Mon.Oct 14, 2024

article thumbnail

LLMs Fail Middle School Word Problems, Say Apple Researchers

Data Breach Today

AI Mimics Reasoning Without Understanding, Struggles With Irrelevant Data Cutting-edge large language models would fail eighth grade math, say artificial intelligence researchers at Apple - likely because AI is mimicking the process of reasoning rather than actually engaging in it. Researchers asked LLMs to solve math word problems.

article thumbnail

The War on Passwords Is One Step Closer to Being Over

WIRED Threat Level

“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

Passwords 141
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Oil and Gas Firms Aware of Cyber Risks

Data Breach Today

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.

Insurance 297
article thumbnail

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement operation that led to the shutdown of the dual dark web marketplace Bohemia/Cannabia. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 133
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Revenue Cycle Vendor Notifying 400,000 Patients of Hack

Data Breach Today

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

IT 295

More Trending

article thumbnail

Congress Seeks Urgent Action After Chinese Telecom Hack

Data Breach Today

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

article thumbnail

"Operation Kaerb" Takes Down Sophisticated Phishing-as-a-Service Platform “iServer”

KnowBe4

A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims.

Phishing 122
article thumbnail

Most EU Nations to Miss Upcoming NIS2 Deadline

Data Breach Today

Only Six Nations Have Incorporated NIS2 Into National Statute Most European countries are set to miss a trading bloc deadline for implementing a key cybersecurity regulation that requires measures such as mandatory security auditing for essential services such as hospitals and banks. Just six countries have integrated the NIS2 directive into national law.

article thumbnail

U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23113 (CVSS score 9.8) Fortinet Multiple Products Format String Vulnerability.

IT 120
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Sextortion Scammers Attempt to Hit “Close to Home”

KnowBe4

We live in a world where, despite the sharing of information online, we feel like those interactions will never reach home. But a new scam – covered on WTSP Tampa Bay’s Channel 10 news – demonstrates how scammers will use personal details to throw the victim into a panic when extorting them for money.

Phishing 116
article thumbnail

Fidelity Investments suffered a second data breach this year

Security Affairs

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. “Between August 17 and August 19, a third party accessed and obtained certain information

article thumbnail

Meet SmartRisk Agent™: Unlock Your New Human Risk Management

KnowBe4

Depending on who you ask, between 70 and 90 percent of cyber risk has human error as the root cause. That's why Human Risk Management (HRM) is so important. And here is the next major advance in HRM. We're thrilled to announce the second version of our risk score architecture. It is so far advanced we have renamed—promoted really—our initial "Virtual Risk Officer" to SmartRisk Agent™.

Risk 119
article thumbnail

Nation-state actor exploited three Ivanti CSA zero-days

Security Affairs

An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: CVE-2024-9380 (CVSS score: 7.2) – an OS command injection vulnerability in the admin web console of Ivanti CSA

Cloud 135
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

How Apple Watch helped me hit a hole-in-one on the golf course

Collaboration 2.0

Apple's high-frequency motion API supports unique data collection, and surprisingly enough, it has improved my golf game.

article thumbnail

Perfectl Malware

Schneier on Security

Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on ma

Mining 93
article thumbnail

The budget Android tablet I recommend has a dazzling display that looks twice the price

Collaboration 2.0

Blackview's Mega 1 is an 11.5-inch Android 13 tablet with a brilliant 120Hz display and 24GB of RAM at a surprisingly low price point.

98
article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at SOSS Fusion 2024 in Atlanta, Georgia, USA. The event will be held on October 22 and 23, 2024, and my talk is at 9:15 AM ET on October 22, 2024. The list is maintained on this page.

63
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Oura Ring Gen 3 Horizon: Enhanced features, no more flat spot

Collaboration 2.0

It's been a year since Oura revealed its Gen 3 Ring and it has rolled out several updates since that release. The new model delivers the same software and data, but its design is perfectly round with no flat spot.

IT 98
article thumbnail

2024 Thales Global Data Threat Report: Trends in Financial Services

Thales Cloud Protection & Licensing

2024 Thales Global Data Threat Report: Trends in Financial Services madhav Tue, 10/15/2024 - 05:17 Financial services (FinServ) firms are key players in the global economy. Given the sensitive and high-value nature of the information they house and handle, it’s no surprise that these institutions are heavily regulated and frequently find themselves in the crosshairs of malicious actors.

article thumbnail

The Apple Pencil Pro just dropped in price again, just days after Prime Day

Collaboration 2.0

The Apple Pencil Pro may seem like an expensive add-on after purchasing the latest iPad Pro or iPad Air, but fortunately, it's dropped to $90 following October Prime Day.

IT 98
article thumbnail

How Rapid ID Is Transforming Law Enforcement Mobile Operations

HID Global

Discover how Rapid ID mobile biometric identification systems transform law enforcement operations for faster, more accurate identification in the field.

52
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

One of the newest EcoFlow portable batteries is only $159 now

Collaboration 2.0

If you need a lightweight portable battery that won't break the bank, check out the EcoFlow River 3, especially at only $159 right now.

97
article thumbnail

If it’s not written down… how does black history survive beyond the archive?

CILIP

If it’s not written down… how does black history survive beyond the archive? How could the unwritten story of an enslaved black woman force the world’s most powerful nation to recalibrate one of its most revered men nearly 200 years after she died? Here author Tammye Huf explains the significance of the story of Sally Hemings and Thomas Jefferson to her own work, and how important it is to keep family histories alive.

article thumbnail

Forget Wi-Fi: How to add a wired network to your home without Ethernet cable

Collaboration 2.0

Running Ethernet wiring can be a messy, expensive job. If you have cable outlets, you can use an inexpensive adapter to set up a high-speed wired connection with minimal effort. And it works no matter where you get your internet.

IT 76
article thumbnail

Gimmal Launches the First-of-its-Kind RIOT Data Assessment Solution

Gimmal

High value, Inaccessible data can become discoverable and then Readable in Preserve365 October 14, 2024 – Houston, TX – Gimmal , the market’s only end-to-end information governance platform, in partnership with Preservica , the leader in Active Digital Preservation archiving, is excited to launch a new RIOT (Redundant, Inaccessible, Obsolete, and Trivial) Data Assessment to help organizations unlock the value of and eliminate the hidden risk from unreadable files and inaccessible data formats. &

ROT 52
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Microsoft may have an audio-to-image generator in the works, new patent shows

Collaboration 2.0

Your meetings could soon be enhanced with live image generation.

76
article thumbnail

GUEST ESSAY: Achieving end-to-end data security with the right ‘fully homomorphic encryption’

The Last Watchdog

Everyone knows the cost and frequency of data breaches are rising. The question is, do you know if your data is truly secure? I have news for you. It’s not. Related: The Biden-Harris push for supply chain resilience. Why? Many companies rely on regular encryption to safeguard data, the organization’s crown jewel. But it only goes so far. Mainstream encryption solutions only protect data in transit and at rest.

article thumbnail

Gmail users, beware of new AI scam that looks very authentic

Collaboration 2.0

A spoofed phone number, an email address plus an AI voice are all it takes to steal your Google credentials. Here's what to look out for, just in case, you happen to find yourself in such a situation.