AIIM
AUGUST 13, 2024
AIIM research shows that many organizations feel ready for AI, but encounter obstacles to implementation, especially a lack of available use cases. Where do organization start with Generative AI (Gen AI)?
Schneier on Security
AUGUST 15, 2024
From the Federal Register : After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+. These algorithms are part of three NIST standards that have been finalized: FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard FIPS 204: Module-Lattice-Base
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
AUGUST 15, 2024
Also: Azure Health Bot Vulnerabilities Expose Risks in Cloud-Based Chatbots This week, Microsoft released its August patch of 90 fixes, flaws were discovered in Azure Health Bot, Orion lost $60 million in a BEC scam, Schlatter Industries was hit by malware, Microsoft said it will discontinue Paint 3D in November and Russia restricted access to Signal.
Security Affairs
AUGUST 16, 2024
Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. Researchers form mobile security firm iVerify reported that the issue stems from a pre-installed Android app called “Showcase.apk,” which runs with excessive system privileges, allowing it to remotely execute co
Speaker: Frank Taliano
Document-heavy workflows slow down productivity, bury institutional knowledge, and drain resources. But with the right AI implementation, these inefficiencies become opportunities for transformation. So how do you identify where to start and how to succeed? Learn how to develop a clear, practical roadmap for leveraging AI to streamline processes, automate knowledge work, and unlock real operational gains.
WIRED Threat Level
AUGUST 15, 2024
A fix is coming, but data analytics giant Palantir says it’s ditching Android devices altogether because Google’s response to the vulnerability has been troubling.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
AUGUST 14, 2024
Maksim Silnikau, aka 'J.P.Morgan,' Charged in New Jersey and Virginia Federal Court A pioneer of the ransomware-as-a-service model appeared in U.S. federal court Tuesday where he faces a slew of charges stemming from a nearly two-decade online career. Poland extradited Maksim Silnikau to the United States on Friday; authorities arrested him in a Spanish seaside town in 2023.
Security Affairs
AUGUST 16, 2024
Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. The vulnerability impacts all systems with IPv6 enabled (IPv6 is enabled by default).
WIRED Threat Level
AUGUST 14, 2024
Researchers have discovered a way that would allow anyone with a few hundred dollars to hack into a wireless gear-shifting systems used by the top cycling teams for events like the Tour de France.
The Last Watchdog
AUGUST 12, 2024
LAS VEGAS – Here’s what I discovered last week here at Black Hat USA 2024 : GenAI is very much in the mix as a potent X-factor in cybersecurity. Related: Prioritizing digital resiliency I spoke with over three dozen cybersecurity solution providers. Some of the more intriguing innovations had to do with leveraging GenAI/LLM-equipped chatbots as proprietary force multipliers.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Collaboration 2.0
AUGUST 16, 2024
Thanks to its clever form factor, Anker's Nano Power Bank made charging my iPhone or Android effortless. It's available now on Amazon for under $20.
Security Affairs
AUGUST 12, 2024
FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent security updates to address a high-severity flaw, tracked as CVE-2024-7589, (CVSS score of 7.4) in OpenSSH. A remote attacker could exploit the vulnerability to execute arbitrary code with elevated privileges.
WIRED Threat Level
AUGUST 16, 2024
Social Security numbers, physical addresses, and more—all available online. After months of confusion, leaked information from a background-check firm underscores the long-term risks of data breaches.
Data Breach Today
AUGUST 15, 2024
Many Customers Apparently Still Struggling to Reissue Certificates, Researchers Say Thousands of organizations appear to still be struggling to comply with a forced, mass revocation of thousands of digital certificates issued by DigiCert using a buggy verification mechanism. Researchers recently said 27% of the 83,267 revoked certificates have yet to be reissued by customers.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Collaboration 2.0
AUGUST 16, 2024
Blackview's Mega 1 is an 11.5-inch Android 13 tablet with a 120Hz display, 256GB of storage, and 24GB of RAM. What's more, it comes at a great price.
Security Affairs
AUGUST 14, 2024
Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Microsoft products including Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Co-Pilot; Microsoft Dynamics; Teams; and Secure Boot and others, bringing the total to 102 when including third-party bugs.
WIRED Threat Level
AUGUST 10, 2024
Security researcher Bill Demirkapi found more than 15,000 hardcoded secrets and 66,000 vulnerable websites—all by searching overlooked data sources.
Data Breach Today
AUGUST 16, 2024
FBI Sting Identified Georgy Kavzharadze as Vendor on Illicit Slilpp Markplace Russian national Georgy Kavzharadze, 27, has been sentenced to serve 40 months in U.S. prison after pleading guilty to earning over $200,000 by selling stolen U.S. bank account access credentials via the illicit Slilpp stolen-credential marketplace.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Collaboration 2.0
AUGUST 16, 2024
There are lots of accessories for the Meta Quest 3, but these VR prescription lenses from Zenni solve the problem of wearing glasses with the headset once and for all.
Security Affairs
AUGUST 13, 2024
CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. The campaign, tracked as UAC-0198, has been active since July.
WIRED Threat Level
AUGUST 14, 2024
Security researchers say they’ve extracted digital management keys from select electronic lockers and revealed how they could be cloned.
Data Breach Today
AUGUST 15, 2024
CISOs, Analysts Explore Solutions to Visibility, Governance and Incident Response APIs are the connections that make digital business happen. Companies on average rely on more than 15,000 APIs, but these interfaces pose security risks. In this "Deep Dive" special report, ISMG's Anna Delaney explores how security leaders are tackling API security.
Speaker: Yohan Lobo and Dennis Street
In the accounting world, staying ahead means embracing the tools that allow you to work smarter, not harder. Outdated processes and disconnected systems can hold your organization back, but the right technologies can help you streamline operations, boost productivity, and improve client delivery. Dive into the strategies and innovations transforming accounting practices.
Collaboration 2.0
AUGUST 15, 2024
The microcode update may only protect CPUs when Intel's own default power settings are selected.
Security Affairs
AUGUST 12, 2024
A campaign tracked as EastWind is targeting Russian government and IT organizations with PlugY and GrewApacha Backdoors. In late July 2024, Kaspersky researchers detected a series of targeted cyberattacks against the Russian government and IT organizations. Kaspersky named this campaign has EastWind. Threat actors sent phishing emails with RAR archive attachments containing a Windows shortcut to install malware.
WIRED Threat Level
AUGUST 10, 2024
On the hunt for corporate devices being sold secondhand, a researcher found a trove of Apple corporate data, a Mac Mini from the Foxconn assembly line, an iPhone 14 prototype, and more.
Data Breach Today
AUGUST 14, 2024
Computing Giant Says APT42 Behind 'Small But Steady Cadence' of Phishing Emails Iranian nation-state hackers are continuing a campaign to infiltrate the U.S. presidential election by penetrating the email inboxes of campaign and election officials, Google said Wednesday. The Iranian cyberespionage group tracked as APT42 started "a small but steady cadence" of phishing emails.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Collaboration 2.0
AUGUST 15, 2024
Sennheiser's Accentum Plus headphones improve on last year's model with better noise-canceling tech and software features. Even better, they just saw a price drop.
Security Affairs
AUGUST 12, 2024
Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).
WIRED Threat Level
AUGUST 10, 2024
Allan “dwangoAC” has made it his mission to expose speedrunning phonies. At the Defcon hacker conference, he’ll challenge one record that's stood for 15 years.
Expert insights. Personalized for you.
219 
Let's personalize your content