Sat.Nov 16, 2024 - Fri.Nov 22, 2024

article thumbnail

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.

article thumbnail

Zero Days Top Cybersecurity Agencies' Most-Exploited List

Data Breach Today

Cybersecurity Officials Urge to Prioritize Fixing These 15 Most-Exploited Flaws Which vulnerabilities need fixing first to best block nation-state and other hacking attempts? Enter the latest Five Eyes intelligence partnership list of the 15 flaws most targeted by attackers, of which 11 were zero-days. Many organizations have yet to patch them all.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Information Lifecycle Management is AI's Ethical Safeguard

AIIM

As organizations rush to embrace artificial intelligence (AI), many are overlooking a crucial element that could make or break their AI initiatives: effective information management. In this post, I'll explore why information lifecycle management is not just important, but essential for successful and ethical AI implementation.

article thumbnail

Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack

WIRED Threat Level

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.

Security 144
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

AI just gave us the Star Trek farewell we always wanted - watch it here

Collaboration 2.0

William Shatner and Leonard Nimoy reunite in a powerful short film using AI and deepfake technology to give fans the emotional farewell they deserve.

IT 137

More Trending

article thumbnail

AI+IM Forum Europe 2024: Embracing the Information Management Renaissance

AIIM

The recent AI+IM Forum Europe in Manchester brought together industry leaders and practitioners to explore the evolving landscape of information management in the age of artificial intelligence. Here are my key takeaways from this thought-provoking event.

article thumbnail

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany

WIRED Threat Level

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it.

Military 145
article thumbnail

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. With regulators around the world intensifying scrutiny, companies are facing increasing pressure to comply with stringent data protection laws.

GDPR 122
article thumbnail

Google AI Tool Finds 26 Bugs in Open-Source Projects

Data Breach Today

One Vulnerability Had Been Undiscovered for Two Decades, Researchers Said Google researchers used an AI-powered fuzzing tool to identify 26 vulnerabilities in open-source code repositories, some of which had been lurking undiscovered for several decades. Each was found with AI, using AI-generated and enhanced fuzz targets, Google said.

241
241
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus.

Phishing 221
article thumbnail

Inside the Booming ‘AI Pimping’ Industry

WIRED Threat Level

AI-generated influencers based on stolen images of real-life adult content creators are flooding social media.

Privacy 127
article thumbnail

AI transformation is the new digital transformation. Here's why that change matters

Collaboration 2.0

Your boss has read about the power of generative AI and wants you to stop dithering about potential risks and start delivering results.

article thumbnail

Oklahoma Hospital Says Ransomware Hack Hits 133,000 People

Data Breach Today

Incident Is Among Growing List of Attacks on Small, Rural Hospitals An Oklahoma hospital quickly restored its IT systems after a ransomware attack in September, but the 62-bed hospital could not recover some data and later learned that hackers may have accessed the personal information of 133,000 people. The attack is the latest involving a small rural hospital.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Secret Service Tracking People’s Locations without Warrant

Schneier on Security

This feels important : The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn’t need a warrant.

IT 121
article thumbnail

China’s Surveillance State Is Selling Citizen Data as a Side Hustle

WIRED Threat Level

Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked.

Marketing 122
article thumbnail

Update your iPhone, iPad, and Mac now to patch these serious zero-day security flaws

Collaboration 2.0

The emergency updates resolve two zero-day flaws that may have already been exploited in the wild.

Security 122
article thumbnail

Wiz Fortifies Application Security With $450M Dazz Purchase

Data Breach Today

Buy of Application Security Startup Enhances Code-to-Cloud Vulnerability Management Wiz acquired application security posture management startup Dazz for $450 million to provide enterprises with a unified code-to-cloud solution. CEO Merav Bahat highlights how this partnership will streamline vulnerability management and strengthen remediation capabilities for global organizations.

Security 236
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Security Affairs

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3) in PAN-OS. The cybersecurity company had no further details on the vulnerability and was not aware of the active exploitation of the flaw.

article thumbnail

Expand AI productivity to your legacy data archives

OpenText Information Management

What valuable, actionable knowledge is locked in your information archives? Your organization likely has enormous volumes of untapped data and content in archived forms accessible only through metadata or full-text searches. While simple searches of this type serve a practical function, they can also obscure bigger-picture insights hidden in your archive data without time-consuming research or engaging data scientists retrieve and investigate further.

Archiving 111
article thumbnail

Kirk and Spock reunite: AI gives us the Star Trek farewell we always wanted

Collaboration 2.0

William Shatner and Leonard Nimoy reunite in a powerful short film using AI and deepfake technology to give fans the emotional farewell they deserve.

113
113
article thumbnail

CISA Red Team Finds Alarming Critical Infrastructure Risks

Data Breach Today

Red Team Finds Vulnerabilities in Critical Infrastructure Org’s Security Framework The U.S., cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer read teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections.

Risk 235
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching

Troy Hunt

I've spent more than a decade now writing about how to make Have I Been Pwned (HIBP) fast. Really fast. Fast to the extent that sometimes, it was even too fast: The response from each search was coming back so quickly that the user wasn’t sure if it was legitimately checking subsequent addresses they entered or if there was a glitch. Over the years, the service has evolved to use emerging new techniques to not just make things fast, but make them scale more under load, increase avail

article thumbnail

The World Premiere of The Inside Man - Season 6 in St. Petersburg, Florida

KnowBe4

KnowBe4, the leading platform for security awareness training , is excited to bring the award-winning original series, "The Inside Man,” back to your screens with more excitement, drama, and cybersecurity lessons than ever before.

article thumbnail

OpenAI updates GPT-4o, reclaiming its crown for best AI model

Collaboration 2.0

If you use ChatGPT for writing, you'll be happy to hear this.

IT 110
article thumbnail

Cyberstarts Program Sparks Debate Over Ethical Boundaries

Data Breach Today

Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO Compensation Allegations of conflicts of interest in Cyberstarts’ Sunrise program have sparked debate in the CISO community. While the program connected CISOs with startups for advisory purposes, its profit-sharing incentives drew criticism, leading some participants to resign and the firm to halt compensation.

IT 235
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Security Affairs

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities ( CVE-2024-0012 and CVE-2024-9474 ) in PAN-OS. CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain adm

article thumbnail

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

KnowBe4

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.

Phishing 106
article thumbnail

ChatGPT vs. ChatGPT Plus: Is a paid subscription still worth it?

Collaboration 2.0

OpenAI's GPT-4o model makes it harder to determine who'll find free ChatGPT adequate and when ChatGPT Plus is worth it. We break down your options to help you decide.

IT 111