Sat.Feb 11, 2023 - Fri.Feb 17, 2023

article thumbnail

ChatGPT Subs In as Security Analyst, Hallucinates Only Occasionally

Dark Reading

Incident response triage and software vulnerability discovery are two areas where the large language model has demonstrated success, although false positives are common

Security 134
article thumbnail

GUEST ESSAY: Data loss prevention beccomes paramount — expecially in the wake of layoffs

The Last Watchdog

When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft or to getting compromised. This can happen due to intentional theft, human error, malware, or even physical destruction of servers. But it’s a real and growing risk to be aware of.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cybercriminals are Using Geotargeted Phishing to Target Victims

KnowBe4

Attackers are abusing a legitimate service called “GeoTargetly” to launch localized phishing attacks, according to Jeremy Fuchs at Avanan. GeoTargetly is meant to be used by advertisers to display ads in countries’ local languages.

Phishing 104
article thumbnail

ChatGPT Is Ingesting Corporate Secrets

Schneier on Security

Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data.

Security 145
article thumbnail

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

This exclusive webinar with Ryan McInerny will teach you all about cryptocurrency and NFTs! Register to learn more about identifying crypto transactions, crypto asset market trends, managing risk and compliance, and supporting customers and partners using crypto-based payments.

article thumbnail

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I

More Trending

article thumbnail

New Protections for Food Benefits Stolen by Skimmers

Krebs on Security

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes.

article thumbnail

SHARED INTEL: The expect impacts of Pres. Biden’s imminent National Cybersecurity Strategy

The Last Watchdog

The United States will soon get some long-awaited cybersecurity updates. Related: Spies use Tik Tok, balloons That’s because the Biden administration will issue the National Cyber Strategy within days. Despite lacking an official published document, some industry professionals have already seen a draft copy of the strategic plan and weighed in with their thoughts. Here’s a look at some broad themes to expect and how they will impact businesses: •New vendor responsibilities.

article thumbnail

Is OWASP at Risk of Irrelevance?

Dark Reading

A growing group of OWASP members and board leaders are calling for the AppSec group to make big changes to stay apace with modern development

Risk 144
article thumbnail

Government Sanctions: No Ransomware Please, We're British

Data Breach Today

UK Toughens Anti-Cybercrime Stance by Sanctioning Accused Operators for First Time As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators.

article thumbnail

Contact vs. Company Intent Signal Data

Intent signal data comes in two types: either companies or individuals signaling interest in products like yours. Which kind of data delivers more advantages to B2B marketers? It depends. Get this infographic to learn about the advantages of intent-based leads and how you can most effectively use both types of data.

article thumbnail

Data Breaches: The Complete WIRED Guide

WIRED Threat Level

Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers. Security

article thumbnail

GUEST ESSAY: Wise precautions companies can take to prevent data loss in the wake of layoffs

The Last Watchdog

When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft or to getting compromised. This can happen due to intentional theft, human error, malware, or even physical destruction of servers. But it’s a real and growing risk to be aware of.

article thumbnail

Check Point Boosts AppSec Focus With CNAPP Enhancements

Dark Reading

Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains

Cloud 141
article thumbnail

Play Ransomware Lists A10 Networks on its Leak Site

Data Breach Today

Group Says It Has Confidential Data, Tech Docs; A10 Says Operations Not Impacted The Play ransomware group listed networking hardware manufacturer A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber.

article thumbnail

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

The largest banks have increased reserves for protection against deteriorating economic conditions. Should banks delay their digital transformation investments and focus on cost reductions? In this webinar, Alex Jiménez will walk us through that question and examine the prudent course of action.

article thumbnail

Microsoft Patch Tuesday Includes Three Exploited Zero-Day Vulnerabilities

eSecurity Planet

Microsoft’s February 2023 Patch Tuesday fixes 75 vulnerabilities, nine of them rated critical, and three (all rated important) that are being exploited.

article thumbnail

The Curse of Cybersecurity Knowledge

KnowBe4

The curse of knowledge is a cognitive bias that occurs when someone is trying to communicate information to another person, but falsely assumes that the other person has the same level of knowledge or understanding of the topic.

article thumbnail

Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks

Dark Reading

The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack

Cloud 138
article thumbnail

Kia and Hyundai Fix TikTok Security Challenge

Data Breach Today

Vulnerability Potentially Caused Deaths and Thousands of Thefts in the US Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok.

article thumbnail

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

article thumbnail

Master modern work with intelligent, connected, secure and responsible experiences

OpenText Information Management

No matter your industry or business function, whether you’re dealing with highly complex and regulated processes like clinical trials; simply need to automate manual data entry into everyday tools; or want a fast track to the cloud, seamlessly connecting content to process is essential to meet the demands of modern work.

article thumbnail

Crypto Buyers Beware: 1 in 4 New Tokens of Any Value Is a Scam

WIRED Threat Level

And according to tracing firm Chainalysis, one very prolific scammer ran at least 264 of those scams in 2022 alone. Security Security / Security News Business / Blockchain and Cryptocurrency

article thumbnail

9 New Microsoft Bugs to Patch Now

Dark Reading

78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting

140
140
article thumbnail

Spanish Police Bust Phishing Ring That Defrauded Thousands

Data Breach Today

Group Targeted American Victims and Pocketed Over 5 Million Euros Police busted nine members of a cyber fraud gang that targeted mainly Americans. Spanish police arrested eight members, and U.S. authorities arrested one.

Phishing 278
article thumbnail

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this session, Elizabeth “Paige” Baumann will cover the Anti-Money Laundering Act of 2020, which also includes the Corporate Transparency Act. She'll take a deep dive into the catalysts that brought on the act, the current implications of the act, and what impacts the act has on the future of banking and finance.

article thumbnail

Cloudflare Blocks Record DDoS Attack as Threats Surge

eSecurity Planet

Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS.

article thumbnail

Defending against AI Lobbyists

Schneier on Security

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month.

article thumbnail

GAO Calls for Improved Data Privacy Protections

Dark Reading

US federal watchdog agency outlines key measures for better protecting sensitive data under the federal government's control

article thumbnail

GoDaddy Fingers Hacking Campaign for 3-Year Run of Breaches

Data Breach Today

The Campaign Installed Malware on Internal Systems and Obtained Source Code Internet domain registrar GoDaddy says it is the victim of a yearslong hacking campaign that installed malware on internal systems and obtained source code.

Phishing 264
article thumbnail

Aggregage Intent Signal Service

Aggregage Intent Signal Service helps your sales team reach more active buyers sooner. You’ll get names and contact information of specific in-market buyers plus all companies and job titles signaling intent for your product or service. Get the overview to learn more!

article thumbnail

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT 93
article thumbnail

US Border Patrol Is Finally Able to Check E-Passport Data

WIRED Threat Level

After 16 years, the agency has implemented the software to cryptographically verify digital passport data—and it’s already caught a dozen alleged fraudsters. Security Security / National Security Security / Security News

IT 92
article thumbnail

Window Snyder's Start-up Launches Security Platform for IoT Device Makers

Dark Reading

Thistle's technology will give device makers a way to easily integrate features for secure updates, memory management, and communications into their products, Snyder says

IoT 135