Sat.Aug 31, 2024 - Fri.Sep 06, 2024

article thumbnail

Match Made in Heaven: Exploring the Relationship Between AI and Information Management

AIIM

Why are information management and AI even in the same sentence? It's an interesting question. What's the relationship? Well, the answer is simple: there is no AI without information.

IT 187
article thumbnail

The US Navy Is Going All In on Starlink

WIRED Threat Level

The Navy is testing out the Elon Musk–owned satellite constellation to provide high-speed internet access to sailors at sea. It’s part of a bigger project that’s about more than just getting online.

Access 139
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How Ransomware Groups Weaponize Stolen Data

Data Breach Today

DataBreachToday.com is a multimedia website providing news, insights and education on data breach detection, notification and prevention.

article thumbnail

Owners of 1-Time Passcode Theft Service Plead Guilty

Krebs on Security

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency , a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was a service for intercepting one-time passcodes needed to log in to various websites.

Passwords 226
article thumbnail

The Tumultuous IT Landscape is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

List of Old NSA Training Videos

Schneier on Security

The NSA’s “ National Cryptographic School Television Catalogue ” from 1991 lists about 600 COMSEC and SIGINT training videos. There are a bunch explaining the operations of various cryptographic equipment, and a few code words I have never heard of before.

FOIA 124

More Trending

article thumbnail

After CrowdStrike Outage: Time to Rebuild Microsoft Windows?

Data Breach Today

Global Outage Triggers Calls for 'Less-Invasive Access' to Essential Functions The global disruption caused by a faulty CrowdStrike software triggering a kernel panic and computer meltdowns has led government agencies, experts and vendors to call for rethinking Windows operating system resiliency, including the deep-level OS access security tools now require.

article thumbnail

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and already listed 23 victims on its extortion portal since mid-June. The following image shows the list of victims published by the gang on its Dark Web leak site.

article thumbnail

YubiKey Side-Channel Attack

Schneier on Security

There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack , requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis.

Passwords 119
article thumbnail

Russia’s Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare Team

WIRED Threat Level

Unit 29155 of Russia’s GRU military intelligence agency—a team responsible for coup attempts, assassinations, and bombings—has branched out into brazen hacking operations with targets across the world.

Military 139
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

FEMA Has Begun Deploying Cyber Advisers to Disaster Zones

Data Breach Today

FEMA CIO: Cyber Advisers Provide Critical Security Guidance Amid Recovery Efforts Charles Armstrong, chief information officer of the Federal Emergency Management Agency, told the Billington Cybersecurity Summit his agency has begun deploying cyber advisors to disaster recovery zones to "rapidly and securely" build information technology and operational technology infrastructure.

article thumbnail

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. These operations include espionage, sabotage, and reputational damage. The United States and its allies state that GRU is behind global critical infrastructure attacks.

article thumbnail

SQL Injection Attack on Airport Security

Schneier on Security

Interesting vulnerability : …a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips. The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline.

Security 120
article thumbnail

We Hunted Hidden Police Signals at the DNC

WIRED Threat Level

Using special software, WIRED investigated police surveillance at the DNC. We collected signals from nearly 300,000 devices, revealing vulnerabilities for both law enforcement and everyday citizens alike.

Privacy 127
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Inside CISA's Unprecedented Election Security Mission

Data Breach Today

CISA 'Committing More Resources Than Ever Before' to Election Infrastructure The Cybersecurity and Infrastructure Security Agency told Information Security Media Group it is in the process of carrying out its most expansive national effort to secure election infrastructure across the country ahead of the upcoming November election.

Security 252
article thumbnail

An air transport security system flaw allowed to bypass airport security screenings

Security Affairs

A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs are two transport security systems that pilots, flight attendants, and other airline employees to bypass traditional airport security checks and access cockpit jumpseats.

Security 115
article thumbnail

Tracelo Data Breach: 1.4 Million Records Exposed

eSecurity Planet

Data is the new gold, and breaches have become an unfortunate reality. A recent incident involving Tracelo, a popular smartphone geolocation tracking service, has exposed the personal information of over 1.4 million users. This breach, orchestrated by a hacker known as “Satanic,” highlights the vulnerability of even seemingly secure online platforms.

article thumbnail

Security Researcher Sued for Disproving Government Statements

Schneier on Security

This story seems straightforward. A city is the victim of a ransomware attack. They repeatedly lie to the media about the severity of the breach. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher. Let’s hope the judge throws the case out, but—still—it will serve as a warning to others.

article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Moody's Ratings: Cyber Insurance Competition Up, Prices Down

Data Breach Today

Credit Rating Business Says Cyber Insurance Market 'Poised for Significant Growth' Competition has been increasing in the cyber insurance market, leading to a "moderate" decrease in insurance premiums after several years of rate increases. So reports Moody's Ratings, which said that the changes were driven by an influx of new players that is likely to continue.

Insurance 242
article thumbnail

SonicWall warns that SonicOS bug exploited in attacks

Security Affairs

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific cond

Passwords 110
article thumbnail

New AirPods are arriving next week. Here are the top 4 features I want to see

Collaboration 2.0

Industry insiders are confident Apple will announce new AirPods next week during the iPhone 16 launch. Although that's exciting to hear, there are a few things I'd like to see first.

98
article thumbnail

Phishing is Still the Top Initial Access Vector

KnowBe4

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly.

Phishing 100
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Brazil Suspends Access to Elon Musk's X, Including via VPNs

Data Breach Today

Supreme Court Set to Review Ban, After X Failed to Appoint a Legal Representative Brazil has begun blocking domestic access to social platform X - including criminalizing access by Brazilians who might use a VPN - after the company failed to comply with court orders tied to combating disinformation campaigns, and a law requiring it has a legal representative in the country.

Access 246
article thumbnail

Quishing, an insidious threat to electric car owners

Security Affairs

Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However, new cyber threats have emerged with this growth, including “quishing.” This term, a combination of “QR Code” and “phishing,” describes a scam in which fraudsters use counterfeit QR Codes to steal sensitive information

Phishing 110
article thumbnail

Windows 11 finally outscores Windows 10 among PC gamers

Collaboration 2.0

Since its debut almost three years ago, Windows 11 has struggled to catch up to its predecessor in popularity and market share. But with the clock now running out for Windows 10, things seem to be shifting a little faster.

article thumbnail

Taylor Swift Concert Terror Plot Was Thwarted by Key CIA Tip

WIRED Threat Level

Plus: China-linked hackers infiltrate US internet providers, authorities crack down on a major piracy operation, and a ransomware gang claims attacks during the Paris Olympics.

article thumbnail

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

article thumbnail

ISMG Editors: How Arrest of Telegram CEO Affects Encryption

Data Breach Today

Also: AI's Role in Cybersecurity; New Fraud Prevention Rules In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.

article thumbnail

Lockbit gang claims the attack on the Toronto District School Board (TDSB)

Security Affairs

The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students’ information was compromised following a ransomware attack that was discovered in June. The TDSB is the largest school board in Canada with 582 schools and about 235,000 students.

article thumbnail

This great Amazon Fire TV Omni Series QLED is still $170 off after Labor Day

Collaboration 2.0

The Amazon Fire TV Omni QLED offers excellent picture and audio quality for both streaming and console gaming, and you can save $170 on the 55-inch version in this still-live Labor Day deal.

98