Krebs on Security
FEBRUARY 26, 2023
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.
The Last Watchdog
FEBRUARY 26, 2023
Of the numerous security frameworks available to help companies protect against cyber-threats, many consider ISO 27001 to be the gold standard. Related: The demand for ‘digital trust’ Organizations rely on ISO 27001 to guide risk management and customer data protection efforts against growing cyber threats that are inflicting record damage , with the average cyber incident now costing $266,000 and as much as $52 million for the top 5% of incidents.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
FEBRUARY 28, 2023
The biggest dilemmas in running a modern cybersecurity team are not all about software, said CISOs from HSBC, Citi, and Sepio.
KnowBe4
FEBRUARY 28, 2023
An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 28, 2023
The Technologies You Need to See Into Those Dark Corners A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
FEBRUARY 27, 2023
The publisher of the Wall Street Journal, New York Post, and several other publications had last year disclosed a breach it said was the work of a state-backed actor likely working for China.
KnowBe4
MARCH 2, 2023
This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when communications systems are designed without built-in security from the get-go. It is an excellent wake-up call for your C-level execs and powerful budget ammo.
Data Breach Today
MARCH 3, 2023
US Agency Says Royal Ransomware Group Is Made Up of Experienced Threat Actors The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.
OpenText Information Management
MARCH 1, 2023
Cloud computing has gone mainstream in today’s organizations, and many are adopting a cloud-first IT strategy. While enterprises still direct significant amounts of money towards on-premises—or off-cloud—software, that spend is decreasing while the pace of cloud adoption remains high. To elaborate on the speed, scale and diversity of the cloud market, according to Gartner, worldwide … The post Cloud is changing the way supply chains operate appeared first on OpenText Blogs.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Hunton Privacy
MARCH 2, 2023
On February 28, 2023, the Colorado Office of the Attorney General announced that revised draft Colorado Privacy Act (“CPA”) rules were adopted for review by the Colorado Attorney General prior to finalization and publication in the Colorado Register. The revised rules are not final, and, as drafted, will take effect on July 1, 2023. The revised draft rules follow prior drafts dated October 10, 2022 , December 21, 2022 , and January 27, 2023.
IT Governance
MARCH 2, 2023
The NCSC (National Cyber Security Centre) has announced a major update to the technical controls of Cyber Essentials. The changes, which are based on feedback from assessors and applicants, will alter the way organisations are expected to protect and manage various forms of hardware and software. It’s part of a regular review of the scheme, conducted in consultation with technical experts from the NCSC, and follows a major overhaul last year.
Data Breach Today
MARCH 1, 2023
2019 Ransomware Breach Affected 70,000 Patients, Destroyed Records of 2,500 of Them Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
Jamf
FEBRUARY 27, 2023
Based on OpenAI’s ChatGPT, DAN is the jailbroken version of the advanced chatbot technology that operates free from policy constraints…but is this a good thing for the advancement of AI technology or does it further complicate matters relating to mainstream adaptability in our everyday world?
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
eSecurity Planet
MARCH 3, 2023
The White House’s National Cybersecurity Strategy unveiled yesterday is an ambitious blueprint for improving U.S. cybersecurity and threat response, but some of the more ambitious items will take time to implement, and could face opposition from Congress. President Biden came into office around the time of the SolarWinds and Colonial Pipeline cyber attacks, so cybersecurity has been a major focus of the Administration from the beginning.
Dark Reading
FEBRUARY 27, 2023
Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it.
Data Breach Today
MARCH 2, 2023
Focus Includes Critical Infrastructure Security, Secure Software Development The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations, and liability for poor software development practices.
KnowBe4
MARCH 1, 2023
Since phishing attacks need legitimacy to increase their deliverability, this latest twist shows how phishing scammers and hackers are working together to ensure phishing attacks continue.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Hanzo Learning Center
MARCH 2, 2023
Tools like Slack and Microsoft Teams were on the rise before the global pandemic; now, they’ve become integral for employee communication at large enterprises, whether they’re in the office, working from home, or a hybrid.
Dark Reading
FEBRUARY 28, 2023
The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says.
Data Breach Today
FEBRUARY 28, 2023
Attackers Exploited Vulnerability in Third-Party Software for Access The situation at LastPass keeps getting worse: the company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
Security Affairs
MARCH 3, 2023
Two vulnerabilities affecting the Trusted Platform Module ( TPM ) 2.0 library could potentially lead to information disclosure or privilege escalation. The Trusted Computing Group (TCG) is warning of two vulnerabilities affecting the implementations of the Trusted Platform Module ( TPM ) 2.0 that could potentially lead to information disclosure or privilege escalation.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
FEBRUARY 27, 2023
Researchers at Checkmarx warn that attackers uploaded more than 15,000 packages to NPM, the open-source repository for JavaScript packages, to distribute phishing links. The packages themselves weren’t malicious, but they contained README text files with links to phishing sites.
Dark Reading
MARCH 1, 2023
The flaw, which drew attention in October when it was found in ConnectWise products, could pose a significant risk to the supply chain if not patched immediately.
Data Breach Today
FEBRUARY 28, 2023
Agency Confirms Sensitive Law Enforcement Information Compromised Hackers maliciously encrypted a system belonging to the U.S. Marshals Service, compromising and exfiltrating sensitive data law enforcement data. "The system was disconnected shortly and the Department of Justice initiated a forensic investigation," said an agency spokesman.
Collibra
MARCH 1, 2023
More productivity. More efficiency. Scalability. There are many enterprise benefits to the cloud. It’s no wonder nearly all enterprises use cloud services. However, challenges abound. Complex, hybrid ecosystems and siloed data slow decision-making and is a drag on innovation. It’s too often the case that business users have limited information about data, data analysts can’t access or verify data quality, and engineers lack visibility into technical lineage.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Security Affairs
MARCH 1, 2023
ESET discovered a stealthy Unified Extensible Firmware Interface (UEFI) bootkit dubbed BlackLotus that is able to bypass the Secure Boot on Windows 11. Researchers from ESET discovered a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1 designed to detect tampering with boot loaders, key operating system files,
Dark Reading
FEBRUARY 28, 2023
The framework-as-a-service signals an intensification of the cat-and-mouse game between defenders detecting lateral movement, and cybercriminals looking to go unnoticed.
Data Breach Today
FEBRUARY 25, 2023
Valtix Purchase Will Help Clients Enforce Policies Across Public Cloud Environments Cisco plans to buy cloud security startup Valtix to simplify network security and protect workloads no matter which cloud they're created or consumed in. The networking giant says Valtix will enable clients with common policy and enforcements of networking across all major public cloud environments.
Expert insights. Personalized for you.
253 
Let's personalize your content