Sat.Jan 07, 2023 - Fri.Jan 13, 2023

article thumbnail

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps. In an enterprise, it’s the same rule. All areas of an organization need to be free to “play their own game.”. And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly.

Risk 146
article thumbnail

Kubernetes-Related Security Projects to Watch in 2023

Dark Reading

Organizations must be vigilant about balancing performance gains with security, governance, and compliance as they expand their use of Kubernetes

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

4 Changing International Data Protection Laws to Watch

Data Breach Today

Organizations Need to Know How Privacy Laws Affect Compliance Demands

article thumbnail

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus.

Security 261
article thumbnail

Subsurface: The Ultimate Data Lakehouse Conference

Speaker: Panel Speakers

We’ve just opened registration for Subsurface LIVE 2023! Learn how to innovate with open source technologies such as Apache Arrow, Delta Lake, and more. Register now to secure your spot at Subsurface LIVE being held March 1-2, 2023.

article thumbnail

LockBit Ransomware Group Reportedly Behind Royal Mail Attack

Data Breach Today

Attack Is Disrupting International Mail Export Services The cyber incident at the Royal Mail that is impeding exports from the United Kingdom is reportedly a ransomware attack by the LockBit ransomware-as-a-service group.

More Trending

article thumbnail

Malware Comes Standard With This Android TV Box on Amazon

Dark Reading

The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted

113
113
article thumbnail

Microsoft Patch Tuesday, January 2023 Edition

Krebs on Security

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S.

article thumbnail

Patched Chromium Vulnerability Allowed File Theft

Data Breach Today

Bug Exploited Symbolic Links to Find a File Path to Sensitive Data A high-severity vulnerability patched by Google Chrome a few months ago allowed hackers to steal sensitive files such as crypto wallets.

article thumbnail

Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

KnowBe4

The recent hack (at least 7 th ) of the LastPass password manager has lots of people wondering if they should use a password manager. KnowBe4 Password Security

article thumbnail

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

article thumbnail

Researchers Find 'Digital Crime Haven' While Investigating Magecart Activity

Dark Reading

A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more

Security 114
article thumbnail

How to prepare for intelligent capture in Life Sciences

OpenText Information Management

Recently I wrote a blog outlining why intelligent capture is the secret weapon Life Sciences companies need.

article thumbnail

ChatGPT Showcases Promise of AI in Developing Malware

Data Breach Today

Check Point Spotted Hacking Forum Posters Probing AI Tool's Malware Capabilities Low-level hackers are probing the capacity of ChatGPT to generate scripts that could be used toward criminal ends, such as for stealing files or malicious encryption.

article thumbnail

Identifying People Using Cell Phone Location Data

Schneier on Security

The two people who shut down four Washington power stations in December were arrested.

article thumbnail

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

article thumbnail

$20K Buys Insider Access to Telegram Servers, Dark Web Ad Claims

Dark Reading

In the ad, cybercriminals are offering to sell employee-level access to Telegram, researchers warn

Access 114
article thumbnail

Top 10 network security best practices

OpenText Information Management

Network security is constantly evolving. To stay ahead of bad actors, follow these 10 best practices to reduce the risk of data compromise.

Risk 92
article thumbnail

Twitter: Latest Dump Has 'Already Publicly Available' Data

Data Breach Today

article thumbnail

Threats of Machine-Generated Text

Schneier on Security

With the release of ChatGPT, I’ve read many random articles about this or that threat from the technology. This paper is a good survey of the field: what the threats are, how we might detect machine-generated text, directions for future research.

article thumbnail

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

article thumbnail

Norton LifeLock Warns on Password Manager Account Compromises

Dark Reading

Password manager accounts may have, ironically, been compromised via simple credential stuffing, thanks to password reuse

Passwords 112
article thumbnail

Government Workers as Phishing Targets

KnowBe4

Government workers are prime targets for social engineering attacks, according to Kaitlyn Levinson at GCN. Attackers use different tactics to target government employees in specific roles.

article thumbnail

Aflac, Zurich Policyholders in Japan Affected by Data Leaks

Data Breach Today

Subcontractor Server Hacked in Both Incidents Compromising Data of Millions Personal information for nearly 3.2 million Aflac cancer insurance and almost 760,000 Zurich Insurance auto insurance policy holders in Japan has been leaked on the dark web following hacks on a third-party contractor

Insurance 207
article thumbnail

Data Breaches and Cyber Attacks in 2022: 408 Million Breached Records

IT Governance

Welcome to our review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly lists of data breaches and cyber attacks.

article thumbnail

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

article thumbnail

Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads

Dark Reading

Rhadamanthys spreads through Google Ads that redirect to bogus download sites for popular workforce software — as well as through more typical malicious emails

112
112
article thumbnail

Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems

Security Affairs

Twitter said that its investigation revealed that users’ data offered for sale online was not obtained from its systems. Twitter provided an update on its investigation launched after data of 200 Million users were offered for sale online.

Sales 82
article thumbnail

French CNIL Fines TikTok 5 Million Euros for Cookie Policies

Data Breach Today

Agency Says the Company's Policies Violated National Data Protection Law TikTok must pay a fine of 5 million euros to the French government after the country's data protection agency said the short-form video app violated national privacy law restricting the monitoring of web browser activity.

article thumbnail

New Report Finds Auto Cyber Is A Dumpster Fire

The Security Ledger

Automakers swear that the security of their connected vehicles is their top priority. So how come researchers just found dozens of software flaws that could give hackers access to millions of cars?

article thumbnail

7 Ways to Supercharge Your ABM Strategy with Real-Time Intent

Streaming real-time intent is a homerun for marketing and sales’ account-based marketing (ABM) strategies. With real-time buyer insights, you can be first-in-line to provide solutions and lead better, hyper-personalized conversations.

article thumbnail

Better Phishing, Easy Malicious Implants: How AI Could Change Cyberattacks

Dark Reading

Current defenses are able to protect against today's AI-enhanced cybersecurity threats, but that won't be the case for long as these attacks become more effective and sophisticated

Phishing 114
article thumbnail

Experian Privacy Vulnerability

Schneier on Security

Brian Krebs is reporting on a vulnerability in Experian’s website: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus.

Privacy 81
article thumbnail

Ransomware Group Behind Victoria Fire Department Outage

Data Breach Today

Vice Society Claims Credit for Data Leak Affecting Current, Former Employees The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage.