Sat.Dec 31, 2022 - Fri.Jan 06, 2023

article thumbnail

Why Do Ransomware Victims Pay for Data Deletion Guarantees?

Data Breach Today

Paying for Promises That Can't Be Audited Paints a Repeat-Attack Target on Victims Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data.

article thumbnail

GUEST ESSAY: These common myths and misconceptions make online browsing very risky

The Last Watchdog

For the average user, the Internet is an increasingly dangerous place to navigate. Related: Third-party snooping is widespread. Consider that any given website experiences approximately 94 malicious attacks a day , and that an estimated 12.8 million websites are infected with malware. So, in response to these numbers, users are seeking ways to implement a more secure approach to web browsing.

Privacy 214
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Five Guys Data Breach Puts HR Data Under a Heat Lamp

Dark Reading

Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.

article thumbnail

Data Breach: CircleCI Says Immediately 'Rotate Your Secrets'

Data Breach Today

Continuous Integration Software Development Platform Suspects 2-Week Intrusion CircleCI, which is used by over 1 million developers to build, test and deploy software, has issued a brief security alert warning all customers to immediately "rotate any secrets stored in CircleCI" as it continues to probe a suspected two-week intrusion.

article thumbnail

LLMOps for Your Data: Best Practices to Ensure Safety, Quality, and Cost

Speaker: Travis Addair, Co-Founder and CTO at Predibase

Large Language Models (LLMs) such as ChatGPT offer unprecedented potential for complex enterprise applications. However, productionzing LLMs comes with a unique set of challenges such as model brittleness, total cost of ownership, data governance and privacy, and the need for consistent, accurate outputs. Putting the right LLMOps process in place today will pay dividends tomorrow, enabling you to leverage the part of AI that constitutes your IP – your data – to build a defensible AI strategy for

article thumbnail

Cops Hacked Thousands of Phones. Was It Legal?

WIRED Threat Level

When police infiltrated the EncroChat phone system in 2020, they hit an intelligence gold mine. But subsequent legal challenges have spread across Europe.

Mining 86

More Trending

article thumbnail

What will 2023 bring in the realms of cybersecurity and privacy?

Thales Cloud Protection & Licensing

What will 2023 bring in the realms of cybersecurity and privacy? divya. Thu, 01/05/2023 - 05:52. As geopolitical tensions persist and economic instability looms, organizations should get ready for a rise in cyber risks. What will 2023 bring in the realms of cybersecurity and privacy? Here are six predictions I think you should consider for the year ahead.

article thumbnail

Data architecture strategy for data quality

IBM Big Data Hub

Poor data quality is one of the top barriers faced by organizations aspiring to be more data-driven. Ill-timed business decisions and misinformed business processes, missed revenue opportunities, failed business initiatives and complex data systems can all stem from data quality issues. Just one of these problems can prove costly to an organization.

article thumbnail

List of data breaches and cyber attacks in December 2022 – 31.5 million records breached

IT Governance

December can be the best or worst time to suffer a data breach. On the one hand, people have started to wind down to the end of the year, all attention is on holidays and a data breach is more likely to fall under the data. But for the very same reasons, a December data breach can be the worst possible scenario. Your team suddenly has a mountain of work on its hands as it mitigate the damage.

article thumbnail

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs

Google will pay $29.5 million to settle two different lawsuits in the US over its deceptive location tracking practices. Google decided to pay $29.5 million to settle two different lawsuits brought by the states of Indiana and Washington, D.C., over its deceptive location tracking practices. The IT giant will pay $9.5 million to D.C. and $20 million to Indiana after the states filed two lawsuits against the company charging it with having tracked users’ locations without their express cons

Privacy 88
article thumbnail

Your Expert Guide to CX Orchestration & Enhancing Customer Journeys

Speaker: Keith Kmett, Principal CX Advisor at Medallia

Join Keith Kmett, Principal CX Advisor, in this new webinar that will focus on: Understanding CX Orchestration Fundamentals: Gain a solid understanding of what CX orchestration is, its significance in the customer experience landscape, and how it plays a crucial role in shaping customer journeys. This includes the key concepts, strategies, and best practices involved in CX orchestration. 🔑 Connection to Customer Journey Maps: How to effectively integrate customer journey mapping into the

article thumbnail

Expect Hacking, Phishing After Leak of 200M Twitter Records

Data Breach Today

Database Will Provide Intelligence of Use to Online Criminals, Expert Warns Expect the recently leaked database containing over 200 million Twitter records to be an ongoing resource for hackers, fraudsters and other criminals operating online, even though 98% of the email addresses it contains have appeared in prior breaches, experts warn.

Phishing 353
article thumbnail

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

The Last Watchdog

At the start of 2023, consumers remain out in the cold when it comes to online protection. Related: Leveraging employees as human sensors. Malicious online actors grow ever more sophisticated, making cybersecurity as big a concern for everyday consumers as it ever has been. These days, ordinary people are facing increasing —and more complex—threats than ever before.

article thumbnail

Breaking RSA with a Quantum Computer

Schneier on Security

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it takes a big quantum computer, on the orders of millions of qbits, to factor anything resembling the key sizes we use today.

Paper 145
article thumbnail

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. “In 2022, governments fought wars online, businesses were affected by multiple ransomware gangs, and regular users’ data was constantly on hackers’ radars,” said NordVPN CTO Marijus Briedis. 2023, he predicted, “will not be any easier when it comes to keeping users’

Security 138
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Leaked Emails of 200M Twitter Users Now Available for Free

Data Breach Today

63GB Database of Names, Email Addresses Posted to Hacker Forum for All to Download A member of a criminal data breach forum that tried to sell the email addresses of 400 million Twitter users to CEO Elon Musk last month has now posted the stolen data for free for anyone to download. The 63 GB of data includes names, handles, creation dates, follower counts and email addresses.

article thumbnail

Neeva Combines AI and Search – Now Comes The Hard Part

John Battelle's Searchblog

The Very Hardest Thing. What’s the hardest thing you could do as a tech-driven startup? I’ve been asked that question a few times over the years, and my immediate answer is always the same: Trying to beat Google in search. A few have tried – DuckDuckGo has built itself a sizable niche business, and there’s always Bing, thought it’s stuck at less than ten percent of Google’s market (and Microsoft isn’t exactly a startup.

Marketing 137
article thumbnail

200M Twitter Profiles, with Email Addys, Dumped on Dark Web for Free

Dark Reading

A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping.

141
141
article thumbnail

There is a New Trend in Social Engineering with a Disgusting Name; "Pig-butchering"

KnowBe4

The technique began in the Chinese underworld, and it amounts to an unusually protracted form of social engineering. The analogy is with fattening up a pig, then butchering it for all it’s worth. In this case the analogy is wayward, since the criminal doesn’t really fatten up the pig, not that much, anyway, but it works at least this far: they develop the marks slowly, and they get the marks to fatten up the accounts they ultimately drain.

IT 114
article thumbnail

Use Cases for Apache Cassandra®

There’s a good reason why Apache Cassandra® is quickly becoming the NoSQL database of choice for organizations of all stripes. In this white paper, discover the key use cases that make Cassandra® such a compelling open source software – and learn the important pitfalls to avoid. From understanding its distributed architecture to unlocking its incredible power for industries like healthcare, finance, retail and more, experience how Cassandra® can transform your entire data operations.

article thumbnail

Critical Vulnerabilities Found in Luxury Cars Now Fixed

Data Breach Today

Ferrari, BMW, Rolls Royce, Porsche Software Flaws Exposed Data, Vehicle Controls Software vulnerabilities installed by luxury car manufacturers including Ferrari, BMW, Rolls Royce and Porsche that could allow remote attackers to control vehicles and steal owners' personal details have been fixed. Cybersecurity researchers uncovered the vulnerabilities while vacationing.

article thumbnail

Is the Most Creative Act a Human Can Engage in the Formation of a Good Question?

John Battelle's Searchblog

Wise, Kevin Kelly is. Today I’d like to ponder something Kevin Kelly – a fellow co-founding editor of Wired – said to me roughly 30 years ago. During one editorial conversation or another, Kevin said – and I’m paraphrasing here – “The most creative act a human can engage in is forming a good question.” That idea has stuck with me ever since, and informed a lot of my career.

article thumbnail

ChatGPT Artificial Intelligence: An Upcoming Cybersecurity Threat?

Dark Reading

The role of artificial intelligence in cybersecurity is growing. A new AI model highlights the opportunities and challenges.

article thumbnail

Colorado AG Publishes Second Draft of Colorado Privacy Act Rules

Hunton Privacy

On December 21, 2022, the Colorado Attorney General published an updated version of the draft rules to the Colorado Privacy Act (“CPA”). The draft, which follows the first iteration of the proposed rules published on October 10, 2022, solicits comments on five topics: (1) new and revised definitions; (2) the use of IP addresses to verify consumer requests; (3) a proposed universal opt-out mechanism; (4) streamlining the privacy policy requirements; and (5) bona fide loyalty programs.

Privacy 114
article thumbnail

LLMs in Production: Tooling, Process, and Team Structure

Speaker: Dr. Greg Loughnane and Chris Alexiuk

Technology professionals developing generative AI applications are finding that there are big leaps from POCs and MVPs to production-ready applications. They're often developing using prompting, Retrieval Augmented Generation (RAG), and fine-tuning (up to and including Reinforcement Learning with Human Feedback (RLHF)), typically in that order. However, during development – and even more so once deployed to production – best practices for operating and improving generative AI applications are le

article thumbnail

Irish Privacy Watchdog Fines Meta 390 Million Euros for Ads

Data Breach Today

Social Media Company Fined for GDPR Violation Related to Ad Personalization The Irish Data Protection Commission has imposed a fine of 390 million euros against Meta Ireland for violating the General Data Protection Regulation related to user data processing. Meta confirmed it will contest the penalty, which targets ad personalization by Facebook and Instagram.

Privacy 201
article thumbnail

Rackspace Breach Linked to New OWASSRF Vulnerability

eSecurity Planet

Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers’ Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulnerability called OWASSRF that was recently analyzed by CrowdStrike. In an interview with the San Antonio Express-News , Rackspace chief product officer John Prewitt said the company hadn’t implemented Microsoft’s November 2022 patches for the ProxyNotShell flaws in Exchange because o

article thumbnail

PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign

Dark Reading

The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger.

Cloud 106
article thumbnail

Top predictions for financial services in 2023

OpenText Information Management

With inflation, rising interest rates and general economic uncertainty, last year presented several challenges for financial services institutions (FSIs). As we move into 2023, FSIs will need to focus their increasing IT spend and direct their attention to delivering on the total experience for their customers and employees and on environmental, social and governance initiatives … The post Top predictions for financial services in 2023 appeared first on OpenText Blogs.

article thumbnail

Reimagining CX: How to Implement Effective AI-Driven Transformations

Speaker: Steve Pappas

As businesses strive for success in an increasingly digitized world, delivering an exceptional customer experience has become paramount. To meet this demand, enterprises are embracing innovative approaches that captivate customers and fuel their loyalty. 💥 Enter conversational AI - an absolute game-changer (if done right) in redefining CX norms.

article thumbnail

Texas County EMS Agency Says Ransomware Breach Hit 612,000

Data Breach Today

Emergency Medical, Ambulance Providers Face Extra Security Threats, Experts Say A municipal ambulance services provider that serves 15 cities in a Texas county has reported to federal regulators a ransomware breach potentially affecting 612,000 individuals, which is equivalent to nearly 30% of the county's 2.1 million population.

article thumbnail

In 2023, let’s focus on balance.

Jamf

Jamf CEO Dean Hager takes a look at lessons we learned in 2022— and predicts how we can apply those lessons in 2023 for a successful year, even during difficult times.

105
105
article thumbnail

Black Hat Flashback: The Day That Dan Kaminsky Saved the Internet

Dark Reading

Dark Reading's Kelly Jackson Higgins explains the enormous legacy left behind by Dan Kaminsky and his seminal "Great DNS Vulnerability" talk at Black Hat 2008.

112
112