Sat.Nov 02, 2024 - Fri.Nov 08, 2024

article thumbnail

New Bolster CEO Discusses AI-Driven Fraud and Data Security

Data Breach Today

CEO Rod Schultz Aims to Bridge External, Internal Data Challenges, Eyes CISO Bonds New Bolster CEO Rod Schultz shares his priorities in combating AI-based fraud, underscoring the potential of internal data security solutions. Schultz sees Bolster’s established brand protection tools as a foundation for addressing broader enterprise data security needs and better engaging CISOs.

Security 267
article thumbnail

High-Stakes AI Implementation: Why Information Management is More Critical Than Ever

AIIM

As an information management professional, I've observed a concerning trend in the rush to adopt artificial intelligence (AI) technologies, particularly when the stakes are high. There's a significant disconnect between the allure of these powerful AI tools and the reality of most organizations' data readiness. This disconnect, which I call the "data delusion," poses significant challenges for successful AI implementation, especially in critical decision-making scenarios.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm.

Passwords 131
article thumbnail

One third of consumers would prefer working with AI agents for faster service

Collaboration 2.0

Many consumers are happy to communicate with an AI agent but also want to know when that conversation is happening.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Bypassing ChatGPT Safety Guardrails, One Emoji at a Time

Data Breach Today

Mozilla Researcher Uses Non-Natural Language to Jailbreak GPT-4o Anyone can jailbreak GPT-4o's security guardrails with hexadecimal encoding and emojis. A Mozilla researcher demonstrated the jailbreaking technique, tricking OpenAI's latest model into generating python exploits and malicious SQL injection tools.

Security 246

More Trending

article thumbnail

Flaw in Right-Wing ‘Election Integrity’ App Exposes Voter-Suppression Plan and User Data

WIRED Threat Level

A bug that WIRED discovered in True the Vote’s VoteAlert app revealed user information—and an election worker who wrote about carrying out an illegal voter-suppression scheme.

Privacy 135
article thumbnail

Your dream programming job demands this language, every site agrees

Collaboration 2.0

Want a programming job? Learning any language is good but only one is essential in 2024.

134
134
article thumbnail

Attack Hits Small Rural Georgia Hospital, Nursing Home

Data Breach Today

Memorial Hospital and Manor Tapping Its Experience Dealing With Downtime Procedures A small community hospital and its nursing home in rural Georgia have resorted to paper charts and other manual process for patient care as they deal with a ransomware attack discovered Saturday that knocked its electronic health records and other IT systems offline.

Paper 239
article thumbnail

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Schneier on Security

The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.

Privacy 126
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Russia Is Going All Out on Election Day Interference

WIRED Threat Level

Along with other foreign influence operations—including from Iran—Kremlin-backed campaigns to stoke division and fear have gone into overdrive.

Security 127
article thumbnail

I changed 12 settings on my Android phone to drastically improve battery life

Collaboration 2.0

There are several ways to improve your Android's battery life, and I've sifted through them all to highlight the most effective options - plus an obvious bonus.

129
129
article thumbnail

Russian Fake News and Bomb Threats Target Election Day Votes

Data Breach Today

Russian Threats Aim to Disrupt Nationwide Voting as Americans Flock to the Polls U.S. intelligence agencies warned that Russian interference efforts are escalating on Election Day as millions of Americans cast their ballots nationwide. The Cybersecurity and Infrastructure Security Agency said it was not tracking significant threats to the vote.

article thumbnail

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS. The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. “Palo Alto Networks is aware of a claim of a remote co

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Video: How Hackers Steal Your Cookies & How to Stop Them

eSecurity Planet

Cookies play a crucial role in enhancing your online experience, but they can also be exploited by cybercriminals to access sensitive information. In this video, our expert delves into what cookies are and their function in web browsing, explores the techniques hackers use to steal them — such as session hijacking and cross-site scripting (XSS) — and shares effective strategies and tools to protect your cookies and personal data in 2024.

Passwords 106
article thumbnail

Inside the Massive Crime Industry That’s Hacking Billion-Dollar Companies

WIRED Threat Level

When you download a piece of pirated software, you might also be getting a piece of infostealer malware, and entering a highly complex hacking ecosystem that’s fueling some of the biggest breaches on the planet.

Security 124
article thumbnail

SEC Moves to Get Foreign Testimony in SolarWinds Fraud Case

Data Breach Today

Testimony Request Targets Cybersecurity Concerns Raised by Ex-SolarWinds Engineer In its fraud case against SolarWinds, the SEC is pursuing testimony from former SolarWinds engineer Robert Krajcir - who lives in the Czech Republic - to address claims of lax cybersecurity practices. SolarWinds - which is also representing Krajcir - has until Friday to respond to the SEC's motion.

article thumbnail

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostro

IT 119
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

AIs Discovering Vulnerabilities

Schneier on Security

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from this summer: Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for valid

Security 108
article thumbnail

The new M4 Mac Mini might be the most lovable Mac ever - for two reasons

Collaboration 2.0

The redesigned M4 Mac Mini is nearly the same size as the Apple TV. You can use it as a light workstation, a mini server, a TV streaming box, and more.

IT 113
article thumbnail

Entrust Will Stop Operating As Trusted Certificate Authority

Data Breach Today

Google Designates Entrust 'Untrustworthy' After Years of 'Concerning Behaviors' What's the worst-case scenario for a certificate authority? Citing years of "concerning behaviors," Google and Mozilla are set to treat all new digital certificates issued with Entrust as "untrustworthy," and have urged users to obtain new certificates from a trusted CA.

201
201
article thumbnail

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. over security concerns following a national security review under the Investment Canada Act Canada’s decision to require ByteDance to dissolve the operations of the popular video-sharing platform was guided by security and intelligence advice.

Security 116
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

KnowBe4

ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.

article thumbnail

Watch out, Windows Notepad users: Here comes AI

Collaboration 2.0

Currently available to Windows Insiders in Windows 11, Microsoft's new AI-powered Rewrite feature will help you fine-tune your prose in Notepad.

112
112
article thumbnail

Atos Sells Off A Unit as Lawmakers Ponder Nationalization

Data Breach Today

French Ministry Says Talks Are Ongoing to Acquire Cybersecurity Unit French IT consultancy Atos on Tuesday announced the sale of a power grid consulting and engineer services unit days after some French lawmakers pushed for nationalizing the beleaguered company. The French government considers the company strategically important.

Sales 204
article thumbnail

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The Deceptive Media Era: Moving Beyond "Real vs. Fake"

KnowBe4

As society grapples with the rapid advancement of AI and synthetic media, we've been asking the wrong question. The focus on whether content is "real or fake" misses the more crucial question: "Is this media deceptive?

Phishing 105
article thumbnail

Jamf leads in IDC vendor assessment

Jamf

See why IDC named Jamf a top choice for Apple device management. Learn about features, integrations & industry-specific solutions.

105
105
article thumbnail

ABB Smart Building Software Flaws Invite In Hackers

Data Breach Today

Proof of Concepts Available for Cylon Aspect Energy Management Software Vulnerabilities in a smart building energy management system including an easily exploitable, two-year-old flaw that hasn't been widely patched could let hackers take over instances misconfigured to allow internet exposure. The flaws affect Cylon Aspect software from electrical engineering firm ABB.

186
186