AIIM

MARCH 12, 2024

Nobody gives much thought to business forms; they just ‘are.’ As for the management of business forms, almost nobody knows that Forms Management is a ‘thing’; many likely wonder why business forms even need managing. Frankly, it’s as if business forms are unimportant, yet that could not be further from reality. They are critically important, and their centrality and importance in the world of information management and enterprise automation will likely grow exponentially over the coming years.

Artificial Intelligence 151

Artificial Intelligence 151

Data Breach Today

MARCH 13, 2024

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RAT Threat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.

Ransomware 312

Ransomware Security 312

Data Breach Today

MARCH 12, 2024

The healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser.

284

284

Krebs on Security

MARCH 14, 2024

The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.

Data Privacy 292

Data Privacy Privacy 292

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Security Affairs

MARCH 9, 2024

Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remote code execution vulnerability CVE-2024-21762 (CVSS score 9.6) in FortiOS SSL VPN was actively exploited in attacks in the wild. The security firm did not provide details about the attacks exploiting this vulnerability.

Cybersecurity 140

Cybersecurity Security IT Information Security 140

Data Breach Today

MARCH 15, 2024

Don't Let the Quest for Data Lead You to Amplify What Criminals Might Be Claiming For the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.

Ransomware 323

Ransomware 323

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

Marketing 268

Marketing Ransomware Encryption IT 268

Security Affairs

MARCH 9, 2024

Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency was hacked in February, the Recorded Future News first reported. In response to the security breach, the agency had to shut down two crucial systems, as reported by a CISA spokesperson and US officials with knowledge of the incident, according to CNN.

Cybersecurity 138

Cybersecurity Security Risk Government 138

WIRED Threat Level

MARCH 11, 2024

Starting at the end of April, Airbnb will no longer allow hosts to have security cameras inside their rental properties, citing a commitment to prioritizing guest privacy.

Security 134

Security Privacy 134

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

MARCH 12, 2024

US Healthcare Entities Are Firmly in Akira Ransomware Group's Sights, Expert Warns Ransomware groups may come and go, but often it's only in name, as the individuals involved will move on to power whatever group remains a going concern. Cue a reported flow of top talent from LockBit, which was recently disrupted by law enforcement, to Akira, which is apparently alive and well.

Ransomware 306

Ransomware IT 306

Hunton Privacy

MARCH 14, 2024

On March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect. They were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). The Rules went into effect despite challenges brought in the United States Court of Appeals for the Sixth Circuit. Two trade groups, the Ohio Telecom Association and the Texas Association of Business, petitioned the United States Court of Appeals for the Sixth Circuit and

Data breaches 126

Data breaches Communications Information Security Security 126

Security Affairs

MARCH 11, 2024

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” The French minister’s office did not provide details about the attacks, however, the French agencies were likely hit with distributed denial-of-service (DDoS) attacks.

Government 135

Government Information Security Access Security 135

Schneier on Security

MARCH 14, 2024

Kasmir Hill has the story : Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people’s driving.

Insurance 121

Insurance Privacy Access IT 121

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

MARCH 15, 2024

Radha Plumb Set to Replace the Defense Department’s First-Ever Chief AI Officer The Department of Defense has announced its inaugural Chief Digital and Artificial Intelligence Officer Craig Martell is stepping down from his role after establishing the office as a small but influential team within the department over the last two years.

Artificial Intelligence 293

Artificial Intelligence IT 293

Hunton Privacy

MARCH 13, 2024

On March 6, 2024, Governor Chris Sununu signed into law SB 255 , making New Hampshire the 15th state with a comprehensive privacy law. Applicability SB 255 applies to persons that “conduct business” in New Hampshire (“NH”) or persons that “produce products or services that are targeted to residents of” NH that, in the period of a year: (1) “controlled or processed the personal data of not less than 35,000 unique consumers, excluding personal data controlled or processed solely for the purpose of

Privacy 120

Privacy Personal data Sales Risk 120

Security Affairs

MARCH 14, 2024

Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ChatGPT plugins are additional tools or extensions that can be integrated with ChatGPT to extend its functionalities or enhance specific aspects of the user experience.

Access 127

Access Authentication Passwords Security 127

WIRED Threat Level

MARCH 11, 2024

The Pentagon says it’s not hiding aliens, but it stops notably short of saying what it is hiding. Here are the key questions that remain unanswered—some answers could be weirder than UFOs.

IT 119

IT Security 119

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

MARCH 11, 2024

Darktrace Warns of Malware Hidden in PDF Stored in Dropbox Phishing attacks continue to adapt to exploit popular apps. While many phishing campaigns have focused on mobile banking and payment sites, attackers are also targeting widely used but lower-profile, cloud-based utilities such as the ubiquitous Dropbox storage platform.

Phishing 299

Phishing Cloud 299

KnowBe4

MARCH 13, 2024

Data trends show a clear upward momentum of posts from initial access brokers on the dark web, putting the spotlight on what may become cybersecurity’s greatest challenge.

Access 112

Access Phishing Security 112

Security Affairs

MARCH 11, 2024

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada Injector malware infected over 7100 WordPress sites using a vulnerable version of the Popup Builder WordPress plugin. Sucurity reported that on December 13th, the Balada Injector campaign started infecting websites using older versions of the Popup Builder ( CVE-2023-6000 , CVSS score 8.8).

Cleanup 128

Cleanup Security IT Information Security 128

Schneier on Security

MARCH 12, 2024

Researchers have demonstrated that putting words in ASCII art can cause LLMs—GPT-3.5, GPT-4 , Gemini, Claude, and Llama2—to ignore their safety instructions. Research paper.

Paper 108

Paper Artificial Intelligence 108

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Data Breach Today

MARCH 14, 2024

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S. businesses, institutions and the public - after a senator urged the government to update its publicly available information about the threat associated with Chinese-made safes.

Risk 294

Risk Manufacturing Security Government 294

KnowBe4

MARCH 14, 2024

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest.The researchers believe the increase is due to widely available phishing kits that facilitate BEC.

Phishing 110

Phishing Security awareness Security 110

Security Affairs

MARCH 15, 2024

Russian hackers have knocked down the GPS and communications of Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet with electronic warfare attack. Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet flew from Poland, where he visited British troops in Steadfast Defender, to the UK. The UK defence chief confirmed the complete support of his country for Ukraine.

Communications 122

Communications Military Risk IT 122

Jamf

MARCH 12, 2024

Learn how the evolving threat landscape finds threat actors increasingly targeting mobile devices to exploit sensitive resources and what steps organizations can take to minimize risks while strengthening their overall security posture.

Risk 105

Risk Security 105

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Data Breach Today

MARCH 15, 2024

EU Lawmakers Say Privacy Shouldn't Be for Sale Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating human rights as a commodity.

Sales 292

Sales Privacy 292

KnowBe4

MARCH 11, 2024

The specter of cybercrime continues to grow, with losses soaring to $12.5 billion in 2023, according to the recently released Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3).

Ransomware 107

Ransomware Security awareness Phishing Security 107

Security Affairs

MARCH 12, 2024

Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 that address 59 security vulnerabilities in its products. The IT giant addressed vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components; Azure; NET Framework and Visual Studio; SQL Server; Windows Hyper-V; Skype; Microsoft Components for Android; and Microsoft Dynamic

Security 122

Security Authentication Access IT 122