Mon.Dec 04, 2023

article thumbnail

Steve Katz, World's First CISO, Dies in Hospice Care

Data Breach Today

Former Banking CISO Remembered as Pioneering Leader, Generous Mentor and Colleague Steve Katz, the world's first CISO, died Saturday night while under hospice care in Long Island, New York. He left a strong legacy - not just as a pioneer and trailblazer in cybersecurity leadership but also as a beloved colleague and mentor who generously shared his time and wisdom.

article thumbnail

AI and Trust

Schneier on Security

I trusted a lot today. I trusted my phone to wake me on time. I trusted Uber to arrange a taxi for me, and the driver to get me to the airport safely. I trusted thousands of other drivers on the road not to ram my car on the way. At the airport, I trusted ticket agents and maintenance engineers and everyone else who keeps airlines operating. And the pilot of the plane I flew.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

LogoFAIL Bootup Flaw Puts Hundreds of Devices at Risk

Data Breach Today

UEFI Feature Flashing Corporate Logo Can Enable Malware Deployment Hackers could use a firmware specification designed to flash a corporate logo during computer boot up to deliver a malicious payload that circumvents the industry standard for only loading trusted operating systems. The flaw stems from graphic image parsers embedded into system firmware.

Risk 265
article thumbnail

Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

Security Affairs

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198). Storm-0216 has historically used Qakbot malware for initial access, but has switched to other malware for initial access after the takedown of the Qakbot infrastructure.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Previewing Black Hat Europe 2023 in London: 16 Hot Sessions

Data Breach Today

Routers in Peril, Battling Burnout, Teaching ChatGPT to Attack and More Winter in London features Hyde Park's Winter Wonderland, Christmas lights galore, and the return of the Black Hat Europe cybersecurity conference, featuring briefings on everything from quantum cryptography and router pwning to dissecting iOS zero-days and training generative AI to attack.

More Trending

article thumbnail

Russian GRU Hackers Target Polish Outlook Inboxes

Data Breach Today

Military Intelligence Exploits Microsoft Flaw Patched In March Russian military intelligence hackers active in Poland are exploiting a patched flaw in Microsoft Outlook, say cyber defenders from Redmond and Warsaw. Microsoft in a Monday post identifies the hackers as Forest Blizzard, also known as APT28 and Fancy Bear.

Military 229
article thumbnail

Inside America's School Internet Censorship Machine

WIRED Threat Level

A WIRED investigation into internet censorship in US schools found widespread use of filters to censor health, identity, and other crucial information. Students say it makes the web entirely unusable.

IT 136
article thumbnail

New P2PInfect bot targets routers and IoT devices

Security Affairs

Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. This variant has been compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture.

IoT 125
article thumbnail

Phishing Kits Undergo an Evolution in Feature Set, Demand, and Branding

KnowBe4

Now being commonly referred to as “Scama” – short for Scamming Method – these kits are being sold promoting highly advanced feature sets, turning the novice scammer into a pro.

Phishing 105
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families

WIRED Threat Level

Legislation set to be introduced in Congress this week would extend Section 702 surveillance of people applying for green cards, asylum, and some visas—subjecting loved ones to similar intrusions.

Privacy 108
article thumbnail

Sexual Harassment Prevention Training from…KnowBe4?

KnowBe4

When you think of KnowBe4, you probably think of phishing training, good password hygiene modules, security awareness, or maybe even data protection compliance such as GDPR.

article thumbnail

How financial institutions can deliver value from investment in digital operational resilience

IBM Big Data Hub

The Digital Operational Resilience Act (DORA) is a landmark piece of legislation in the European Union (EU) that is designed to help fortify the operational resilience of the financial sector, making it fit for purpose in the digital age. DORA has several objectives, including to comprehensively address information and communications technology (ICT) risk management in the financial services sector and harmonize the ICT risk management regulations that already exist in individual EU member state

article thumbnail

Combatting Rogue URL Tricks: Quickly Identify and Investigate the Latest Phishing Attacks

KnowBe4

Everyone knows you shouldn’t click phishy links. But are your end users prepared to quickly identify the trickiest tactics bad actors use before it’s too late? Probably not.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Preparing for the EU AI Act

Data Matters

Join Sidley and OneTrust DataGuidance for a webinar on the EU AI Act. This discussion with industry panellists will cover initial reactions to the (anticipated) political agreement on the EU AI Act following key negotiations by the European legislative bodies on December 6, 2023. The post Preparing for the EU AI Act appeared first on Data Matters Privacy Blog.

Privacy 86
article thumbnail

Guarding Against the Rise of QR Code Phishing Attacks: How to Protect Yourself and Your Organization

KnowBe4

In the ever-evolving landscape of cyber threats, scammers and hackers are relentless in exploiting every avenue of communication. From emails to texts, calls to QR codes, malicious actors are finding new ways to compromise your privacy and security.

article thumbnail

3 myths hindering your business from adopting generative AI 

IBM Big Data Hub

Generative AI holds enormous potential for driving business growth. It offers ease of integration and scalability for analytics and AI workloads using your company’s data, and offers guardrails for ensuring governance, security and compliance. So, why do millions of small enterprises believe that impactful AI is only accessible to big companies with deep pockets?

article thumbnail

How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 1

Data Protection Report

Modern businesses collect and process personal information about their customers and employees for the benefit of their business – these benefits include identifying opportunities to enhance their products or services, streamlining operations, reducing costs or maximizing profits. Processing such data is often outsourced to a third-party data processing service provider.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

A look into IBM’s AI ethics governance framework

IBM Big Data Hub

“Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences,” as per Gartner. Yet while 79% of executives say AI ethics is important to their enterprise-wide AI approach , less than 25% have operationalized ethics governance principles. In a new case study featuring IBM, Gartner talks about how to establish a governance framework to streamline the process of detecting and managing technology ethics concerns in AI

article thumbnail

New York Department of Financial Services Reaches $1 Million Dollar Settlement With First American Title Insurance in Data Breach Investigation

Hunton Privacy

On November 28, 2023, the New York Department of Financial Services (“NYDFS”) announced that First American Title Insurance Company (“First American”), the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach. The NYDFS investigated the company’s response to the data breach and alleged that First American knew of a vulnerability in its technical systems that exposed c

article thumbnail

A guide to efficient Oracle implementation

IBM Big Data Hub

By implementing Oracle , one of the world’s leading enterprise resource planning (ERP) tools, organizations can transform their business processes and significantly increase operational efficiency. Companies large and small are increasingly digitizing and managing vast troves of data. ERP systems like Oracle’s streamline business processes and reduce costs, leveraging information to help organizations make better decisions in rapidly changing landscapes.

Cloud 71
article thumbnail

FBI: Iranian APT Targets Israeli-Made PLCs Used In Critical Industries

The Security Ledger

The hack of a Pennsylvania water treatment facility in November is part of a larger campaign by an Iranian APT group against users of Israel-made operational technology. The post FBI: Iranian APT Targets Israeli-Made PLCs Used In Critical Industries first appeared on The Security Ledger with Paul F. Roberts. Related Stories Cyberattacks on Industrial Control Systems Jumped in 2022 BitCoins To Bombs: North Korea Funds Military With Billions In Stolen Cryptocurrency Forget the IoT.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Top 5 criteria for developers when adopting generative AI

IBM Big Data Hub

The surge in adoption of generative AI is happening in organizations across every industry, and the generative AI market is projected to grow by 27.02% in the next 10 years according to Precedence Research. Advacements in machine learning algorithms, neural networks and the computational power of generative AI, combined with human expertise, intuition and creativity, can unlock new possibilities and achieve levels of innovation that were previously unimaginable.

article thumbnail

Fingerprint Biometrics Hold Promise to Address Retailers’ Common Challenges

HID Global

Fingerprint biometrics help retailers speed up payments and checkout times, reduce fraud and shrinkage costs, and eliminates a complicated system overhaul.

Retail 52
article thumbnail

How generative AI can transform the aviation industry 

IBM Big Data Hub

The aviation industry is under pressure to improve the sustainability of air travel while improving operational efficiency in an increasingly complex marketplace that is still recovering from the impact of the COVID-19 pandemic. In an industry where safety is paramount and new technologies require utmost scrutiny, generative AI promises to boost aviation businesses and their industry partners.

article thumbnail

Taping batteries saves lives via Bcyvcle.com

IG Guru

Never bin your batteries When used batteries get tossed in general waste or recycling bins they create a fire hazard and can end up in landfill where they can leak toxic materials into waterways and ecosystems. Check out more here. The post Taping batteries saves lives via Bcyvcle.com first appeared on IG GURU.

Risk 67
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Examples of IBM assisting insurance companies in implementing generative AI-based solutions  

IBM Big Data Hub

IBM works with our insurance clients, and research conducted by the IBM Institute for Business Value (IBV) shows three key imperatives that guide insurer management decisions: Digital orchestration Improved core productivity (business and IT) The need for flexible infrastructure To meet the key imperatives and facilitate the transformation of their companies, insurers need to: Provide digital offerings to their customers Become more efficient Use data more intelligently Address cybersecurity con

article thumbnail

US CISA: Secure Israeli-Made Technology From Iranian Hackers

Data Breach Today

'Cyber Av3ngers' Didn't Tamper With Water Safety, Says Cyber Agency The U.S. Cybersecurity and Infrastructure Security Agency encouraged all organizations that use equipment developed by an Israeli technology company called Unitronics to bolster their cyber posture amid the Israel-Hamas war after an Iranian hacking group attacked a Pennsylvania water municipality.

Security 265
article thumbnail

The future of business planning with generative AI?

IBM Big Data Hub

In the rapidly-evolving business ecosystem, many companies face a combination of challenges, including inflation, supply chain disruptions and a complex labor market. These factors exert significant pressure on profitability. In this scenario, traditional planning methods may hinder a company’s ability to respond quickly and strategically to changing opportunities and challenges.   This is where autonomous planning shines.