Weissman's World

JANUARY 14, 2025

For years, youve heard me exhort you to implement information governance because you collected all that information for a reason, right? and infogov is how you get value from it. And while thats true, Im not sure I ever completely brought that sentiment to ground. So let me now close that gap. Over the next… Read More » Turning Information Into Outcomes: What Governance Really is About The post Turning Information Into Outcomes: What Governance Really is About appeared first on Holly

Government 289

Government Information governance IT Records Management 289

Data Breach Today

JANUARY 3, 2025

iPhone Maker Introduced Feature Without Explicit Consent Apple's artificial intelligence-led photo analyzer is raising privacy concerns months after the company appears to have enabled the feature by default. It uses a combination of on-device machine learning and encrypted cloud-based processing.

Privacy 281

Privacy Artificial Intelligence Encryption Cloud 281

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

Phishing 346

Phishing Passwords Authentication Data breaches 346

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware. In late November, the experts spotted a malspam campaign impersonating DHL which used emails about freight invoices, attaching zip files named “Invoice###.zip” or “Trackin

File names 348

File names Authentication Archiving Access 348

Speaker: Dr. Christine Gall, DrPH, MS, BSN, RN

The promise of virtual care is no longer theoretical and is now a critical solution to many of healthcare’s most urgent challenges. Yet many healthcare leaders remain unsure how to build a business case for investment and launching the right program at the right time can be the difference between value and failure. For organizations seeking a financially sound, clinically effective entry point, Virtual Patient Observation (VPO) offers a compelling case to lead with.

Collaboration 2.0

JANUARY 28, 2025

The AI model that shook the world is part of a broad trend to squeeze more out of chips using what's called sparsity.

363

363

Weissman's World

JANUARY 6, 2025

Who here has seen the 1983 movie WarGames? In it, a high school teenager seeking the newest, hottest prerelease videogame hacks into a NORAD computer by mistake, and the simulation he triggers nearly causes WWIII because the soldierly decision-making was intentionally left to the machine, not the military. Watching with the family the other day,… Read More » Movie From 1983 Had AI and InfoGov Right The post Movie From 1983 Had AI and InfoGov Right appeared first on Holly Group.

Military 279

Military IT Information governance Government 279

Data Breach Today

JANUARY 13, 2025

Mitigating Cybersecurity, Privacy Risks for New Class of Autonomous Agents Many organizations are looking to artificial intelligence agents to autonomously perform tasks that surpass traditional automation. Tech firms are rolling out agentic AI tools that can handle customer-facing interactions, IT operations and a variety of other processes without human intervention, but experts are cautioning security teams to watch for cyber and privacy risks.

Risk 230

Risk Artificial Intelligence Privacy Cybersecurity 230

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.

Phishing 289

Phishing e-Delivery Sales Authentication 289

Security Affairs

JANUARY 5, 2025

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware family called PLAYFULGHOST that supports multiple features, including keylogging, screen and audio capture, remote shell, and file transfer/execution. The PLAYFULGHOST backdoor shares functionality with Gh0stRAT whose source code was publicly released in 2008.

File names 326

File names Archiving Phishing Encryption 326

Speaker: Lee Andrews, Founder at LJA New Media & Tony Karrer, Founder and CTO at Aggregage

This session will walk you through how one CEO used generative AI, workflow automation, and sales personalization to transform an entire security company—then built the Zero to Strategy framework that other mid-market leaders are now using to unlock 3.5x ROI. As a business executive, you’ll learn how to assess AI opportunities in your business, drive adoption across teams, and overcome internal resource constraints—without hiring a single data scientist.

Marketing

Collaboration 2.0

JANUARY 9, 2025

If you're just now jumping onto the Linux train, you might be wondering what apps to install first. Here are the first 10 I find should be installed by all.

363

363

WIRED Threat Level

JANUARY 23, 2025

Now-fixed web bugs allowed hackers to remotely unlock and start millions of Subarus. More disturbingly, they could also access at least a year of cars location historiesand Subaru employees still can.

IT 361

IT Security Access Privacy 361

Weissman's World

JANUARY 30, 2025

I get inquiries all the time from people seeking support as they ready to tackle what sound like fairly specific records and information governance issues. Lately, these types of inquiries have fallen into these three general areas: Getting rid of paper Moving to the cloud Preparing for AI These descriptors which well use throughout… Read More » Good Governance is About the Why The post Good Governance is About the Why appeared first on Holly Group.

Government 287

Government Information governance Paper Cloud 287

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. The cybersecurity landscape is evolving as attackers harness the power of artificial intelligence (AI) to develop advanced and evasive threats.

Artificial Intelligence 130

Artificial Intelligence Encryption Cybersecurity Analytics 130

Speaker: Alex Salazar, CEO & Co-Founder @ Arcade | Nate Barbettini, Founding Engineer @ Arcade | Tony Karrer, Founder & CTO @ Aggregage

There’s a lot of noise surrounding the ability of AI agents to connect to your tools, systems and data. But building an AI application into a reliable, secure workflow agent isn’t as simple as plugging in an API. As an engineering leader, it can be challenging to make sense of this evolving landscape, but agent tooling provides such high value that it’s critical we figure out how to move forward.

Security

AIIM

JANUARY 2, 2025

When Systems Don't Talk to Each Other In my organization, we have dozens of corporate systems, and all of them do really important things as part of the work of the organization. But if somebody wants to ask a question like, "How are we providing services into a particular community?" and "What are the types of services in a particular community we're offering over time?

Information governance 118

Information governance Government Big data 118

Security Affairs

JANUARY 10, 2025

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Archiving 302

Archiving Phishing Encryption Passwords 302

Collaboration 2.0

JANUARY 26, 2025

The lighter and thinner design, upgraded processor, and swath of Galaxy AI tools are top-notch, but has Samsung done enough to win you over?

356

356

WIRED Threat Level

JANUARY 29, 2025

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

Security 358

Security Artificial Intelligence Privacy 358

Speaker: Frank Taliano

Documents are the backbone of enterprise operations, but they are also a common source of inefficiency. From buried insights to manual handoffs, document-based workflows can quietly stall decision-making and drain resources. For large, complex organizations, legacy systems and siloed processes create friction that AI is uniquely positioned to resolve.

IT

Data Breach Today

JANUARY 20, 2025

Customers Question Why PowerSource Support Tool Had Direct Access to Their Systems Educational software-maker PowerSchool faces over 20 lawsuits seeking class-action status, filed in the wake of a massive data breach involving current and former student and faculty data being held by an as-yet-unknown number of school districts across the U.S., Canada and Bermuda.

Data breaches 278

Data breaches Education Access 278

The Last Watchdog

JANUARY 15, 2025

Tel Aviv, Israel, Jan. 15, 2025, CyberNewswire — Sweet Security , a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. This innovation enhances Sweet’s unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%.

Cloud 130

Cloud Analytics Privacy Security 130

Adam Shostack

JANUARY 2, 2025

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design. I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach.

Ransomware 98

Ransomware Encryption Access IT 98

Security Affairs

JANUARY 2, 2025

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjackingis a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites.

Authentication 296

Authentication IT Security Access 296

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Collaboration 2.0

JANUARY 7, 2025

You just followed a fascinating new account on Bluesky. But does that account really belong to who you think it does?

IT 359

IT 359

WIRED Threat Level

JANUARY 10, 2025

Data WIRED collected during the 2024 Democratic National Convention strongly suggests the use of a cell-site simulator, a controversial spy device that intercepts sensitive data from every phone in its range.

IT 355

IT Privacy Security 355

Data Breach Today

JANUARY 30, 2025

Also: Infostealer Malware Compromises Mexican Government Computers This week, DeepSeek exposed sensitive data, hackers exploited unpatched Zyxel flaws, infostealer malware on Mexican government computers, Smiths Group incident, PowerSchool breach notifications, an Apple zero-day, XWorm RAT backdoor, and Credit Control Corporation settled a lawsuit.

Government 265

Government 265

The Last Watchdog

JANUARY 15, 2025

Prague, Czech Republic, Jan. 15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. Czech cybersecurity startup Wultra has raised 3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats.

Authentication 130

Authentication Security Marketing Compliance 130

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world. At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first offi

Passwords 326

Passwords Security IT Data breaches 326

Security Affairs

JANUARY 24, 2025

Threat actors are targeting Juniper routers with a custom backdoor in a campaign called code-named “J-magic,” attackers are exploiting a Magic Packet flaw. Lumen Technologies researchers reported that the J-magic campaign targets Juniper routers with a custom backdoor using a passive agent based on the cd00r variant (an open-source backdoor by fx ).

Encryption 304

Encryption Access Security IT 304

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. A severe vulnerability, tracked as CVE-2024-12365 (CVSS score of 8.5) in the WordPress W3 Total Cache plugin could expose metadata from internal services and cloud apps. The WordPress W3 Total Cache plugin is a popular performance optimization tool designed to improve the speed and efficiency of WordPress websites.

Metadata 315

Metadata Authentication Consumer Services Cloud 315