The Last Watchdog
JUNE 12, 2023
Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. Privacy controls allow you to say who or what can access a database of customer data or employee data.
IBM Big Data Hub
JUNE 15, 2023
There’s no debate that the volume and variety of data is exploding and that the associated costs are rising rapidly. The proliferation of data silos also inhibits the unification and enrichment of data which is essential to unlocking the new insights. Moreover, increased regulatory requirements make it harder for enterprises to democratize data access and scale the adoption of analytics and artificial intelligence (AI).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JUNE 15, 2023
A new version of the infamous browser extension is spreading through files on websites offering pirated wares, and leverages unique persistence mechanisms.
Data Breach Today
JUNE 13, 2023
Akamai: Rapid Digitalization, Flawed Code Led to 14 Billion Attacks in Past Year Hackers hit the e-commerce industry with 14 billion attacks in 15 months, pushing it to the top of the list of targets for web application and API exploits. A new Akamai report blames digitalization and the wide range of vulnerabilities hackers can exploit in web applications.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
The Last Watchdog
JUNE 12, 2023
The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. Related: SolarWinds-style supply chain attacks on the rise Clop operatives went live last week with an unusual ultimatum — written in broken English and posted in a Dark Web forum — giving the victimized organizations a June 14 th deadline to make direct contact with them under threat of having sensitive stol
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
JUNE 15, 2023
The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.
Data Breach Today
JUNE 16, 2023
Gamaredon Spreads Custom Backdoor Through Thumb Drives A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
The Last Watchdog
JUNE 16, 2023
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations. Related: Supply-chain hack ultimatum The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services.
Krebs on Security
JUNE 15, 2023
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Under a new order from the Cybersecurity and Infrastructure Security Agency (CISA), federal agencies will have 14 days to respond to any reports from CISA
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Thales Cloud Protection & Licensing
JUNE 15, 2023
A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management. Key Management as a Service (KMaaS) allows companies to manage encryption keys more effectively through a cloud-based solution instead of running the service on physical, on-premises
Data Breach Today
JUNE 12, 2023
Debt Collection Software Firm Intellihartx Says Nearly 490,000 Affected by Breach A company that makes patient debt collection software is the latest healthcare sector entity to report a hacking breach related to a flaw in Fortra's GoAnywhere secure file transfer software. To date, the GoAnywhere vulnerability has affected the health information of 4.4 million individuals.
WIRED Threat Level
JUNE 12, 2023
A newly declassified report from the Office of the Director of National Intelligence reveals that the federal government is buying troves of data about Americans.
IT Governance
JUNE 15, 2023
The UK’s broadcasting regulator, Ofcom, has revealed that it’s among the organisations whose data has been stolen in the massive MOVEit cyber attack. In a statement , Ofcom said that a “limited amount” of confidential information was stolen by criminal hackers, although its own systems were not compromised. The data relates to certain companies whose practices Ofcom regulates, as well as 412 of its employees.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Dark Reading
JUNE 16, 2023
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
Data Breach Today
JUNE 16, 2023
New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
The Last Watchdog
JUNE 15, 2023
London, UK, June 15, 2023 – Dropblock for mobile launches today, a free, Web3 storage application offering individuals, developers, and business users a unique and completely secure mobile storage and data sharing solution. Simply download Dropblock today from the App Store or from the Google Play Store to get 5GB of secure blockchain storage for free.
IT Governance
JUNE 15, 2023
This week, we discuss a data breach affecting users of Progress Software’s MOVEit file transfer app, GDPR fines for LinkedIn and Spotify, and the delay of Google Bard’s EU launch because of privacy concerns. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 16.6.23: MOVEit, LinkedIn, Spotify and Google Bard appeared first on IT Governance UK Blog.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
JUNE 16, 2023
MOVEit has created a patch to fix the issue and urges customers to take action to protect their environments, as Cl0p attacks continue to mount, including on government targets.
Data Breach Today
JUNE 15, 2023
Targets Include Southeast Asian Foreign Ministry, Foreign Trade Offices in Taiwan Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant. Hackers used a zero-day vulnerability in Barracuda Networks Email Security Gateway appliances.
The Last Watchdog
JUNE 15, 2023
Cambridge, Mass., June 15, 2023. The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Secure Payment Confirmation (SPC) enables merchants, banks, payment service providers, card networks, and others to lower the friction of strong customer authentication (SCA), and produce cryptographic evidence of user consent, both important aspects of regulatory re
Schneier on Security
JUNE 12, 2023
New research suggests that AIs can produce perfectly secure steganographic images: Abstract: Steganography is the practice of encoding secret information into innocuous content in such a manner that an adversarial third party would not realize that there is hidden meaning. While this problem has classically been studied in security literature, recent advances in generative models have led to a shared interest among security and machine learning researchers in developing scalable steganography te
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Dark Reading
JUNE 13, 2023
Threat actors have grown increasingly sophisticated in applying social engineering tactics against their victims, which is key to this oft-underrated cybercriminal scam's success.
Data Breach Today
JUNE 14, 2023
SharePoint, Multicasting and Exchange Figure Prominently This Month Microsoft's June dump of monthly patches for the first time in months doesn't include a fix for an actively exploited zero day in a slew of fixes for 69 vulnerabilities spread across the computing giant's portfolio of products. Among them: SharePoint, Exchange and serves that enable multicasting.
Hunton Privacy
JUNE 16, 2023
On June 15, 2023, the UK Information Commissioner’s Office (“ICO”) called for businesses to address the privacy risks posed by generative artificial intelligence (“AI”) before “rushing to adopt the technology.” Stephen Almond, the ICO’s Executive Director of Regulatory Risk, said: “Businesses are right to see the opportunity that generative AI offers.
National Archives Records Express
JUNE 12, 2023
This is the next post in a series supporting the publication of 36 CFR section 1236 subpart E – Digitizing Permanent Records. All of the posts have been collected under the 36 CFR Section 1236 category. S49-07-001 – STS-049 – In cabin view of crewmember at the forward flight deck with laptop terminal National Archives Identifier: 22702275 In this blog post, we will explore the key aspects of metadata requirements and their significance in recordkeeping.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
JUNE 15, 2023
A third perp has been fingered, but CISA warns that LockBit variants continue to be a major threat on a global scale.
Data Breach Today
JUNE 13, 2023
St. Margaret's Health Is Permanently Shutting Hospitals and Clinics A rural Illinois medical system will shut down on Friday partly due to fallout from a 2021 ransomware incident as the toll of a wave of extortionate malware exacts rising costs from the healthcare industry. "These problems have no end in sight," said Mike Hamilton of security firm Critical Insight.
eSecurity Planet
JUNE 15, 2023
Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities. It is a critical part of an organization’s cybersecurity program. There are many different vulnerability management frameworks, but the vulnerability management lifecycle of most organizations today typically includes five phases. We’ll examine those and then look at vulnerability management lifecycle best practices.
Expert insights. Personalized for you.
202 
Let's personalize your content