Tue.Aug 06, 2024

article thumbnail

Make it Personal When People Slow Your InfoGov Roll

Weissman's World

You know as well as I that people-related issues – not those related to technology – tend to be the ones that stand most in the way of information governance success. Our problem is that we need them to understand, to make time for us, to change their thinking. To help them get there, we… Read More » Make it Personal When People Slow Your InfoGov Roll The post Make it Personal When People Slow Your InfoGov Roll appeared first on Holly Group.

IT 279
article thumbnail

Ransomware Leads to $30M in Lost Income at Sonic Automotive

Data Breach Today

Numerous Dealers Disrupted by Attack Against Software Provider CDK Global Ransomware attacks are continuing to lead to losses, to the tune of $30 million for automotive retail giant Sonic Automotive due to the attack disrupting car dealership software service provider CDK Global, and separately $17 million for printed circuit board assembly maker Key Tronic.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Black Hat Fireside Chat: The role of API Security in mitigating online fraud, emerging GenAI risks

The Last Watchdog

LAS VEGAS — As Black Hat USA 2024 plays out here this week, the disruptive impact of GenAI/LLM at many different levels will be in the spotlight. Related : GenAI introduces fresh risks We’re in early days. The productivity gains are ramping up – but so are the exposures. I had the chance to visit with Amod Gupta , head of product at Traceable ; we discussed how GenAI/LLM is reverberating at the API level, where hyper-interconnectivity continues to intensify.

Risk 147
article thumbnail

UK's Advanced Faces 6M Pound Find After LockBit Attack

Data Breach Today

Ransomware Hackers Used LockBit 3.0 to Hack IT Services Company in 2022 A British IT services company whose ransomware attack and data breach in 2022 disrupted a national urgent care medical helpline now faces the prospect of a nearly $8 million fine. Hackers stole personal information belonging to 82,946 individuals.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. The incident impacted users globally, the attackers remotely wiped a small percentage of devices, according to the company.

MDM 142

More Trending

article thumbnail

KnowBe4 Honors the World Famous Hacker for the First National Social Engineering Day

KnowBe4

On August 6th, 2024, we celebrate National Social Engineering Day – a new national day established by KnowBe4 and officially recognized by the National Day Calendar. The day aims to educate individuals and organizations about the risks associated with social engineering tactics used in cyber attacks.

Education 137
article thumbnail

CISA Guide Sparks Calls for Software Supplier 'Safe Harbor'

Data Breach Today

New Security Transparency Guidance Sparks Demands for Supplier Protections Experts are calling on the Cybersecurity and Infrastructure Security Agency to expand and implement protections for software developers who embrace the White House administration’s calls to take a greater share of responsibility for the security of their products.

article thumbnail

Should Organizations Pay Ransom Demands?

Security Affairs

Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, with the Verizon Data Breach Report 2024 reporting that ransomware is a top threat across 92% of industries. In recent years, the number of ransomware attacks has grown significantly.

article thumbnail

Kimsuky and Andariel Target Seoul's Construction Industry

Data Breach Today

Espionage Groups Exploited Software Supply Chain Vulnerabilities to Widen Reach Prominent North Korean hacker groups Kimsuky and Andariel have been targeting South Korea's construction and machinery sectors since January to steal classified information to help the country modernize its cities and factories, South Korean government agencies warned on Monday.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Google warns of an actively exploited Android kernel flaw

Security Affairs

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. The IT giant is aware that the vulnerability has been actively exploited in the wild. The company did not share details of the attacks exploiting this vulnerability.

Security 129
article thumbnail

How Akamai’s Acquisition of Noname Enhances API Protection

Data Breach Today

Noname Security CEO Oz Golan on Strengthening API, Web Security Post-Acquisition Akamai’s $450 million acquisition of No Name Security marks a pivotal point in API security. Oz Golan, Noname's CEO and Akamai's vice president of API security, discusses the integration plans, technological synergies, and future growth opportunities that come with Akamai’s extensive customer base.

Security 130
article thumbnail

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea’s national security and intelligence agencies, including the National Intelligence Service, the Prosecutor’s Office, the Police Agency, the Military Intelligence Command, and the Cyber Operations Command, have issued a joint cybersecurity advisory to warn that North Korea-linked hackers exploited VPN software update to install

article thumbnail

Zeroing in on Zero Trust

Data Breach Today

How close are you to achieving Zero Trust? If you’re a CISO or other security leader, recent and forthcoming government mandates mean you urgently need an answer to this question.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a deserialization of untrusted data vulnerability in Microsoft COM for Windows, tracked as CVE-2018-0824 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog.

IT 124
article thumbnail

Data governance doesn’t have to be boring: Get executive buy-in with storytelling

Collibra

Data governance doesn’t have to be boring — nor should it be. Adobe Senior Manager of Data Governance Joseph Wallace rightly challenged this and other misconceptions at the Data Citizens 2024 conference in Orlando, FL. Joseph was part of Adobe’s data governance team when the company first bought and implemented Collibra — a brand-new product at the time — and his experience has taught him that data governance is about unlocking the business potential of data, not just policing it.

article thumbnail

A ransomware attack hit French museum network

Security Affairs

The Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, including Paris’ Grand Palais and other museums. The attack impacted around 40 museums across France. The attack occurred on Sunday, and despite some affected venues are hosting Summer Olympics competitions, the incident had no impact on the Olympic Games.

article thumbnail

A Better Investigatory Board for Cyber Incidents

Schneier on Security

When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of dollars. We need one. To be sure, there is the White House’s Cyber Safety Review Board.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

A New Plan to Break the Cycle of Destructive Critical Infrastructure Hacks

WIRED Threat Level

As digital threats against US water, food, health care, and other vital sectors loom large, a new project called UnDisruptable27 aims to help fix cybersecurity weaknesses where other efforts have failed.

article thumbnail

AI Tools Have Increased the Sophistication of Social Engineering Attacks

KnowBe4

The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports.

article thumbnail

These headphones ruined every other pair for me - and are not by Bose or Sony

Collaboration 2.0

These headphones produce rich, sonically accurate audio that is a luxury for the ears. They offer unmatched comfort and a more-than-reasonable price point.

95
article thumbnail

STOP-VERIFY-CORRECT: How to combat misinformation online and beyond

CILIP

STOP-VERIFY-CORRECT: How to combat misinformation online, in print and media This guide breaks down the processes of how mis- and dis-information works, and how it is able to use emotion and deception to spread across social media, the internet, and the press. Stop - Verify - Correct When you encounter a piece of news that is shocking, outrageous, emotive and visceral, always stop to assess the situation.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Maintaining persistence through deception: The threat of fake iOS updates

Jamf

Discover how fake iOS updates could threaten mobile security. Stay vigilant and secure your Apple devices against evolving cyber threats.

Security 106
article thumbnail

New Malvertising Campaign Impersonates Google Authenticator

KnowBe4

Researchers at Malwarebytes spotted a malvertising campaign that abused Google Ads to target people searching for Google Authenticator.

article thumbnail

This EcoFlow portable battery powered my whole home during recent outages

Collaboration 2.0

The EcoFlow Delta Pro Ultra is capable of powering an entire home, but it's especially outstanding with the EcoFlow Smart Home Panel 2.

IT 98
article thumbnail

Approaching AI at the National Library of Scotland

CILIP

Approaching AI at the National Library of Scotland Image of the National Library of Scotland by Magnus Hagdorn, from Flickr Robert Cawston, Director of Digital and Service Transformation, introduces a new AI Statement for the National Library of Scotland. This article is featured in the AI hub Approaching the hype cycle Despite the rapid developments in large language models (LLMs) and generative AI tools over the last 12-18 months, for many we remain at the “jagged frontier”(1) of AI capabiliti

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

This $20 USB-C cable I recommend comes with a useful digital display

Collaboration 2.0

The ChargerLAB Power-Z AK001 USB-C cable includes a power meter that's super handy for seasoned technicians and hobbyists alike.

98
article thumbnail

Top three challenges of threat hunting

OpenText Information Management

Our series on threat hunters has covered what they are and what they do. This week’s post highlights two common mistakes threat hunters make and the three biggest challenges they face, according to a recent study by the University of Victoria [insert link]. The bottom line is that these mistakes and challenges cost time and attention, which increases risk.

article thumbnail

The AI scams infiltrating the knitting and crochet world - and how to spot them

Collaboration 2.0

AI can create unexpected problems for crafters. Here's what to watch out for, and why it matters even if you don't crochet.

IT 98