July, 2023

article thumbnail

Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign

Dark Reading

An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.

113
113
article thumbnail

Who’s Behind the DomainNetworks Snail Mail Scam?

Krebs on Security

If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Unveils National Cyber Workforce Strategy

Data Breach Today

Plan Includes Boosting Cyber Professional Skills, Plus Cyber Literacy for All Jobs The Biden administration on Monday released a national strategy addressing cyber workforce shortages and calling long-standing vacancies a national security imperative. The White House says the U.S. needs more cyber professionals and should augment cyber literacy in jobs throughout the economy.

Security 224
article thumbnail

News Alert: CrowdSec report highlights the rise of IPv6 in cyber criminal activities

The Last Watchdog

Paris, France, July 27, 2023 – CrowdSec , the pioneering open source and collaborative cybersecurity company, today released its Q2 2023 Majority Report , a comprehensive community-driven data report fueled by the collective efforts of its thousands of users. Key takeaways from the report include the rise of IPv6 as well as the role of VPN in cybercriminal activities.

article thumbnail

The Tumultuous IT Landscape Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Threads: We Don’t Want to “Hang Out With Everybody.” Sometimes, We Want To Leave.

John Battelle's Searchblog

(AP Photo/Richard Drew) Apparently the open web has finally died. This the very same week Meta launches Threads , which, if its first day is any indication, seems to be thriving (10 million sign ups in its first few hours, likely 50 million by the time this publishes…). But before Threads’ apparent success, most writers covering tech had decided that the era of free, open-to-the-public, at scale services like Twitter, Reddit, and even Facebook/Insta is over.

IT 141

More Trending

article thumbnail

Microsoft Teams Exploit Tool Auto-Delivers Malware

Dark Reading

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

145
145
article thumbnail

World Youth Skills Day 2023: Engaging Youth with Cybersecurity

Thales Cloud Protection & Licensing

World Youth Skills Day 2023: Engaging Youth with Cybersecurity madhav Thu, 07/13/2023 - 04:56 In 2014, the United Nations General Assembly declared 15 July as World Youth Skills Day to celebrate the strategic importance of equipping young people with skills for employment, decent work, and entrepreneurship. “Young people are drivers of change and must be fully engaged in decisions affecting their future,” said UN Secretary-General António Guterres.

article thumbnail

Clop Crime Group Adds 62 Ernst & Young Clients to Leak Sites

Data Breach Today

Victims Include Airline, Banks, Hospitals, Retailers in Canada The growing list of MOVEit cyberattack victims has grown. Sixty-two 62 clients of Big Four accounting firm Ernst & Young now appear on the Clop ransomware group's data leak sites. A spokesperson for Ernst & Young confirmed that a "limited" attack on the company's systems had occurred.

Retail 239
article thumbnail

MY TAKE: ‘IOWN’ makes the business case for fostering diversity, respecting individual privacy

The Last Watchdog

To tap the full potential of massively interconnected, fully interoperable digital systems we must solve privacy and cybersecurity, to be sure. Related: Using ‘Big Data’ to improve health and well-being But there’s yet another towering technology mountain to climb: we must also overcome the limitations of Moore’s Law. After 30 years, we’ve reached the end of Moore’s Law , which states that the number of transistors on a silicon-based semiconductor chip doubles approximately eve

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

U.S. Announces Fulfillment of EU-U.S. Data Privacy Framework Requirements

Hunton Privacy

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo issued a statement confirming that the U.S. has fulfilled its commitments for implementing the EU-U.S. Data Privacy Framework (the “Framework”). In the statement, it was confirmed that the EU, Iceland, Liechtenstein and Norway, have been designated as “qualifying states” for purposes of implementing the redress mechanism established under Executive Order 14086, such designation to be become effective upon the adoption of an adequacy decis

article thumbnail

The AI Dividend

Schneier on Security

For four decades, Alaskans have opened their mailboxes to find checks waiting for them, their cut of the black gold beneath their feet. This is Alaska’s Permanent Fund, funded by the state’s oil revenues and paid to every Alaskan each year. We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI.

IT 114
article thumbnail

Google Searches for 'USPS Package Tracking' Lead to Banking Theft

Dark Reading

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.

127
127
article thumbnail

Webcast: Today’s biggest information management challenges

OpenText Information Management

Are information sprawl, data access and security concerns holding back workforce productivity? Will the seemingly endless amounts of information that can be generated by AI only exacerbate information overload? Is cloud adoption creating siloes of information and adding complexity? These information management challenges and how to overcome them were discussed by a panel of industry … The post Webcast: Today’s biggest information management challenges appeared first on OpenText Blogs.

Cloud 98
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Combat IT Team Burnout by Embracing Automation

Data Breach Today

Expel VP Chris Waynforth on How Security Researchers Can Reduce False Positives Unnecessary cyber alerts are a threat that can overwhelm defenders, leading to burnout and reduced efficiency within the team. Chris Waynforth, vice president and general manager at Expel, said adopting automation solutions to filter and prioritize alerts allows for more effective incident response.

IT 236
article thumbnail

GUEST ESSAY: Why it’s high time for us to rely primarily on passwordless authentication

The Last Watchdog

Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies. Related: Satya Nadella calls for facial recognition regulations Historically, this relationship has been effective from both the user experience and host perspectives; passwords unlocked a world of possibilities, acted as an effective security measure, and were simple to remember.

article thumbnail

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. On November 9, 2022, NYDFS published a first draft of the proposed Amendment and received comments from stakeholders over a 60-day period. The updated proposed Amendment will be subject to an additional 45-day comment period.

article thumbnail

Class-Action Lawsuit for Scraping Data without Permission

Schneier on Security

I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it “scraped 300 billion words from the internet” without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other hand, I want us all to be compensated for our uniquely human ability to generate language.

Paper 107
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Microsoft Discloses 5 Zero-Days in Voluminous July Security Update

Dark Reading

Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office,Net, and Azure Active Directory, among others.

Security 128
article thumbnail

Can AI make government services more human?

CGI

While much attention on artificial intelligence (AI) has been focused on the commercial sector, AI and the public sector is a perfect fit. In fact, there are many use cases already for using AI to digitalize government services, including improving water quality for communities to helping answer constituent and health worker questions.

article thumbnail

Federal Reserve's FedNow Goes Live With Fast Payments

Data Breach Today

Program Expected to Modernize Country's Payment Systems FedNow, the Federal Reserve's first instant payment service, officially launched on Thursday. FedNow so far has 35 banks and credit unions and 16 service providers certified to use the service including community banks and large lenders such as JPMorgan Chase and Bank of New York Mellon.

233
233
article thumbnail

TETRA Radio Code Encryption Has a Flaw: A Backdoor

WIRED Threat Level

A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.

article thumbnail

How Top Tech CFOs Solve Annual Planning’s Biggest Challenges

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

article thumbnail

UK ICO Encourages Use of Privacy Enhancing Technologies

Hunton Privacy

On June 19, 2023, the UK Information Commissioner’s Office (“ICO”) recommended that organizations start using privacy enhancing technologies (“PETs”) to share personal information safely, securely and anonymously. The ICO also has issued new guidance on PETs which is aimed at those using large data sets in finance, healthcare, money laundering and cybercrime.

Privacy 107
article thumbnail

Belgian Tax Hack

Schneier on Security

Here’s a fascinating tax hack from Belgium (listen to the details here , episode #484 of “No Such Thing as a Fish,” at 28:00). Basically, it’s about a music festival on the border between Belgium and Holland. The stage was in Holland, but the crowd was in Belgium. When the copyright collector came around, they argued that they didn’t have to pay any tax because the audience was in a different country.

IT 105
article thumbnail

Shell Becomes Latest Cl0p MOVEit Victim

Dark Reading

In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.

IT 134
article thumbnail

What’s new in Application Modernization & Connectivity  

OpenText Information Management

Helping our customers build for the future through smarter modernization New product updates are now available within Application Modernization & Connectivity (AMC) – OpenText’s marketing leading solution for COBOL and mainframe application development, deployment, and modernization as well as mainframe host access and security. Latest OpenText of Cloud Editions includes updates to its COBOL, Mainframe … The post What’s new in Application Modernization & Connectivity appeared fi

Cloud 98
article thumbnail

An Architect’s Guide for Selecting Scalable, Data-Layer Technologies

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

article thumbnail

Midyear Health Data Breach Analysis: The Top Culprits

Data Breach Today

Latest Hacking, Vendor Incident Trends Emerging From the Federal Tally Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?

article thumbnail

Digital Is Killing Serendipity

John Battelle's Searchblog

The buildings are the same, but the information landscape has changed, dramatically. Today I’m going to write about the college course booklet, an artifact of another time. I hope along the way we might learn something about digital technology, information design, and why we keep getting in our own way when it comes to applying the lessons of the past to the possibilities of the future.

article thumbnail

BREAKING: EU Commission Adopts EU-U.S. Data Privacy Framework Adequacy Decision

Hunton Privacy

On July 10, 2023, the European Commission formally adopted a new adequacy decision on the EU-U.S. Data Privacy Framework (the “Adequacy Decision”). The adoption of this Adequacy Decision follows years of intense negotiations between the EU and the U.S., after the invalidation of the EU-U.S. Privacy Shield by the Court of Justice of the European Union (“CJEU”) in the Schrems II case.