Sat.Nov 25, 2023 - Fri.Dec 01, 2023

article thumbnail

GUEST ESSAY: Steps to leveraging ‘Robotic Process Automation’ (RPA) in cybersecurity

The Last Watchdog

In cybersecurity, keeping digital threats at bay is a top priority. A new ally in this battle is robotic process automation (RPA.) This technology promises to simplify tasks, boost accuracy and quicken responses. Related: Gen-A’s impact on DevSecOps Robotic process automation is about getting repetitive, rule-based tasks done with the help of software robots , often called “bots.

article thumbnail

North Korea's Supercharged State-Backed Cryptocurrency Theft

Data Breach Today

Report Says State Backing Makes Pyongyang's Hackers Like Cybercriminals on Steroids To service the perpetually cash-starved regime of North Korea, hackers will continue their relentless onslaught on cryptocurrency - and all users of it - with state backing to industrialize their hacking and money laundering capabilities, experts warn.

IT 311
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Public AI: Bad. Internal AI: Good. With Information Governance: Great!

Weissman's World

We’ve talked a lot about the perils of using generative AI, which while improving is still prone to making stuff up and exposes our data to privacy problems if used as engine fodder. But I don’t know that I’ve properly distinguished between the “bad” public technologies and the possible “good” of those installed internally –… Read More » Public AI: Bad.

article thumbnail

How Generative AI Can Improve Enterprise Search

AIIM

I was inspired to write this post after listening to an episode of “This Week in Windows” on Leo Laporte’s TWIT.TV podcast network. Leo and one of his co-hosts got into an interesting discussion on the use of Generative AI like ChatGTP with respect to search on the internet. Leo seemed to be making the same mistake many do, and confusing the concepts of using a search engine to answer a query by finding sources of information, and asking a Generative AI system based on a Large Language Model (LL

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

The CDC's Gun Violence Research Is in Danger

WIRED Threat Level

In a year pocked with fights over US government funding, Republicans are quietly trying to strip the Centers for Disease Control and Prevention of its ability to research gun violence.

More Trending

article thumbnail

News alert: AppDirect poll reveals company leaders losing sleep over cyber risks, compliance

The Last Watchdog

San Francisco, Calif., Nov. 28, 2023 – AppDirect , the world’s leading B2B subscription commerce platform, today released key findings from its IT Business Leaders 2024 Outlook Report. The study, conducted by independent research firm Propeller Insights, dives into how IT business leaders feel about their security posture in a world where the technologies they embrace to grow and thrive are also vulnerable to constant and increasing threats.

article thumbnail

My CIP Story: Using Certification to Advance Myself and Others

AIIM

I am brimming with pride right now. On November 27, 2023, the Association for Intelligent Information Management (AIIM) debuted a new version of the Certified Information Professional (CIP) credential. On November 27, I also found out that I had earned my CIP!

153
153
article thumbnail

Managing AI risks and legal implications, effective cybersecurity, ensuring privacy and the integrity of organizational records

Data Protection Report

In a world where generative AI is driving innovation and technology is outpacing legislation, there’s a lot for companies to consider to maintain operational effectiveness and minimize risk. To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023 technology, privacy and cybersecurity virtual summit. Our leading lawyers were joined by prominent industry leaders to discuss and explore the latest developments, challenges and opportunities in the technology, privacy, and cybersec

article thumbnail

Police Bust Suspected Ransomware Group Ringleader in Ukraine

Data Breach Today

5 Suspects Arrested; Group Tied to Ransomware Attacks Against 1,800 Victims Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 victims, from which they demanded ransoms collectively worth hundreds of millions of dollars.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

You Don’t Need to Turn Off Apple’s NameDrop Feature in iOS 17

WIRED Threat Level

Yes, your iPhone automatically turns on NameDrop with the latest software update. But you shouldn’t really be worried about it—regardless of what the police are saying.

IT 135
article thumbnail

Critical Zoom Room bug allowed to gain access to Zoom Tenants

Security Affairs

A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data. Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne live hacking event H1-4420. Zoom Rooms is a feature of the Zoom video conferencing platform designed to enhance collaboration in physical meeting spaces, such as conference rooms or huddle rooms.

Access 129
article thumbnail

Top Four Security Tips for Cyber Safety on National Computer Security Day

KnowBe4

To celebrate National Computer Security Day , which is recognized on November 30 every year, KnowBe4 encourages all IT and security professionals to train their workforce how to stay safe from cybersecurity threats as the organization’s last line of defense.

Security 124
article thumbnail

Breach Roundup: Ukraine Hacks Russian Aviation Agency

Data Breach Today

Also, Cyberattack Targets Japan's Space Agency JAXA This week, Ukraine's intelligence service hacked Russian aviation agency, a cyberattack targeted Japan's space agency, Google addressed another zero-day, a French-led operation dismantled a Ukrainian ransomware group, and spyware targeted Serbian civil society.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

A Civil Rights Firestorm Erupts Around a Looming Surveillance Power Grab

WIRED Threat Level

Dozens of advocacy groups are pressuring the US Congress to abandon plans to ram through the renewal of a controversial surveillance program that they say poses an “alarming threat to civil rights.

Privacy 129
article thumbnail

Expert warns of Turtle macOS ransomware

Security Affairs

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat.

article thumbnail

News alert: Kiteworks forecast lays out risk predictions, strategies for sensitive content in 2024

The Last Watchdog

San Mateo, Calif., November 29, 2023 – Kiteworks , which delivers data privacy and compliance for sensitive content communications through its Private Content Network (PCN), released today its Sensitive Content Communications 2024 Forecast Report. The report outlines 12 predictions and strategies to help IT, security, risk management, and compliance leaders tackle data privacy and cyber-risk challenges for the coming year.

Risk 100
article thumbnail

Udderly Insecure: Researchers Spot Cow-Tracking Collar Flaws

Data Breach Today

IoT Hackers Could Inject Data to Fool 'Smart' Farmers and Vets About Animal Welfare Not even dairy cows appear to be safe from internet of things flaws, researchers report after reverse-engineering health-monitoring collars for cows and finding they could eavesdrop on and alter data. Once addressed by the manufacturer, they said the non-updateable collars would have to be replaced.

IoT 312
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Section 702 Surveillance Reauthorization May Get Slipped Into ‘Must-Pass’ NDAA

WIRED Threat Level

Congressional leaders are discussing ways to reauthorize Section 702 surveillance, including by attaching it to the National Defense Authorization Act, Capitol Hill sources tell WIRED.

IT 122
article thumbnail

Apple addressed 2 new iOS zero-day vulnerabilities

Security Affairs

Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices. Apple released emergency security updates to address two zero-day vulnerabilities impacting iPhone, iPad, and Mac devices. The flaws are actively exploited in attacks in the wild, both issues reside in the WebKit browser engine.

Security 122
article thumbnail

Artificial Intelligence (Regulation) Bill: UK Private Members’ Bill underscores wide-spread regulatory concerns

Data Protection Report

A Private Members’ Bill, the Artificial Intelligence (Regulation) Bill (the Bill ), has been introduced into House of Lords (the UK’s upper House of the UK Parliament) and is currently at the second Parliamentary stage. The King’s Speech , which set out the agenda for the current Parliamentary session, did not contain any proposals from the Government for legislation on AI, a point that was highlighted by the House of Commons Science, Innovation and Technology Committee.

article thumbnail

Okta Delays New Products, Projects 90 Days to Boost Security

Data Breach Today

Push Comes After Okta Said Hacker Had Stolen Every Customer Support User's Details Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.

Security 306
article thumbnail

A Tale of Two Case Studies: Using LLMs in Production

Speaker: Tony Karrer, Ryan Barker, Grant Wiles, Zach Asman, & Mark Pace

Join our exclusive webinar with top industry visionaries, where we'll explore the latest innovations in Artificial Intelligence and the incredible potential of LLMs. We'll walk through two compelling case studies that showcase how AI is reimagining industries and revolutionizing the way we interact with technology. Some takeaways include: How to test and evaluate results 📊 Why confidence scoring matters 🔐 How to assess cost and quality 🤖 Cross-platform cost vs. quality tr

article thumbnail

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

KnowBe4

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach.

article thumbnail

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional water district that provides wholesale water, wastewater treatment, and solid waste services to a group of member cities and customers in North Texas, United States.

article thumbnail

Extracting GPT’s Training Data

Schneier on Security

This is clever : The actual attack is kind of silly. We prompt the model with the command “Repeat the word ‘poem’ forever” and sit back and watch as the model responds ( complete transcript here ). In the (abridged) example above, the model emits a real email address and phone number of some unsuspecting entity. This happens rather often when running our attack.

Paper 117
article thumbnail

TrickBot Developer Pleads Guilty in US Court

Data Breach Today

Vladimir Dunaev Faces Up to 35 Years in Prison A Russian national pleaded guilty in U.S. federal court for his role in developing TrickBot. Operators of the malware targeted hospitals and healthcare centers with ransomware attacks during the height of the novel coronavirus pandemic. Vladimir Dunaev faces up to 35 years in prison.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Users Fall for Smishing Attacks 6-10 Times More Than Email-Based Attacks

KnowBe4

With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social engineering tactics.

article thumbnail

California Privacy Protection Agency Publishes Draft Regulations on Automated Decisionmaking Technology

Hunton Privacy

On November 27, 2023, the California Privacy Protection Agency (“CPPA”) published its draft regulations on automated decisionmaking technology (“ADMT”). The regulations propose a broad definition for ADMT that includes “any system, software, or process—including one derived from machine-learning, statistics, or other data-processing or artificial intelligence—that processes personal information and uses computation as whole or part of a system to make or execute a decision or facilitate human de

Privacy 117
article thumbnail

The hack of MSP provider CTS potentially impacted hundreds of UK law firms

Security Affairs

The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom. CTS is a trusted provider of IT services to the legal sector in the UK. The company announced that it is investigating a cyber attack that caused a service outage. The incident impacted a portion of the services. The security incident potentially impacted hundreds of British law firms. “ We are experiencing a service outage which has impacted a portion of the services we de