KnowBe4
SEPTEMBER 6, 2023
I frequently write about authentication, including PKI, multi-factor authentication (MFA), password managers, FIDO, Open Authentication, and biometrics. I have written dozens of articles on LinkedIn and have presented during many KnowBe4 webinars about different authentication subjects.
Krebs on Security
SEPTEMBER 5, 2023
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
SEPTEMBER 6, 2023
The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million. It is now in bankruptcy. I can’t understand why anyone thinks these technologies are a good idea.
Data Breach Today
SEPTEMBER 7, 2023
Repeat Shakedown Tactic: Victims Told to Pay Up or Else They'll Pay Massive Fines Ransomware groups do whatever they can to pressure a victim into paying. Enter the likes of Ransomed, following in the footsteps of Alphv/BlackСat, NoEscape and Good Day-powered Cloak, all of which threaten victims with a world of General Data Protection Regulation violation pain, unless they pay.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, CTO of Betterworks, will explore a practical framework to transform Generative AI prototypes into
The Last Watchdog
SEPTEMBER 5, 2023
New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. Related: The need for supply chain security This is to be expected. After all, government mandates combined with industry standards are the twin towers of public safety. Without them the integrity of our food supplies, the efficacy of our transportation systems and reliability of our utilities would not be what they are.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
IBM Big Data Hub
SEPTEMBER 5, 2023
This is part four in a five-part series on mainframe modernization. The secret to mainstreaming the mainframe into today’s modern, cloud-centric IT environments is to make the experience of working with the mainframe like the experience of working off the mainframe—especially the developer experience (DX). Historically, working on the mainframe was an entirely different experience from the distributed world.
Data Breach Today
SEPTEMBER 7, 2023
Also, Google Fitbit Faces Privacy Complaints From Schrems This week, the Swedish DPA fined an insurer $3 million for violating GDPR, a DDoS attack disrupted a German financial agency website, Google Fitbit faced privacy complaints from Schrems, Ragnar Locker published hacked hospital data, and Seville, Spain dealt with the aftermath of a ransomware attack.
The Last Watchdog
SEPTEMBER 6, 2023
Over time, Bitcoin has become the most widely used cryptocurrency in the world. Strong security measures become increasingly important as more people use this digital currency. Related: Currency exchange security issues For managing and keeping your Bitcoin assets, you must need a bitcoin wallet, which is a digital version of a conventional wallet. The protection of your priceless digital assets will be guaranteed by this article’s discussion of the best techniques for protecting your Bitc
Security Affairs
SEPTEMBER 2, 2023
Identity services provider Okta warned customers of social engineering attacks carried out by threat actors to obtain elevated administrator permissions. Okta is warning customers of social engineering attacks carried out in recent weeks by threat actors to obtain elevated administrator permissions. The attacks targeted IT service desk staff to trick them into resetting all multi-factor authentication (MFA) factors enrolled by highly privileged users.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
IBM Big Data Hub
SEPTEMBER 8, 2023
Brands that deliver an excellent customer experience (CX) will always be more resilient than those that don’t. Giving our customers personalized support at every stage of their journey is proven to earn their longtime loyalty—and keep them from switching to a competitor. The challenge, however, is that many teams operate in siloes that inhibit them from applying their customer insights in meaningful ways.
Data Breach Today
SEPTEMBER 6, 2023
AI Could Undermine Trust in Democracy, Starting With This Very Statement Artificial intelligence holds the potential to undermine trust in democracy - but overwrought warnings themselves can erode trust in the system critics seek to preserve, warns a cybersecurity firm. AI is "a long way from massively influencing our perception of reality and political discourse.
OpenText Information Management
SEPTEMBER 7, 2023
For organizations where mainframe and COBOL are at the heart of operations, going beyond the bounds of mainframe architecture to efficiently scale and innovate at speed can seem daunting. Fortunately, there are valuable steps you can take to accelerate your digital transformation journey while staying agile in today’s fast-paced multi-cloud world. Recent OpenText research revealed … The post Customer Spotlight: Achieve Smarter Modernization Beyond Mainframe Architecture appeared first on
Security Affairs
SEPTEMBER 6, 2023
MITRE and CISA released a Caldera extension for OT that allows the emulation of attacks on operational technology systems. MITRE Caldera is an open-source adversary emulation platform that helps cybersecurity practitioners to automate security assessments. The tool is built on the MITRE ATT&CK framework, which is a widely-recognized framework for understanding and responding to cyber threats. “Without further ado, the MITRE Caldera team is proud to announce the release of Caldera for O
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
IBM Big Data Hub
SEPTEMBER 6, 2023
Generative AI is powering a new world of creative, customized communications, allowing marketing teams to deliver greater personalization at scale and meet today’s high customer expectations. The potential of this powerful new tool spans the entire end-to-end marketing process, from internal communications and productivity to customer-facing channels and product support.
Data Breach Today
SEPTEMBER 8, 2023
'BlastPass' Can Compromise iPhones Running the Latest iOS Version, Researchers Say Apple released patches Thursday to close a zero-click exploit makers of the Pegasus advanced spyware app used to infect at least one iPhone carried by an individual employed at a Washington, D.C.-based civil society organization. The lab calls the exploit "BlastPass.
Hunton Privacy
SEPTEMBER 8, 2023
On September 6, 2023, the European Commission designated six companies as gatekeepers under Article 3 of the Digital Markets Act (“DMA”). The new gatekeepers are Alphabet, Amazon, Apple, ByteDance, Meta and Microsoft. Jointly, these companies provide 22 core platform services, including social networks, internet browsers, operative systems and mobile app stores.
Security Affairs
SEPTEMBER 6, 2023
Three critical remote code execution vulnerabilities in ASUS routers potentially allow attackers to hijack the network devices. ASUS routers RT-AX55, RT-AX56U_V2, and RT-AC86U are affected by three critical remote code execution vulnerabilities that can potentially allow threat actors to take over the devices. The three vulnerabilities were reported by the Taiwanese CERT, below are their descriptions: CVE-2023-39238 (CVSS 9.8): ASUS RT-AX55, RT-AX56U_V2 and RT-AC86U iperf-related modules set_ipe
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
SEPTEMBER 8, 2023
Legitimate-seeming Telegram "mods" available in the official Google Play store for the encrypted messaging app signal the rise of a new enterprise threat.
Data Breach Today
SEPTEMBER 5, 2023
CEO Jay Chaudhry: In-Line Inspection, App-to-App Protection Aid Data Defense Growth Zscaler's ability to inspect traffic in-line and secure application-to-application communications has driven massive growth in its data protection business, CEO Jay Chaudhry said. Customers have embraced Zscaler's data protection technology over both incumbents like Symantec as well as CASB tools.
KnowBe4
SEPTEMBER 8, 2023
New data suggests that the gangs and toolkits behind current ransomware attacks are materially improving their abilities, resulting in a speeding up of attacks before defenses kick in.
Security Affairs
SEPTEMBER 4, 2023
A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down. A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down for some days. It is not clear who is behind the DDoS attack, but the media speculate that it was launched by pro-Russian hacktivists in response to the German financial and military support to Ukraine.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
SEPTEMBER 5, 2023
To benefit from AI yet minimize risk, companies should be cautious about information they share, be aware of AI's limitations, and stay vigilant about business implications.
Data Breach Today
SEPTEMBER 6, 2023
Deal Will Extend DEM Skills to Nontraditional Environments, Nonsecurity Personnel Netskope purchased a French digital experience management startup to monitor and proactively remediate performance issues across both SD-WAN and SSE. The deal will bring network and application performance visibility to user devices as well as hybrid, SaaS and cloud applications.
IT Governance
SEPTEMBER 7, 2023
This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. Transcript: Hello and welcome to the IT Governance podcast for Friday, 8 September 2023.
Security Affairs
SEPTEMBER 8, 2023
U.S. CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The US agency has detected the presence of indicators of compromise (IOCs) at an Aeronautical Sector organization as early as January 2023.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
WIRED Threat Level
SEPTEMBER 6, 2023
After leaving many questions unanswered, Microsoft explains in a new postmortem the series of slipups that allowed attackers to steal and abuse a valuable cryptographic key.
Data Breach Today
SEPTEMBER 5, 2023
Energy Facility Impeded Attack by Blocking the Launch of the Windows Script Host Ukrainian cyber defenders say Russian military hackers targeted a critical energy infrastructure facility with phishing emails containing a malicious script leading to cyberespionage. An energy facility cyber defender impeded the attack by blocking the launch of indows Script Host, CERT-UA says.
ARMA International
SEPTEMBER 5, 2023
In the best circumstances, a well-crafted draft IG policy will sail through an approval process like a ship in warm water with strong breezes. Too often, though, the proposed policy hits an iceberg, which stops it in its tracks. At best, there’s little damage and the approval process can continue; at worst, the ship sinks and you head back to the drawing board.
Expert insights. Personalized for you.
114 
Let's personalize your content