance restricted access to 85 accounts as part of an action against the LockBit ransomware affiliates, and authorities estimated that members of the now-defunct ransomware-as-a-service operation had pocketed "hundreds of millions" in ransom.

More Trending

article thumbnail

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp

Data Breach Today

After Teasing 'Who is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement' "Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement.

article thumbnail

Weekly Update 388

Troy Hunt

It's just been a joy to watch the material produced by the NCA and friends following the LockBit takedown this week. So much good stuff from the agencies themselves, not just content but high quality trolling too. Then there's the whole ecosystem of memes that have since emerged and provided endless hours of entertainment 😊 I'm sure we'll see a lot more come out of this yet and inevitably there's seized material that will still be providing value to further inves

Phishing 101
article thumbnail

US FTC Imposes Strict Reporting Mandates for Global Tel*Link

Data Breach Today

New Reporting Measures Follow Data Breach Affecting Prison Communications Provider Global Tel Link, a major prison communications provider in the U.S., will be required to notify its users - as well as the Federal Trade Commission - about certain data breaches and security events after suffering a major data breach in 2020 that left users’ sensitive information available online.

article thumbnail

Conversational AI use cases for enterprises

IBM Big Data Hub

Today, people don’t just prefer instant communication; they expect it. Conversational artificial intelligence (AI) leads the charge in breaking down barriers between businesses and their audiences. This class of AI-based tools, including chatbots and virtual assistants, enables seamless, human-like and personalized exchanges. Beyond the simplistic chat bubble of conversational AI lies a complex blend of technologies, with natural language processing (NLP) taking center stage.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

HHS OCR Tells Congress It Needs More Funding for HIPAA Work

Data Breach Today

Breaches and Complaints Continue to Soar as Regulatory Duties Increase As the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding to keep up with its mounting workload. The agency also separately announced its second ransomware HIPAA breach settlement.

IT 238
article thumbnail

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The security breach occurred on Sunday 18 February 2024, but Tangerine management became aware of the incident on Tuesday 20 February 2024.

article thumbnail

ISMG Editors: The 'New Frontier' of AI and Identity Security

Data Breach Today

Identity Security Expert Jeremy Grant Discusses Challenges, Innovations and Trends In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.

Security 234
article thumbnail

CIPL Publishes Discussion Paper on Data Protection Assessment Requirements Under U.S. State Privacy Laws

Hunton Privacy

On February 8, 2024, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP (“CIPL”) published a discussion paper on Comparison of U.S. State Privacy Laws: Data Protection Assessments. The paper analyzes the data protection assessment requirements set forth in an ever-growing number of comprehensive U.S. state privacy laws. The paper represents the first deliverable of CIPL’s ongoing project on U.S. state privacy laws, in which CIPL is collaborating with its member organization

Paper 85
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

Data Breach Today

With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the Life Once the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.

article thumbnail

Your KnowBe4 Fresh Content Updates from February 2024

KnowBe4

Check out the 29 new pieces of training content added in February, alongside the always fresh content update highlights, events and new features.

article thumbnail

Serco ordered to stop using facial recognition technology to monitor staff

The Guardian Data Protection

Biometric data of more than 2,000 staff at 38 leisure centres was unlawfully processed to check attendance, watchdog finds Britain’s data watchdog has ordered a Serco subsidary to stop using facial recognition technology and fingerprint scanning to monitor the attendance of staff at the leisure centres it operates. The Information Commissioner’s Office (ICO) found that the biometric data of more than 2,000 employees had been unlawfully processed at 38 centres managed by Serco Leisure to check up

article thumbnail

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices via The Hacker News

IG Guru

Check out the article here. The post Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices via The Hacker News first appeared on IG GURU.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Face off: New Banking Trojan steals biometrics to access victims’ bank accounts

KnowBe4

Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.

Access 77
article thumbnail

California Children’s Privacy Bill Moves to Committee

Hunton Privacy

On February 12, 2024, California bill AB-1949 was referred to the Assembly Committee on Privacy and Consumer Protection. The bill would amend the California Consumer Privacy Act (as amended by the California Privacy Rights Act) (the “CCPA”) to significantly expand businesses’ obligations with respect to the personal information of consumers under the age of 18.

Privacy 74
article thumbnail

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Even the world’s biggest businesses are not free from GDPR woes. Irish regulators hit Meta with a EUR 1.2 billion fine in 2023.

GDPR 78
article thumbnail

U.S. Department of Justice Signals Tougher Enforcement Against Artificial Intelligence Crimes

Data Matters

U.S. Deputy Attorney General Lisa Monaco signaled robust future enforcement by the Department of Justice (DOJ) against crimes involving, and aided by, artificial intelligence (AI) in her remarks at Oxford University last week and reiterated shortly thereafter at the Munich Security Conference. The post U.S. Department of Justice Signals Tougher Enforcement Against Artificial Intelligence Crimes appeared first on Data Matters Privacy Blog.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Biden administration issues Executive Order and takes action to enhance maritime cybersecurity

Data Protection Report

On February 21, 2024, President Biden signed an Executive Order and issued several federal rules aimed at improving the cybersecurity of U.S. ports and maritime supply chains. The measures introduce new cybersecurity requirements and standards for stakeholders of the U.S. Marine Transportation System (MTS) and increase the authority of the U.S. Coast Guard in its ability to address cyber threats.

article thumbnail

14 things you need to know about IT security compliance

Jamf

Learn about IT and security compliance, answering critical questions about their differences, similarities and more importantly, how best practices help your organization develop their IT security compliance plan.

article thumbnail

Search Volume to Drop 25% by 2026 Due to AI Agents, Predicts Gartner

Information Matters

Search engine volume is expected to fall by 25% over the next few years, according to a new prediction by research firm Gartner. The decline will be driven by the Read more The post Search Volume to Drop 25% by 2026 Due to AI Agents, Predicts Gartner appeared first on Information Matters - Where AI Meets Knowledge Management.

52
article thumbnail

Thanks FedEx, This is Why we Keep Getting Phished

Troy Hunt

I've been getting a lot of those "your parcel couldn't be delivered" phishing attacks lately and if you're a human with a phone, you probably have been too. Just as a brief reminder, they look like this: These get through all the technical controls that exist at my telco and they land smack bang in my SMS inbox. However, I don't fall for the scams because I look for the warning signs: a sense of urgency, fear of missing out, and strange URLs that look nothing like any

Phishing 143
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

PwC UK Launches AI Tax Assistant with Harvey and OpenAI

Information Matters

Accounting firm PwC UK has launched an AI-powered tax assistant tool developed in collaboration with startups Harvey and OpenAI. The model is now available to all 2,300 PwC UK tax Read more The post PwC UK Launches AI Tax Assistant with Harvey and OpenAI appeared first on Information Matters - Where AI Meets Knowledge Management.

52
article thumbnail

What Is an Application Level Gateway? How ALGs Work

eSecurity Planet

An application gateway, also known as an application level gateway (ALG), functions as a critical firewall proxy for network security. Its filtering capability ensures that only certain network application data is transmitted, which has an impact on the security of protocols including FTP, Telnet, RTSP, and BitTorrent. Understanding ALGs involves knowing how they work, their pros and cons, and how they integrate with or differ from other types of firewalls.

article thumbnail

Data Breach at French Healthcare Payment Processor Puts 20 Million Policyholders at Risk

KnowBe4

A single account being phished caused millions of French healthcare policyholder records to be breached, putting all 20 million of them on notice that.