The Last Watchdog
MARCH 13, 2023
This year has kicked off with a string of high-profile layoffs — particularly in high tech — prompting organizations across all sectors to both consider costs and plan for yet another uncertain 12 or more months. Related: Attack surface management takes center stage. So how will this affect chief information security officers (CISOs) and security programs?
Dark Reading
MARCH 15, 2023
The sooner CISOs become proactive in understanding the flip side of the organizations they protect, the better they'll be at their jobs.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
MARCH 12, 2023
Experts warn that employees are providing sensitive corporate data to the popular artificial intelligence chatbot model ChatGPT. Researchers from Cyberhaven Labs analyzed the use of ChatGPT by 1.6 million workers at companies across industries. They reported that 5.6% of them have used it in the workplace and 4.9% have provided company data to the popular chatbot model since it launched.
WIRED Threat Level
MARCH 15, 2023
Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. But the platform’s tools to weed them out only go so far.
Advertisement
At the beginning of 2023, concern grew over pixels and trackers, which load into the browser as a part of the software supply chain, being used by data harvesting platforms to collect user data. The data is then transferred to the servers of the companies owning the pixels/trackers as a part of their advertising and marketing business. Aggressive data harvesting practices increase the likelihood and/or actual transfer of sensitive data, which may cause unintended consequences, including expensiv
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. The report found that in 2022 there was a 240% increase in phishing pages that attempted to redirect potential security researchers and bots away from the sites.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Krebs on Security
MARCH 17, 2023
The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 20
The Last Watchdog
MARCH 14, 2023
A new report from the Bipartisan Policy Center ( BPC ) lays out — in stark terms – the prominent cybersecurity risks of the moment. Related: Pres. Biden’s impact on cybersecurity. The BPC’s Top Risks in Cybersecurity 2023 analysis calls out eight “top macro risks” that frame what’s wrong and what’s at stake in the cyber realm. BPC is a Washington, DC-based think tank that aims to revitalize bipartisanship in national politics.
Data Protection Report
MARCH 13, 2023
EDPB Guidelines on the interplay between Article 3 and the provisions in Chapter V of the General Data Protection Regulation on international data transfers On 14 February 2023, the European Data Protection Board ( EDPB ) published its Guidelines on the interplay between Article 3 and the provisions in Chapter V of the General Data Protection Regulation ( GDPR ) on international data transfers (the Guidelines ).
Data Breach Today
MARCH 16, 2023
Cybereason Enters Leaders Quadrant While Trellix Falls From Leader to Niche Player Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.
Advertisement
Case studies are proof of successful client relations and a verifiable product or service. They persuade buyers by highlighting your customers' experiences with your company and its solution. In sales, case studies are crucial pieces of content that can be tailored to prospects' pain points and used throughout the buyer's journey. In marketing, case studies are versatile assets for generating business, providing reusable elements for ad and social media content, website material, and marketing c
Krebs on Security
MARCH 14, 2023
Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.
Dark Reading
MARCH 14, 2023
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.
KnowBe4
MARCH 16, 2023
I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they do. This post is aimed to help clarify some common misunderstandings.
Data Breach Today
MARCH 16, 2023
Also: Please Help the Sector Pay for Cybersecurity, Execs Tell Senate Panel Healthcare executives called on Congress to ensure minimum cybersecurity standards, saying a wholly voluntary approach is failing clinics and hospitals. Gaps are widest at small rural hospitals, testified a former hospital CISO before the Senate Homeland Security and Governmental Affairs Committee.
Advertisement
Unleash the power of NoSQL with "Apache Cassandra® NoSQL for the Relational DBA." Learn from Lewis DiFelice, an experienced Professional Services Consultant at Instaclustr, as he shares his journey transitioning from SQL to managing a 40-node Cassandra cluster. Gain insights into Cassandra's architecture, configuration strategies, and best practices.
Krebs on Security
MARCH 15, 2023
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest.
Thales Cloud Protection & Licensing
MARCH 13, 2023
Key Points from the US National Cybersecurity Strategy 2023 divya Mon, 03/13/2023 - 15:39 On March 2, the Biden administration released its 2023 National Cybersecurity Strategy, an attempt “ to secure the full benefits of a safe and secure digital ecosystem for all Americans.” The Strategy recognizes that the US government must use all tools of national power in a coordinated manner to protect national security, public safety, and economic prosperity.
Dark Reading
MARCH 15, 2023
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.
Data Breach Today
MARCH 16, 2023
On Radar: Zoll, CHU Saint-Pierre, Latitude Financial, LA Housing Authority In this week's data breach roundup: medical device manufacturer Zoll, CHU University hospitals, Australian company Latitude Financial, Hawaiian death registry, Los Angeles Housing Authority, Indian Railway ticketing app, updates on U.S. Marshals Service and Congress, and a new ransomware decryptor!
As a business leader, you know it's important to update your apps, but it can be tough to figure out the best approach. This whitepaper helps you in upgrading your current applications using modernization strategies without any business disruptions.
Hunton Privacy
MARCH 16, 2023
On March 15, 2023, the UK Information Commissioner’s Office (“ICO”) published an updated version of its guidance on AI and data protection (the “updated guidance”), following requests from UK industry to clarify requirements for fairness in AI. The key updates are summarized as follows: The updated guidance has been restructured using the data protection principles as the core of the structure.
Schneier on Security
MARCH 14, 2023
By Nathan E. Sanders & Bruce Schneier Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate interests. In some cases, the objective of that money is obvious. Google pours millions into lobbying on bills related to antitrust regulation. Big energy companies expect action whenever there is a move to end drilling leases for federal lands, in exchange for the tens of millions they contribute to congressional reelection campaigns.
Dark Reading
MARCH 17, 2023
The chances of getting hacked are no longer low. Companies need to rethink their data collection and monitoring strategies to protect employee privacy and corporate integrity.
Data Breach Today
MARCH 17, 2023
European Parliament and Council of the EU Set to Engage in Trilogue The European Parliament approved Thursday legislation creating a continentwide framework for digital identity that European leaders hope will diminish the role of big tech companies such as Google and Apple. Members of the European Parliament have pushed for additional privacy measures.
Advertisement
Getting off of Hadoop is a critical objective for organizations, with data executives well aware of the significant benefits of doing so. The problem is, there are few options available that minimize the risk to the business during the migration process and that’s one of the reasons why many organizations are still using Hadoop today. By migrating to the data lakehouse, you can get immediate benefits from day one using Dremio’s phased migration approach.
IT Governance
MARCH 16, 2023
The UK government has announced plans to ban ministers and civil servants from using TikTok on work devices. It follows concern regarding the data privacy practices of the Chinese-owned app, with the European Parliament making a similar ruling last week. The problems stem from TikTok’s ties to the Chinese government and the ways that people’s personal data could be used for nefarious purposes.
Hunton Privacy
MARCH 13, 2023
On March 9, 2023, the U.S. Securities and Exchange Commission (SEC) announced settled administrative charges against Blackbaud Inc. The case stems from disclosures Blackbaud made to investors regarding a 2020 ransomware attack that targeted donor data management software the company provides to non-profit organizations. The SEC’s order alleges that Blackbaud initially announced details of the incident on the company’s website and notified impacted customers in July 2020.
Dark Reading
MARCH 16, 2023
The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said.
Data Breach Today
MARCH 15, 2023
'Inaccessible Computers' Incident Initially Reported as Affecting 501 People A vendor of clinical and third-party administrative services to managed care organizations and healthcare providers serving elderly and disabled patients said a cybersecurity incident last summer has affected more than 4.2 million individuals.
Speaker: William Hord, Senior VP of Risk & Professional Services
Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?
KnowBe4
MARCH 13, 2023
According to Microsoft's Security Intelligence team, a recent business email compromise attack (BEC) has shown that threat actors are quickening the pace of these attacks, with certain elements only taking a few minutes.
Hunton Privacy
MARCH 17, 2023
On March 15, 2023, the Colorado Attorney General’s Office finalized rules implementing the Colorado Privacy Act (“CPA”). The finalized rules were released with an official redline that reflects prior revisions of the rules dated December 21, 2022 , January 27, 2023 , and February 23, 2023. The rules will be published in the Colorado Register later this month and will go into effect on July 1, 2023, when the CPA takes effect.
Dark Reading
MARCH 17, 2023
A more holistic model beyond MITRE et al is needed to help defenders better identify and understand commonalities in different online threat campaigns, the Facebook parent company says.
Expert insights. Personalized for you.
188 
Let's personalize your content