Krebs on Security
JUNE 1, 2023
Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software.
Data Breach Today
MAY 30, 2023
Mikhail Matveev Indictment Shows Police Tracking Top Alleged Ransomware Affiliates How many hackers can claim to have caused a national cheese shortage, not least in the Gouda-loving Netherlands? Enter Mikhail Matveev, a Russian national who's been indicted for wielding not one but three strains of ransomware, in what experts say is a needed focus on ransomware affiliates.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
KnowBe4
MAY 31, 2023
As audio deepfake technology continues to go mainstream as part of the evolution in AI-based tools, new data shows there are plenty of victims and they aren’t prepared for such an attack.
Dark Reading
MAY 31, 2023
Some companies have moved on from using Salesforce. But without remembering to fully deactivate their clouds, Salesforce won't move on from them.
Advertisement
With its unparalleled flexibility, rapid development and cost-saving capabilities, open source is proving time and again that it’s the leader in data management. But as the growth in open source adoption increases, so does the complexity of your data infrastructure. In this Analyst Brief developed with IDC, discover how and why the best solution to this complexity is a managed service, including: Streamlined compliance with some of the most complex regulatory guidelines Simplified operations, li
Data Breach Today
MAY 27, 2023
More than 100 Agencies, Health Entities Impacted by Data Breach Discovered in March An insurance provider that services many state Medicaid agencies and the Children's Health Insurance Program told regulators that hackers compromised the personal and protected health information of nearly 9 million patients in an incident discovered in March.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
MAY 31, 2023
The world of Identity and Access Management ( IAM ) is rapidly evolving. Related: Stopping IAM threats IAM began 25 years ago as a method to systematically grant human users access to company IT assets. Today, a “user” most often is a snippet of code seeking access at the cloud edge. At the RSAC Conference 2023 , I sat down with Venkat Raghavan , founder and CEO of start-up Stack Identity.
AIIM
MAY 30, 2023
This article was written by AIIM Florida Chapter Board Member Alvaro Arias Cruz , District Director of Archives of Bogotá. It was originally published in the AIIM Florida Chapter Newsletter in April 2023. Learn more about the AIIM Florida Chapter at [link]. Colombia has one of the most robust and comprehensive archives laws in the Latin American region, identified as the General Archives Law (Law 594 of 2000).
Data Breach Today
JUNE 2, 2023
Mandiant Said TTPs of Threat Group Behind Exploiting MOVEit Appear Similar to FIN11 Adversaries have taken advantage of a zero-day vulnerability in Progress Software's managed file transfer product to deploy web shells and steal data, Mandiant found. An unknown threat actor began exploiting the critical SQL injection vulnerability in MOVEit Transfer on May 27.
eSecurity Planet
MAY 30, 2023
In March, Microsoft announced its Security Copilot service. The software giant built the technology on cutting-edge generative AI – such as large language models (LLMs) – that power applications like ChatGPT. In a blog post , Microsoft boasted that the Security Copilot was the “first security product to enable defenders to move at the speed and scale of AI.
Advertisement
The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.
Dark Reading
MAY 30, 2023
The government-sponsored dental and oral healthcare provider warned its customers that a March attack exposed sensitive data, some of which was leaked online by the ransomware group.
AIIM
JUNE 2, 2023
AIIM has been discussing the next generation of information management leaders and how the industry can better attract and retain young professionals quite a lot in 2023, and with good reason. The demographics of the workforce are changing. Generation Z (people born between 1997-2012) will account for 30 percent of the U.S. civilian labor force by 2030, according to the U.S.
Data Breach Today
MAY 29, 2023
UK Financial Services Firms Record $1.5 Billion in Losses Last Year Due to Fraud Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.
John Battelle's Searchblog
MAY 31, 2023
Well that was something. Yesterday the Center for AI Safety, which didn’t exist last year, released a powerful 22-word statement that sent the world’s journalists into a predictable paroxysm of hand-wringing: “Mitigating the risk of extinction from A.I. should be a global priority alongside other societal-scale risks, such as pandemics and nuclear war.
Advertisement
Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.
Dark Reading
JUNE 2, 2023
A recent campaign tricks victims into visiting credential harvesting sites by hiding malicious URLs behind photos advertising deals from trusted brands.
Schneier on Security
JUNE 1, 2023
Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. The press coverage has been extensive, and surprising to me. The New York Times headline is “A.I. Poses ‘Risk of Extinction,’ Industry Leaders Warn.” BBC : “Artificial intelligence could lead to extinction, experts warn.”
Data Breach Today
MAY 31, 2023
Amazon-Owned Ring Will Pay $5.8 Million to Settle FTC Investigation Amazon agreed to pay $5.8 million to settle a Federal Trade Commission investigation into allegedly poor cybersecurity practices by its Ring home surveillance device subsidiary. The company is also poised to come under two decades' worth of outside reviews of a mandated data and security program.
KnowBe4
JUNE 2, 2023
A new study found that ChatGPT can accurately recall any sensitive information fed to it as part of a query at a later date without controls in place to protect who can retrieve it.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr
Dark Reading
MAY 31, 2023
The newly found misconfigured cloud services are discovered just two weeks after an initial data breach affecting millions came to light.
Hunton Privacy
MAY 30, 2023
On May 22, 2023, the Federal Trade Commission filed an amicus brief in support of a ruling by the United States Court of Appeals for the Ninth Circuit that COPPA does not preempt state laws claims that are consistent with COPPA. The brief was filed in the case of Jones v. Google. The lawsuit, which was brought by parents on behalf of their children, alleges that video sharing platform YouTube, which is owned by Google, and specific YouTube channel owners violated state laws by collecting persona
Data Breach Today
MAY 31, 2023
Threat Actor's Targets This Year Include Government Agencies in Brunei, Indonesia A recently emerged threat actor dubbed Dark Pink is updating its custom tool set in a bid to evade detection while expanding its operations to new Southeast Asian targets. Threat intel firm Group-IB counts 13 total victims of Dark Pink, which first became active in mid-2021.
Hanzo Learning Center
MAY 30, 2023
Workplace collaboration tools like Slack and MS Teams have become ubiquitous in many organizations. However, they also present unique challenges for data governance and ediscovery in the event of litigation. To avoid potential legal issues and fines, it is crucial to have a tailored retention policy, acceptable use policy, and employee training in place.
Advertisement
It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.
Dark Reading
JUNE 2, 2023
Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated.
Schneier on Security
MAY 30, 2023
It’s neither hard nor expensive : Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the fingerprint database.
Data Breach Today
MAY 29, 2023
Data Breach Exposed Nearly 20 Years of 'Indefinitely' Stored Payment Card Data Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
National Archives Records Express
MAY 30, 2023
Digitization project at Archives 1 (Room 18W2) National Archives Identifier: 184341402 This is our fourth blog post taking a deep dive into 36 CFR 1236 Subpart E–Digitizing Permanent Records , which takes effect next week. In this post, we address quality management (QM) which includes the quality assurance (QA) and quality control (QC) requirements provided in the regulation.
Advertisement
In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.
Dark Reading
MAY 30, 2023
A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.
KnowBe4
MAY 30, 2023
At KB4-CON 2023, we had a customer panel that I hosted discussing the connection between security and compliance training content when trying to change organizational security culture.
Data Breach Today
MAY 30, 2023
UK Financial Services Firms Record $1.5 Billion in Losses Last Year Due to Fraud Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.
Expert insights. Personalized for you.
246 
Let's personalize your content