AIIM

MARCH 12, 2024

Nobody gives much thought to business forms; they just ‘are.’ As for the management of business forms, almost nobody knows that Forms Management is a ‘thing’; many likely wonder why business forms even need managing. Frankly, it’s as if business forms are unimportant, yet that could not be further from reality. They are critically important, and their centrality and importance in the world of information management and enterprise automation will likely grow exponentially over the coming years.

Artificial Intelligence 157

Artificial Intelligence 157

Data Breach Today

MARCH 13, 2024

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RAT Threat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.

Ransomware 312

Ransomware Security 312

Data Breach Today

MARCH 12, 2024

The healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser.

284

284

Krebs on Security

MARCH 14, 2024

The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.

Data Privacy 310

Data Privacy Privacy 310

Advertisement

With its unparalleled flexibility, rapid development and cost-saving capabilities, open source is proving time and again that it’s the leader in data management. But as the growth in open source adoption increases, so does the complexity of your data infrastructure. In this Analyst Brief developed with IDC, discover how and why the best solution to this complexity is a managed service, including: Streamlined compliance with some of the most complex regulatory guidelines Simplified operations, li

Compliance

WIRED Threat Level

MARCH 13, 2024

A global network of violent predators is hiding in plain sight, targeting children on major platforms, grooming them, and extorting them to commit horrific acts of abuse.

Security 142

Security 142

Data Breach Today

MARCH 15, 2024

Don't Let the Quest for Data Lead You to Amplify What Criminals Might Be Claiming For the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.

Ransomware 323

Ransomware 323

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

Marketing 286

Marketing Ransomware Encryption IT 286

WIRED Threat Level

MARCH 11, 2024

Starting at the end of April, Airbnb will no longer allow hosts to have security cameras inside their rental properties, citing a commitment to prioritizing guest privacy.

Security 139

Security Privacy 139

Security Affairs

MARCH 9, 2024

Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency was hacked in February, the Recorded Future News first reported. In response to the security breach, the agency had to shut down two crucial systems, as reported by a CISA spokesperson and US officials with knowledge of the incident, according to CNN.

Cybersecurity 130

Cybersecurity Security Risk Government 130

Advertisement

The complexity of financial data, the need for real-time insight, and the demand for user-friendly visualizations can seem daunting when it comes to analytics - but there is an easier way. With Logi Symphony, we aim to turn these challenges into opportunities. Our platform empowers you to seamlessly integrate advanced data analytics, generative AI, data visualization, and pixel-perfect reporting into your applications, transforming raw data into actionable insights.

Analytics

Data Breach Today

MARCH 12, 2024

US Healthcare Entities Are Firmly in Akira Ransomware Group's Sights, Expert Warns Ransomware groups may come and go, but often it's only in name, as the individuals involved will move on to power whatever group remains a going concern. Cue a reported flow of top talent from LockBit, which was recently disrupted by law enforcement, to Akira, which is apparently alive and well.

Ransomware 306

Ransomware IT 306

Schneier on Security

MARCH 14, 2024

Kasmir Hill has the story : Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people’s driving.

Insurance 128

Insurance Privacy Access IT 128

WIRED Threat Level

MARCH 11, 2024

The Pentagon says it’s not hiding aliens, but it stops notably short of saying what it is hiding. Here are the key questions that remain unanswered—some answers could be weirder than UFOs.

IT 130

IT Security 130

Security Affairs

MARCH 11, 2024

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” The French minister’s office did not provide details about the attacks, however, the French agencies were likely hit with distributed denial-of-service (DDoS) attacks.

Government 127

Government Information Security Access Security 127

Advertisement

Adding high-quality entity resolution capabilities to enterprise applications, services, data fabrics or data pipelines can be daunting and expensive. Organizations often invest millions of dollars and years of effort to achieve subpar results. This guide will walk you through the requirements and challenges of implementing entity resolution. By the end, you'll understand what to look for, the most common mistakes and pitfalls to avoid, and your options.

IT

Data Breach Today

MARCH 11, 2024

Darktrace Warns of Malware Hidden in PDF Stored in Dropbox Phishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.

Phishing 299

Phishing Cloud 299

Hunton Privacy

MARCH 14, 2024

On March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect. They were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). The Rules went into effect despite challenges brought in the United States Court of Appeals for the Sixth Circuit. Two trade groups, the Ohio Telecom Association and the Texas Association of Business, petitioned the United States Court of Appeals for the Sixth Circuit and

Data breaches 126

Data breaches Communications Information Security Security 126

WIRED Threat Level

MARCH 9, 2024

Plus: An ex-Google engineer gets arrested for allegedly stealing trade secrets, hackers breach the top US cybersecurity agency, and X’s new feature exposes sensitive user data.

Cybersecurity 117

Cybersecurity Security Privacy 117

Security Affairs

MARCH 14, 2024

Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ChatGPT plugins are additional tools or extensions that can be integrated with ChatGPT to extend its functionalities or enhance specific aspects of the user experience.

Access 124

Access Passwords Authentication Security 124

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

Artificial Intelligence

Data Breach Today

MARCH 11, 2024

CEO Hock Tan: Joining Carbon Black, Symantec Generates More Value for Shareholders Months after declaring "Carbon Black is Back," the endpoint security unit was gobbled up by Broadcom and folded into its Symantec security team. "We would generate more value to our shareholders by taking Carbon Black - which is not that big - and integrating it into Symantec," CEO Hock Tan said.

Sales 297

Sales Security IT 297

Hunton Privacy

MARCH 13, 2024

On March 6, 2024, Governor Chris Sununu signed into law SB 255 , making New Hampshire the 15th state with a comprehensive privacy law. Applicability SB 255 applies to persons that “conduct business” in New Hampshire (“NH”) or persons that “produce products or services that are targeted to residents of” NH that, in the period of a year: (1) “controlled or processed the personal data of not less than 35,000 unique consumers, excluding personal data controlled or processed solely for the purpose of

Privacy 120

Privacy Personal data Sales Risk 120

Schneier on Security

MARCH 12, 2024

Researchers have demonstrated that putting words in ASCII art can cause LLMs—GPT-3.5, GPT-4 , Gemini, Claude, and Llama2—to ignore their safety instructions. Research paper.

Paper 117

Paper Artificial Intelligence 117

Security Affairs

MARCH 11, 2024

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada Injector malware infected over 7100 WordPress sites using a vulnerable version of the Popup Builder WordPress plugin. Sucurity reported that on December 13th, the Balada Injector campaign started infecting websites using older versions of the Popup Builder ( CVE-2023-6000 , CVSS score 8.8).

Cleanup 123

Cleanup Security IT Information Security 123

Advertisement

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

Paper

Data Breach Today

MARCH 15, 2024

EU Lawmakers Say Privacy Shouldn't Be for Sale Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating human rights as a commodity.

Sales 292

Sales Privacy 292

eSecurity Planet

MARCH 15, 2024

HackerGPT, first launched in 2023, is a ChatGPT-powered tool that merges AI technology with cybersecurity-focused expertise. Now, with the beta release of HackerGPT 2.0 in February 2024, it serves as an extensive repository of hacking tools and techniques to actively assist users in managing complex cybersecurity protection strategies. It uses advanced natural language processing to provide insights into both offensive and defensive cyber activities.

Cybersecurity 112

Cybersecurity Education Privacy Access 112

KnowBe4

MARCH 13, 2024

Data trends show a clear upward momentum of posts from initial access brokers on the dark web, putting the spotlight on what may become cybersecurity’s greatest challenge.

Access 113

Access Phishing Security 113

Security Affairs

MARCH 13, 2024

Fortinet released security updates to address critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. Fortinet this week has released security updates to fix critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. The first vulnerability is an out-of-bounds write issue, tracked as CVE-2023-42789 (CVSS score 9.3), it can be exploited to execute unauthorized code or commands by sending specially crafted HTTP requests to vulnerable devices.

Security 117

Security IT Information Security 117

Advertisement

In the fast-moving manufacturing sector, delivering mission-critical data insights to empower your end users or customers can be a challenge. Traditional BI tools can be cumbersome and difficult to integrate - but it doesn't have to be this way. Logi Symphony offers a powerful and user-friendly solution, allowing you to seamlessly embed self-service analytics, generative AI, data visualization, and pixel-perfect reporting directly into your applications.

Analytics

Data Breach Today

MARCH 13, 2024

Form Does Not Include Mandates for Memory-Safe Programming Requirements, SBOMs Experts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.

Cybersecurity 292

Cybersecurity Security 292

Schneier on Security

MARCH 11, 2024

Initial results in using LLMs to unredact text based on the size of the individual-word redaction rectangles. This feels like something that a specialized ML system could be trained on.

114

114

KnowBe4

MARCH 14, 2024

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest.The researchers believe the increase is due to widely available phishing kits that facilitate BEC.

Phishing 111

Phishing Security awareness Security 111