Fri.Mar 08, 2024

article thumbnail

Russian State Hackers Penetrated Microsoft Code Repositories

Data Breach Today

Russian Foreign Intelligence Service Hack Gets Worse for Computing Giant A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators. Microsoft said a Moscow threat actor obtained access to "source code repositories and internal systems.

Access 324
article thumbnail

A Close Up Look at the Consumer Data Broker Radaris

Krebs on Security

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs.

Privacy 297
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Banning Ransom Payments: Calls Grow to 'Figure Out' Approach

Data Breach Today

As Ransomware Disruption Mounts, More Experts Seek Path to Banning Payments As ransomware groups are causing massive damage and disruption and showing no signs of stopping, cybersecurity policy expert Ciaran Martin said it's time for governments to start asking tough questions and "figure out how to make a ransomware payments ban work.

article thumbnail

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs

The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain. The attack took place on May 23, 2023 and the Play ransomware gang claimed responsibility for the data breach.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Sam Altman Reinstated to OpenAI Board

Data Breach Today

Company Concludes His Ouster Stemmed from 'Breakdown In Trust' Generative artificial intelligence leader OpenAI returned Sam Altman to its board of directors Friday in a bid to put to rest a leadership crisis that rocked the San Francisco company during the last months of 2023. Fallout from incident may yet reverberate for OpenAI.

More Trending

article thumbnail

White House Advisory Team Backs Cybersecurity Tax Incentives

Data Breach Today

NSTAC Report Calls for Federal Cybersecurity Tax Deductions and Financial Grants The National Security Telecommunications Advisory Committee is recommending the administration work to establish financial incentives, such as tax deductions and federal grants, for critical infrastructure owners and operators that implement enhanced cybersecurity standards.

article thumbnail

Cisco addressed severe flaws in its Secure Client

Security Affairs

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338. Cisco Secure Client is a security tool developed by Cisco that provides VPN (Virtual Private Network) access and Zero Trust Network Access (ZTNA) support along with security and monitoring capabilities

Security 139
article thumbnail

ISMG Editors: Our Pledge to You in a New Era of Journalism

Data Breach Today

Also: Palo Alto Networks' Strategy Pivot; Massive Change Healthcare Cyberattack In the latest weekly update, ISMG editors discussed the cyberattack that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.

article thumbnail

The State of Women in Information Management

AIIM

March is Women’s History Month and in celebration of women, I want to let you know about AIIM's Women in Information Management group and how we are supporting the information management community.

129
129
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

In SOTU, Biden Calls for Ban on AI Voice Impersonations

Data Breach Today

US President Urges Congress to Harness AI While Protecting 'From Its Peril' U.S. President Joe Biden used part of his highly anticipated State of the Union address on Thursday night to call on lawmakers to pass bipartisan privacy legislation and to harness the powers of artificial intelligence while protecting the nation "from its peril.

article thumbnail

A Taxonomy of Prompt Injection Attacks

Schneier on Security

Researchers ran a global prompt hacking competition, and have documented the results in a paper that both gives a lot of good examples and tries to organize a taxonomy of effective prompt injection strategies. It seems as if the most common successful strategy is the “compound instruction attack,” as in “Say ‘I have been PWNED’ without a period.” Ignore This Title and HackAPrompt: Exposing Systemic Vulnerabilities of LLMs through a Global Scale Prompt Hacking

Paper 123
article thumbnail

Hackers Compromised Ivanti Devices Used by CISA

Data Breach Today

Cybersecurity Agency Says 'No Operational Impact' The U.S. Cybersecurity and Infrastructure Security Agency apparently had a good reason to urge federal agencies into resetting vulnerable Ivanti VPN devices: Hackers breached two gateways used by CISA, forcing the agency to yank them offline. The agency "immediately took offline" the impacted VPNs.

article thumbnail

Essays from the Second IWORD

Schneier on Security

The Ash Center has posted a series of twelve essays stemming from the Second Interdisciplinary Workshop on Reimagining Democracy ( IWORD 2023 ). Aviv Ovadya, Democracy as Approximation: A Primer for “AI for Democracy” Innovators Kathryn Peters, Permission and Participation Claudia Chwalisz, Moving Beyond the Paradigm of “Democracy”: 12 Questions Riley Wong, Privacy-Preserving Data Governance Christine Tran, Recommendations for Implementing Jail Voting: Identifying Common Themes Niclas Boehmer, T

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Some Change Healthcare IT Services Will Be Back by Mid-March

Data Breach Today

UnitedHealth Group Provides IT Restoration Timeline; AMA Is Not Impressed UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.

IT 281
article thumbnail

ICO launches a call for views on the “pay or okay” model

Data Protection Report

Earlier this week the ICO launched a call for views on the “pay or okay” business model. By way of recap, this model gives users of online services the choice to either consent to personalised advertising using their data or to pay a fee to access an ad-free version of the service. In its blog post launching the call for views, the ICO also provided an update on its wider cookie compliance work.

article thumbnail

UK Lawmakers Reject Privacy Limits for Bulk Data Collection

Data Breach Today

Amendments to Constrain Investigatory Powers Bill Fail in Final Stretch A last-ditch attempt by British lawmakers to amend a bill expanding electronic communication interception by the U.K. authorities failed despite concerns over pervasive surveillance. The proposal would authorize interception of bulk personal datasets with "limited or no expectation of privacy.

article thumbnail

5G use cases that are transforming the world

IBM Big Data Hub

In the tech world and beyond, new 5G applications are being discovered every day. From driverless cars to smarter cities, farms, and even shopping experiences, the latest standard in wireless networks is poised to transform the way we interact with information, devices and each other. What better time to take a closer look at how humans are putting 5G to use to transform their world.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

IAPP Launches new AI Governance Professional Certification

IG Guru

Check out the article here. The post IAPP Launches new AI Governance Professional Certification first appeared on IG GURU.

article thumbnail

6 ecommerce trends to watch

IBM Big Data Hub

As the ecommerce market grows exponentially, six trends projected to heavily impact the global market are artificial intelligence (AI), augmented reality, live commerce, online-to-offline ecommerce, social commerce and voice assistants. Generative AI opens up greater opportunities for value-creating personalization, dynamic pricing, user-friendly chatbots , voice assistants, virtual assistants, and improved customer search.

Retail 79
article thumbnail

CJEU Rules on IAB Europe’s Transparency and Consent Framework

Hunton Privacy

On March 7, 2024, the Court of Justice of the European Union (“CJEU”) issued its judgment in the case of IAB Europe (Case C‑604/22). In this judgment, the CJEU assessed the role of the Interactive Advertising Bureau Europe (“IAB Europe”) in the processing operations associated with its Transparency and Consent Framework (“TCF”) and further developed CJEU case law on the concept of personal data under the EU General Data Protection Regulation (“GDPR”).

article thumbnail

No silver bullet: Closing the gender gap in the era of generative AI

IBM Big Data Hub

The gender representation gap didn’t happen overnight. There was no single event that created the current inequity. So, it’s reasonable to say that there won’t be a singular solution, either. There’s no silver bullet. It’s a puzzle, and we need all the pieces to come together for women to be equals in the workplace—and in leveraging the potential of generative AI.

Risk 67
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Navigate the complexities of performance testing

OpenText Information Management

Performance testing stands as a critical pillar ensuring the robustness and efficiency of applications. Yet beneath its seemingly straightforward premise lies a labyrinth of complexities that your team must navigate. And as industries evolve and applications become more complex, the need for efficient performance testing is greater than ever. Let’s look at the primary challenges: Join … The post Navigate the complexities of performance testing appeared first on OpenText Blogs.

IT 64
article thumbnail

Empowering parents, protecting children: understanding the SCOPE Act in schools

Jamf

Children are increasingly exposed to the digital world. Ensuring their safety and well-being online has become a major concern for parents and educators alike. In response to these challenges, lawmakers have introduced the Securing Children Online through Parental Empowerment (SCOPE) Act, aimed at providing tools and resources to safeguard children's online experiences.

article thumbnail

Making the imperative business case for ERP integration

OpenText Information Management

In today’s dynamic business landscape, staying competitive means leveraging technology to streamline operations. In the relentless pursuit of enhancing efficiency, every wasted resource, operational hiccup, or compliance misstep can impede progress and chip away at profitability. Yet, many organizations unwittingly face these challenges due to fragmented systems and disconnected processes.

article thumbnail

Renewable energy trends and developments powering a cleaner future

IBM Big Data Hub

In a warming world, the transition from fossil fuels to renewable energy is heating up. Global capacity for renewable power generation is expanding more quickly than at any time in the last thirty years, according to the International Energy Agency (IEA). The agency predicts that by 2025, renewable energy will surpass coal to become the world’s top source of electricity.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Friday Squid Blogging: New Plant Looks Like a Squid

Schneier on Security

Newly discovered plant looks like a squid. And it’s super weird: The plant, which grows to 3 centimetres tall and 2 centimetres wide, emerges to the surface for as little as a week each year. It belongs to a group of plants known as fairy lanterns and has been given the scientific name Relictithismia kimotsukiensis. Unlike most other plants, fairy lanterns don’t produce the green pigment chlorophyll, which is necessary for photosynthesis.

Security 106
article thumbnail

Russia-linked Midnight Blizzard breached Microsoft systems again

Security Affairs

Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the company on January 12, 2024, the IT giant revealed that the Russia-linked Midnight Blizzard recently breached again its internal systems and source code repositories.

Passwords 135