WIRED Threat Level
OCTOBER 24, 2023
Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.
Krebs on Security
OCTOBER 17, 2023
Amir Golestan , the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC , has been sentenced to five years in prison for wire fraud. Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Ca
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
OCTOBER 24, 2023
Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires -- and other online services likely have the same problems.
Data Breach Today
OCTOBER 10, 2023
Threat Actor Likely Operates From A Region With A Strategic Interest In Taiwan A previously undetected cyberespionage group spied against Taiwanese government agencies and the island-country's manufacturing sector, say cybersecurity researchers. The Symantec Threat Hunter Team says it likely operates "from a region with a strategic interest in Taiwan.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Thales Cloud Protection & Licensing
OCTOBER 2, 2023
Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. As we are well and truly in the digital-first age, the need for robust cybersecurity measures is glaringly evident. Though significant, the early days' threats vastly differed from today's sophisticated cyberattacks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
OCTOBER 6, 2023
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.
eSecurity Planet
OCTOBER 12, 2023
Cyber attackers frequently use legacy technology as part of their attack strategies, targeting organizations that have yet to implement mitigations or upgrade obsolete components. In an Active Directory environment, one such component is legacy protocols, which attackers can use to gain access to Active Directory. While patching (or even virtual patching ) might help address obsolete components, most legacy components have been thoroughly evaluated by adversaries to determine whether they should
Dark Reading
OCTOBER 16, 2023
No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.
Data Breach Today
OCTOBER 18, 2023
Qualys, Rapid7 Depart Forrester's Leaderboard as Data Ingestion Takes Center Stage Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors deliver vulnerability management has shifted away from ingesting vulnerability assessment results.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Schneier on Security
OCTOBER 11, 2023
There’s a new Cisco vulnerability in its Emergency Responder product: This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
Security Affairs
OCTOBER 27, 2023
The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).
WIRED Threat Level
OCTOBER 4, 2023
Elon Musk’s brain-chip startup conducted years of tests at UC Davis, a public university. A WIRED investigation reveals how Neuralink and the university keep the grisly images of test subjects hidden.
Troy Hunt
OCTOBER 4, 2023
Imagine you wanted to buy some s**t on the internet. Not the metaphorical kind in terms of "I bought some random s**t online", but literal s**t. Turds. Faeces. The kind of thing you never would have thought possible to buy online until. Shitexpress came along. Here's a service that enables you to send an actual piece of smelly s**t to "An irritating colleague.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
OCTOBER 23, 2023
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.
Data Breach Today
OCTOBER 13, 2023
Researcher Published Proof-of-Concept Exploit Code 1 Day After Vendor Issued Patch Ransomware-wielding attackers are targeting unpatched versions of FTP software that is widely used by large enterprises, including government and educational organizations. A researcher released proof-of-concept exploit code for WS_FTP software just one day after Progress Software issued its patch.
Jamf
OCTOBER 10, 2023
Jamf releases Jamf Pro 11.0! In this blog, learn more about the blending of modern design principles and the powerful management workflows our customers are accustomed to. Paired with new exciting features that ensure that MacAdmins of all experience levels feel right at home with the latest iteration of the best-in-breed, Apple-first, Apple-best MDM solution.
Security Affairs
OCTOBER 22, 2023
MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted. The head of MI5, Ken McCallum, warns that Chinese spies targeted more than 20,000 people in the UK. During a meeting of security chiefs of the Five Eyes alliance held in California, McCallum told BBC that the Chinese cyber espionage reached an epic scale.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
OpenText Information Management
OCTOBER 30, 2023
In the fast-evolving landscape of digital transformation, which is shifting exponentially into the artificial intelligence (AI) era, organizations are accelerating their mainframe modernization journey to innovate and stay competitive. While many with valuable legacy applications on the mainframe perceive the primary challenge to be the archaic COBOL code, a closer look reveals that the real … The post Mainframe Modernization Challenge: It’s Not About COBOL, It’s About Mainfram
Hunton Privacy
OCTOBER 19, 2023
On October 17, 2023, The First-tier Tribunal of the UK General Regulatory Chamber allowed an appeal by Clearview AI Inc (“Clearview”) against an enforcement notice and fine issued by the UK’s Information Commissioner’s Office (“ICO”). On May 18, 2022, the ICO issued an enforcement notice requiring that Clearview delete the personal data of UK individuals collected through the use of its facial recognition technology and held in its database (the “Notice”), as well as a fine of £7.5 million, alle
Dark Reading
OCTOBER 4, 2023
The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space.
Data Breach Today
OCTOBER 20, 2023
BeyondTrust Says It Took Okta Nearly 3 Weeks to Confirm Breach It First Spotted A breach of Okta's support case management system using a stolen credential allowed attackers to access sensitive files uploaded by the identity security giant's customers. San Francisco-based Okta said the threat actor could view filed uploaded by certain customers as part of recent support cases.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Schneier on Security
OCTOBER 17, 2023
Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Ed Appel explains why it’s a bad idea: Last year, I published a 5-part series about Switzerland’s e-voting system.
Security Affairs
OCTOBER 5, 2023
NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politically motivated threat actor called SiegedSec has breached its systems and leaked unclassified documents online. “NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites,” reads a statement issued by s NATO official to media outlets.
WIRED Threat Level
OCTOBER 25, 2023
Inauthentic accounts on X flocked to its owner’s post about Ukrainian president Vlodymr Zelensky, hailing “Comrade Musk” and boosting pro-Russia propaganda.
Hunton Privacy
OCTOBER 9, 2023
On September 29, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth (“CIPL”) released a new paper on its Ten Recommendations for Global AI Regulation. The paper is part of CIPL’s Accountable AI project and follows several earlier contributions including Artificial Intelligence and Data Protection in Tension (October 2018), Hard Issues and Practical Solutions (February 2020), and Artificial Intelligence and Data Protection: How the GDPR Regulates AI (March 2020).
Advertisement
Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.
Dark Reading
OCTOBER 10, 2023
Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.
Data Breach Today
OCTOBER 27, 2023
'Logging Made Easy' Provides Organizations With Critical Cybersecurity Insights The U.S. Cybersecurity and Infrastructure Security Agency launched a security tool intended to help organizations with limited resources better protect their Windows-based devices and sensitive data. Logging Made Easy is meant to serve as a turnkey log management tool.
Hanzo Learning Center
OCTOBER 24, 2023
We will likely now all agree that the latest generation of AI has emerged as a game-changer. Its potential is undeniable and prevalent across every sector, industry, and use case. Yet, many enterprises remain stuck in the "Proof of Concept" (POC) phase due to various barriers, testing the waters but never diving in. It's time to move beyond this and build real-world applications using AI.
Expert insights. Personalized for you.
142 
Let's personalize your content