Thu.Mar 14, 2024

article thumbnail

CEO of data privacy company Onerep.com founded dozens of people-search firms

Krebs on Security

The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.

article thumbnail

Experts Say Chinese Safes Pose Risks to US National Security

Data Breach Today

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S. businesses, institutions and the public - after a senator urged the government to update its publicly available information about the threat associated with Chinese-made safes.

Risk 299
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Researchers found multiple flaws in ChatGPT plugins

Security Affairs

Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ChatGPT plugins are additional tools or extensions that can be integrated with ChatGPT to extend its functionalities or enhance specific aspects of the user experience.

Access 143
article thumbnail

Breach Roundup: US FCC Authorizes IoT Cybersecurity Label

Data Breach Today

Also: Catching Up With Spain's Most Dangerous Hacker This week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Cisco fixed high-severity elevation of privilege and DoS bugs

Security Affairs

Cisco this week addressed high-severity elevation of privilege and denial-of-service (DoS) vulnerabilities in IOS RX software. Cisco addressed multiple vulnerabilities in IOS RX software, including three high-severity issues that can be exploited to elevate privileges and trigger a denial-of-service (DoS) condition. The vulnerability CVE-2024-20320 is a Cisco IOS XR Software SSH privilege escalation vulnerability.

More Trending

article thumbnail

Automakers Are Sharing Driver Data with Insurers without Consent

Schneier on Security

Kasmir Hill has the story : Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people’s driving.

Insurance 139
article thumbnail

Ready to Do Business With Machine Customers?

Data Breach Today

Gartner VP Analyst on How Machines and AI Are Shaping Commerce and Cybersecurity Machines are gradually taking on activities of human customers such as research, negotiations and user reviews. The rise of the AI customers marks a shift from machines as passive tools to active participants in economic transactions, said Donald Scheibenreif, vice president and analyst at Gartner.

article thumbnail

Recent DarkGate campaign exploited Microsoft Windows zero-day

Security Affairs

Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited the Windows zero-day flaw CVE-2024-21412 using fake software installers. CVE-2024-21412 (CVSS score 8.1) is an Internet Shortcut Files Security Feature Bypass Vulnerability.

Phishing 138
article thumbnail

UK Council's Vision: Set High Standards in Cybersecurity

Data Breach Today

Claudia Natanson on Building Professionalism, Adding Diversity, Attracting Talent Six years after it was founded, the UK Cyber Security Council is taking a multipronged approach to building professionalism in the industry. Board Chair Claudia Natanson discussed the council's journey, its role in shaping industry standards and efforts to foster diversity and narrow the skills gap.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New Research: BEC Attacks Rose 246% in 2023

KnowBe4

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest.The researchers believe the increase is due to widely available phishing kits that facilitate BEC.

Phishing 126
article thumbnail

Researchers Uncover Vulnerabilities in ChatGPT Plug-Ins

Data Breach Today

Potential Zero-Click Account Takeover Exploit Is Among Identified Vulnerabilities Researchers at security firm Salt Security have uncovered multiple vulnerabilities in third-party plug-ins used in ChatGPT, including a zero-click account takeover flaw that was triggered when users attempted to install the plug-in using their ChatGPT accounts.

Security 287
article thumbnail

FCC Updated Data Breach Notification Rules Go into Effect Despite Challenges

Hunton Privacy

On March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect. They were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). The Rules went into effect despite challenges brought in the United States Court of Appeals for the Sixth Circuit. Two trade groups, the Ohio Telecom Association and the Texas Association of Business, petitioned the United States Court of Appeals for the Sixth Circuit and

article thumbnail

Why HHS' Cybersecurity Goals Aren't Necessarily Voluntary

Data Breach Today

Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

KnowBe4

With QR-code phishing attacks on the rise, new data sheds light on just how unprepared organizations actually are in stopping and detecting these device-shifting attacks.

Phishing 119
article thumbnail

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Data Breach Today

Zscaler Purchase Aims to Revolutionize Zero Trust Cybersecurity With Advanced AI Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models. Zscaler said the purchase will help it strengthen its data quality and model efficiency to outpace AI weaponization by threat actors.

Security 283
article thumbnail

Organizations Are Vulnerable to Image-based and QR Code Phishing

KnowBe4

A majority of organizations have a false sense of security regarding their resistance to phishing attacks, according to a new report from researchers at IRONSCALES and Osterman Research.

Phishing 115
article thumbnail

Cryptohack Roundup: Crypto Losses

Data Breach Today

Also: Bitcoin Fog; EU's Sanctions Violation Law This week, amounts for crypto and phishing losses were released, the Bitcoin Fog operator was convicted, the EU approved rules to strengthen sanctions, the federal government sought to recover losses linked to pig butchering, and the Philippines blocked unlicensed crypto websites.

Phishing 283
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Amazon just bought a 100% nuclear-powered data center via electrek

IG Guru

Check out the article here. The post Amazon just bought a 100% nuclear-powered data center via electrek first appeared on IG GURU.

Risk 84
article thumbnail

Properly Vetting AI Before It's Deployed in Healthcare

Data Breach Today

The U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.

article thumbnail

Getting started with Kafka client metrics

IBM Big Data Hub

Apache Kafka stands as a widely recognized open source event store and stream processing platform. It has evolved into the de facto standard for data streaming, as over 80% of Fortune 500 companies use it. All major cloud providers provide managed data streaming services to meet this growing demand. One key advantage of opting for managed Kafka services is the delegation of responsibility for broker and operational metrics, allowing users to focus solely on metrics specific to applications.

Cloud 83
article thumbnail

Planning for Healthcare IT Resiliency on a Regional Basis

Data Breach Today

It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack but also to consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.

IT 259
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Tackling AI’s data challenges with IBM databases on AWS

IBM Big Data Hub

Businesses face significant hurdles when preparing data for artificial intelligence (AI) applications. The existence of data silos and duplication, alongside apprehensions regarding data quality, presents a multifaceted environment for organizations to manage. Also, traditional database management tasks, including backups, upgrades and routine maintenance drain valuable time and resources, hindering innovation.

article thumbnail

Biometrics Are the Missing Link in Healthcare Digital Transformation

HID Global

Learn how biometrics in healthcare can enhance access control, improve patient identification, ensure data privacy and security & streamline workflow.

article thumbnail

Maximizing business outcomes and scaling AI adoption with a Hybrid by design approach 

IBM Big Data Hub

For established businesses, the debate is settled: a hybrid cloud approach is the right strategic choice. However, while embracing hybrid cloud might be intrinsic, clients continually seek to derive business value and higher return on investment (ROI) from their investments. According to a study conducted by HFS Research in partnership with IBM Consulting®, only 25% of surveyed enterprises have reported solid ROI on business outcomes from their cloud transformation efforts.

Cloud 68
article thumbnail

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The future of 5G: What to expect from this transformational technology

IBM Big Data Hub

Since its rollout in 2019, 5G wireless networks have been growing in both availability and use cases. Apple was one of the first manufacturers to test the appetite for 5G in 2020 by offering its newest iPhone with 5G compatibility. From there, the floodgates opened, and today as much as 62% of smartphones are built with 5G connectivity (link resides outside ibm.com.

Cloud 59
article thumbnail

Keeping Customer Data Safe: AI's Privacy Paradox

Thales Cloud Protection & Licensing

Keeping Customer Data Safe: AI's Privacy Paradox andrew.gertz@t… Thu, 03/14/2024 - 17:38 AI's appeal lies in its ability to personalize and streamline customer experiences in ways previously unimaginable. Through sophisticated algorithms and machine learning capabilities, AI can analyze vast amounts of data to understand individual preferences and behavior patterns.

Privacy 71