The Last Watchdog

JANUARY 29, 2023

The cybersecurity profession can be very rewarding, but at the same time quite taxing. Related: Equipping SOCs for the long haul In fact, stress factors have risen to where some 45 percent of the security professionals polled in Deep Instinct’s third annual Voice of SecOps report said they’ve considered leaving the industry altogether. Ransomware is at an all-time high; attackers are as elusive as ever.

Security 174

Security Digital transformation Cybersecurity Ransomware 174

KnowBe4

JANUARY 31, 2023

Threat actors are using malicious attachments in OneNote in order to distribute malware, BleepingComputer reports. The attackers attach VBS files that instruct the user to double-click on the file. Most of the phishing lures pose as shipping notifications, invoices, or mechanical drawings.

Phishing 89

Phishing 89

Schneier on Security

FEBRUARY 2, 2023

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while attacking other teams’. It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others’ It’s the software vulnerability lifecycle.

Artificial Intelligence 106

Artificial Intelligence Military Privacy Cybersecurity 106

Dark Reading

FEBRUARY 1, 2023

Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.

Security 142

Security 142

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Breach Today

FEBRUARY 2, 2023

Why COVID-19 Made Leaders Realize Just How Connected OT Networks Really Are Executives underestimated the security risk associated with operational technology based on the erroneous belief that OT networks are highly segmented or air gapped. But COVID-19 made executives realize their OT networks are more connected than they previously thought, says Dragos CEO Robert M.

Security 205

Security Risk 205

Jamf

FEBRUARY 2, 2023

Check out the new Jamf Learning Hub to find the product technical content you need, when you need it to get the most out of Jamf products and succeed with Apple.

IT 141

IT 141

Dark Reading

FEBRUARY 1, 2023

Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.

Sales 131

Sales IT 131

Data Breach Today

FEBRUARY 2, 2023

Extortionists Dump Private and Corporate Customer Data From European Car Giant Christmastime was bleak for a number of organizations in Britain that got hit with ransomware, including car dealership giant Arnold Clark, which originally reported that no customer data had been stolen. But the business subsequently revised its assessment, after attackers dumped stolen data.

Ransomware 259

Ransomware IT 259

OpenText Information Management

JANUARY 31, 2023

OpenText has completed the acquisition of Micro Focus and I am delighted to welcome customers, partners and employees to OpenText. We are the platform of platforms for Information Management. Digital life is life, and with Micro Focus’ great products, amazing talent and strategic partners, we will help organizations of all sizes accelerate their digital transformations. … The post OpenText Welcomes Micro Focus Customers, Partners and Employees appeared first on OpenText Blogs.

Digital transformation 129

Digital transformation 129

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Hanzo Learning Center

JANUARY 31, 2023

Workplace complaints are serious. Even if a claim doesn’t lead to disciplinary action, the fact that an employee has made an accusation usually indicates workplace problems that need to be addressed for productivity, morale, and quality of work life.

113

113

Dark Reading

JANUARY 31, 2023

Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.

Cloud 126

Cloud 126

Data Breach Today

JANUARY 30, 2023

Exposed: Online Customer Details, But Not Complete Payment Card Data JD Sports, a sports fashion retailer with global operations, says personal details pertaining to about 10 million online customers of JD Sports and its Size?, Millets, Blacks, Scotts and MilletSport brands from 2018 to 2020 have been stolen by attackers and warns customers to beware of scammers.

Data breaches 246

Data breaches Retail IT 246

eSecurity Planet

JANUARY 30, 2023

Two venture investors have launched an index to track the most popular open source security projects. Chenxi Wang of Rain Capital and Andrew Smyth of Atlantic Bridge unveiled the Open Source Security Index last month. The website leverages GitHub application programming interfaces (APIs) to make “finding open-source security projects easier for everyone.” Anyone can go to the site to discover “the most popular and fastest-growing open-source security (OSS) projects.” OSS

Security 109

Security Cloud IT Cybersecurity 109

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

KnowBe4

JANUARY 30, 2023

The UK’s National Cyber Security Centre (NCSC) has described two separate spear phishing campaigns launched by Russia’s SEABORGIUM threat actor and Iran’s TA453 (also known as Charming Kitten). The NCSC says both threat actors have targeted entities in the UK, including “academia, defence, governmental organisations, NGOs, think-tanks, as well as politicians, journalists, and activists.

Phishing 108

Phishing Security 108

Dark Reading

FEBRUARY 1, 2023

Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward.

Cybersecurity 113

Cybersecurity 113

Data Breach Today

FEBRUARY 3, 2023

Spoofed Polish Police Websites Also Found Ukrainian and Polish cyber defenders are warning against a slew of phishing websites that mimic official sites, in particular a page that mimics the Ministry of Foreign Affairs of Ukraine. A hacking group likely comprised of Russian speakers uses the pages to lure users into downloading software.

Phishing 244

Phishing 244

Jamf

JANUARY 31, 2023

An increasing number of governmental and educational organizations have decided to block TikTok from their networks. Here's why, and how you can do the same if you wish.

Education 105

Education 105

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

OpenText Information Management

JANUARY 30, 2023

Businesses strive to compete in today’s market by exercising cost leadership and delivering a winning proposition. Success lies in the organizational knowledge and data locked within its people and information silos. Knowledge Management solutions such as Cognitive Search are essential to solve challenges faced in business today. The American Productivity & Quality Center (APQC), through … The post Top factors driving higher demand for Cognitive Search appeared first on OpenText

Marketing 104

Marketing Customer Experience Digital transformation IT 104

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified on the blockchain and incorporated into our data.

Ransomware 99

Ransomware Blockchain 99

Data Breach Today

JANUARY 31, 2023

Former GSA Administrator Leading Effort to Tackle Software Supply Chain Issues U.S. Federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.

Security 237

Security 237

Security Affairs

FEBRUARY 1, 2023

Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw. On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. A remote attacker can exploit the vulnerability to inject malicious code on QNAP NAS devices.

IoT 98

IoT Ransomware Security IT 98

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Collibra

FEBRUARY 1, 2023

The business landscape gets routinely disrupted by new technologies, social shifts, environmental issues, and constant upheavals in connected global enterprises. Add the pressure of economic uncertainties, and you know why organizations are fighting to keep pace with these changes. The question is how? Today, data is at the heart of every business decision.

Analytics 98

Analytics Customer Experience Marketing Compliance 98

Hanzo Learning Center

FEBRUARY 2, 2023

It’s already February, and chances are, most of us have already broken our New Year’s Resolutions. But no matter the time of year, when it comes to your ediscovery workflow, it’s never too late to trim the data you're collecting from messaging platforms and other SaaS applications.

Data collection 98

Data collection IT 98

Data Breach Today

FEBRUARY 3, 2023

Mary O'Brien on How External Attack Surface Management Finds Internet-Facing Issues Companies can be blinded by their inside-out view and often benefit from another set of eyes that see their business the same way an attacker would, says IBM's Mary O'Brien. IBM's acquisition of attack surface management firm Randori gives clients another view of areas that need to be remediated.

Security 233

Security 233

Security Affairs

JANUARY 30, 2023

A researcher disclosed technical details of a two-factor authentication bypass vulnerability affecting Instagram and Facebook. The researcher Gtm Manoz received a $27,000 bug bounty for having reported a two-factor authentication bypass vulnerability affecting Instagram and Facebook. The flaw resides in a component used by the parent company Meta for confirming a phone number and email address.

Authentication 98

Authentication IT Security Information Security 98

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

JANUARY 31, 2023

Three mindset shifts will help employees build a habit of vigilance and make better security decisions. Move past security theater to reframe thinking so employees understand data's value, act with intention, and follow data best practices.

Security 97

Security 97

Collibra

JANUARY 31, 2023

Everyone knows how much data intelligence means to the enterprise. Most enterprises want a data intelligence solution. Many implement one. But a much smaller percentage actually adopt and integrate data intelligence into their decision-making, according to the 2022 Data Intelligence Index. So CIOs around the world are making their 2023 technology wish lists for the solutions that will help drive data intelligence into the new year.

Digital transformation 97

Digital transformation Data Privacy Privacy Cloud 97

Data Breach Today

FEBRUARY 1, 2023

Andrew Rubin on Contrasts Among Segmenting Endpoints, Servers and Cloud Workloads Illumio has extended its segmentation capabilities from servers and workloads to endpoints to minimize damage in the event of a ransomware attack, CEO Andrew Rubin says. The Silicon Valley-based company can now stop the spread of breaches and ransomware inside servers, cloud workloads and endpoints.

Ransomware 205

Ransomware Cloud IT 205