Data Breach Today
SEPTEMBER 6, 2024
Global Outage Triggers Calls for 'Less-Invasive Access' to Essential Functions The global disruption caused by a faulty CrowdStrike software triggering a kernel panic and computer meltdowns has led government agencies, experts and vendors to call for rethinking Windows operating system resiliency, including the deep-level OS access security tools now require.
Krebs on Security
SEPTEMBER 2, 2024
Three men in the United Kingdom have pleaded guilty to operating otp[.]agency , a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was a service for intercepting one-time passcodes needed to log in to various websites.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
SEPTEMBER 3, 2024
Why are information management and AI even in the same sentence? It's an interesting question. What's the relationship? Well, the answer is simple: there is no AI without information.
WIRED Threat Level
SEPTEMBER 5, 2024
Unit 29155 of Russia’s GRU military intelligence agency—a team responsible for coup attempts, assassinations, and bombings—has branched out into brazen hacking operations with targets across the world.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
SEPTEMBER 2, 2024
A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and already listed 23 victims on its extortion portal since mid-June. The following image shows the list of victims published by the gang on its Dark Web leak site.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Schneier on Security
SEPTEMBER 6, 2024
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack , requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis.
Collaboration 2.0
SEPTEMBER 6, 2024
I've spent the summer testing solar-powered power banks. It turns out the devices are universally rubbish and potentially unsafe. Here's what I suggest using instead.
WIRED Threat Level
SEPTEMBER 6, 2024
Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health.
Security Affairs
SEPTEMBER 6, 2024
Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business applications and gained access to some of the customers’ personal information. “We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications.
Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage
Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.
Data Breach Today
SEPTEMBER 2, 2024
Supreme Court Set to Review Ban, After X Failed to Appoint a Legal Representative Brazil has begun blocking domestic access to social platform X - including criminalizing access by Brazilians who might use a VPN - after the company failed to comply with court orders tied to combating disinformation campaigns, and a law requiring it has a legal representative in the country.
Schneier on Security
SEPTEMBER 3, 2024
The NSA’s “ National Cryptographic School Television Catalogue ” from 1991 lists about 600 COMSEC and SIGINT training videos. There are a bunch explaining the operations of various cryptographic equipment, and a few code words I have never heard of before.
Collaboration 2.0
SEPTEMBER 5, 2024
Industry insiders are confident Apple will announce new AirPods next week during the iPhone 16 launch. Although that's exciting to hear, there are a few things I'd like to see first.
WIRED Threat Level
SEPTEMBER 3, 2024
The Navy is testing out the Elon Musk–owned satellite constellation to provide high-speed internet access to sailors at sea. It’s part of a bigger project that’s about more than just getting online.
Advertisement
There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h
Security Affairs
SEPTEMBER 1, 2024
A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs are two transport security systems that pilots, flight attendants, and other airline employees to bypass traditional airport security checks and access cockpit jumpseats.
Data Breach Today
SEPTEMBER 2, 2024
Cryptocurrency Users Targeted in Latest Campaign Involving FudModule Rootkit A hacking group tied to North Korea exploited a zero-day vulnerability in the open source Google Chromium web browser to try and steal cryptocurrency, Microsoft said. The attack campaign is the latest to involve a sophisticated North Korean rootkit called FudModule. Google has fixed the flaw.
eSecurity Planet
SEPTEMBER 5, 2024
Data is the new gold, and breaches have become an unfortunate reality. A recent incident involving Tracelo, a popular smartphone geolocation tracking service, has exposed the personal information of over 1.4 million users. This breach, orchestrated by a hacker known as “Satanic,” highlights the vulnerability of even seemingly secure online platforms.
Collaboration 2.0
SEPTEMBER 3, 2024
Since its debut almost three years ago, Windows 11 has struggled to catch up to its predecessor in popularity and market share. But with the clock now running out for Windows 10, things seem to be shifting a little faster.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
WIRED Threat Level
SEPTEMBER 5, 2024
Using special software, WIRED investigated police surveillance at the DNC. We collected signals from nearly 300,000 devices, revealing vulnerabilities for both law enforcement and everyday citizens alike.
Security Affairs
SEPTEMBER 2, 2024
Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the TfL stated that there is no evidence that customer information was compromised during the incident. “We are currently dealing with an ongoing cyber security incident.
Data Breach Today
SEPTEMBER 2, 2024
CISA 'Committing More Resources Than Ever Before' to Election Infrastructure The Cybersecurity and Infrastructure Security Agency told Information Security Media Group it is in the process of carrying out its most expansive national effort to secure election infrastructure across the country ahead of the upcoming November election.
Troy Hunt
SEPTEMBER 6, 2024
It's been a while since I've just gone all "AMA" on a weekly update, but this was just one of those weeks that flew by with my head mostly in the code and not doing much else. There's a bit of discussion about that this week, but it's mostly around the ongoing pain of resellers and all the various issues supporting them then creates as a result.
Advertisement
Entity Resolution Sometimes referred to as data matching or fuzzy matching, entity resolution, is critical for data quality, analytics, graph visualization and AI. Learn what entity resolution is, why it matters, how it works and its benefits. Advanced entity resolution using AI is crucial because it efficiently and easily solves many of today’s data quality and analytics problems.
Collaboration 2.0
SEPTEMBER 3, 2024
The Amazon Fire TV Omni QLED offers excellent picture and audio quality for both streaming and console gaming, and you can save $170 on the 55-inch version in this still-live Labor Day deal.
Schneier on Security
SEPTEMBER 2, 2024
Interesting vulnerability : …a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips. The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline.
Security Affairs
SEPTEMBER 4, 2024
Google addressed a security vulnerability in its Android operating system that is actively exploited in attacks in the wild. Google addressed a high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), in its Android operating system that is under active exploitation in the wild. The vulnerability CVE-2024-32896 is a privilege escalation in the Android Framework component. “there is a possible way to bypass due to a logic error in the code.” reads the advisory publish
Data Breach Today
SEPTEMBER 6, 2024
Also: AI's Role in Cybersecurity; New Fraud Prevention Rules In the latest weekly update, ISMG editors discussed the implications of the recent arrest of Telegram's CEO in Paris for encrypted messaging services, the transformative impact of artificial intelligence in cybersecurity, and the latest regulations designed to curb fraud in electronic payments.
Advertisement
Cybersecurity Detection and Response tools are showing promise in helping reduce an attacker’s dwell time in your network. With reduced dwell time before detection, defenders have time to respond in containing the threat before significant damage can be done to your systems and confidential data. But cutting through the acronym soup and marketing hype can be a daunting task.
KnowBe4
SEPTEMBER 3, 2024
A social engineering campaign is targeting entities in the Middle East using malware that impersonates Palo Alto Networks’ GlobalProtect VPN, according to researchers at Trend Micro.
Collaboration 2.0
SEPTEMBER 3, 2024
Using Apple's iOS 18 and the right carrier, iPhone owners can send Android users messages with high-res photos and videos, read receipts, audio clips, and more. Here's how.
Troy Hunt
AUGUST 31, 2024
I still find the reactions to the Telegram situation with Durov's arrest odd. There are no doubt all sorts of politics surrounding it, but even putting all that aside for a moment, the assertion that a platform provider should not be held accountable for moderating content on the platform is just nuts. As I say in this week's video, there's lots of content that you can put in the "grey" bucket (free speech versus hate speech, for example) and there are valid arguments to b
Expert insights. Personalized for you.
284 
Let's personalize your content