Thu.Oct 17, 2024

article thumbnail

CISA Unveils 'Exceptionally Risky' Software Bad Practices

Data Breach Today

CISA and FBI Warn Software Providers to Avoid Risky Development Practices The Cybersecurity and Infrastructure Security Agency and the FBI released a joint advisory urging software providers to avoid risky practices like using memory-unsafe languages and other techniques that could jeopardize critical infrastructure and national security.

article thumbnail

Information Management Governance: Making the Most of Our Information

AIIM

The Importance of Information in Business In today's fast-paced business world, information is key. From making crucial decisions to tracking progress and evaluating strategies, having access to high-quality information is essential for success. That is where Information Management Governance comes into play.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ex-NCSC Chief: UK Cyber Incident Reporting a 'Good Step'

Data Breach Today

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty Fines The U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.

article thumbnail

Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Security Affairs

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647 , Storm-0978 , Tropical Scorpius , UAC-0180, UNC2596 ) targeting Ukrainian government agencies and Polish entities in a new wave of attacks since at least late 2023.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

AI Powers Cyera’s $162M Buy of Data Security Startup Trail

Data Breach Today

Trail Acquisition Brings Enhanced DLP, DSPM Integration, Safeguards Data in Motion With the $162 million buy of Trail Security, Cyera will offer customers AI-enhanced data loss prevention alongside its DSPM solution. The new platform promises stronger, real-time data protection for sensitive information both in motion and at rest, helping enterprises meet security demands.

Security 298

More Trending

article thumbnail

3 Longtime Health Centers Report Hacks Affecting 740,000

Data Breach Today

Data Thefts, Leaks Follow Continuing Trend in Healthcare: Expert A network of family health centers, a public medical center and a plastic surgery practice with nearly 180 years of combined service are among the latest healthcare groups reporting major data theft incidents to regulators. The three hacks affected nearly 740,000 patients and employees.

297
297
article thumbnail

Two Sudanese nationals indicted for operating the Anonymous Sudan group

Security Affairs

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime collective Anonymous Sudan that launched tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world

article thumbnail

CyberArk, Delinea, BeyondTrust Again Lead Gartner MQ for PAM

Data Breach Today

Wallix, One Identity Remain Visionaries as Securing Remote Work Takes Center Stage CyberArk, Delinea and BeyondTrust have maintained their positions atop the privileged access management market due to their adaptability to client needs, according to Gartner. The leaders quadrant remains unchanged from 2023 due to consistent performance and a strong focus on execution.

Marketing 290
article thumbnail

AI-Enhanced Cyber Attacks Top the List of Potential Threats Facing Data Security

KnowBe4

AI is quickly becoming the basis for more cyber attacks, leading organizations to realize the risk it presents. A new report now shows that AI-enhanced cyber attacks are now the top concern of security leaders.

Security 131
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Breach Roundup: Brazilian Police Arrest USDoD

Data Breach Today

Also: Internet Archive Limps Back Online, Beware Kerbertoasing and Passkey Takeup This week, Brazilian police arrested USDoD, Internet Archive is recovering, a Microsoft warning over Kerberoasting and of mounting phishing attacks, Google touted memory safety efforts, Volkswagen said no harm after ransomware attack, and Amazon reported over 175 million customers using passkeys.

Archiving 287
article thumbnail

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

Security Affairs

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific conditions. Only Kubernetes clusters with nodes using VM images from the Image Builder project and its Proxmox provider are impacted by this issue. “A security issue was discovered in the Kubernetes I

Access 140
article thumbnail

Why Cybersecurity’s Core Focus Should Be Defending Data

Data Breach Today

Mastercard’s Rigo Van den Broeck on Ensuring Cybersecurity in a Data-Driven World The proliferation of data in today’s hyperconnected world presents both opportunities and risks. Rigo Van den Broeck, executive vice president of cybersecurity at Mastercard, said the sheer scale and accessibility of data require organizations to adopt proactive cybersecurity strategies.

article thumbnail

GPS Jamming Is Screwing With Norwegian Planes

WIRED Threat Level

So much jamming is taking place in northeastern Norway, regulators no longer want to know.

Security 127
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

New York Financial Regulator Publishes AI Safety Guidance

Data Breach Today

Agency Details AI Cybersecurity Risks, Prevention, Mitigation Strategies Financial regulators with the state of New York on Wednesday published guidance to help organizations identify and mitigate cybersecurity threats related to artificial intelligence. The New York State Department of Financial Services said it's not imposing new requirements.

article thumbnail

The top 5 iPhone 16 Pro features power users will love

Collaboration 2.0

Apple's iPhone 16 series ushers in significant updates to both software and hardware. Here are the features that pro users will care about the most.

98
article thumbnail

Cryptohack Roundup: Feds Arrest Alleged SEC X Account Hacker

Data Breach Today

Also: Radiant Capital Hack and TD Bank Secrecy Act Guilty Plea This week, an arrest in the U.S. SEC X account hack, a Radiant Capital hack, market manipulation charges on 18 entities, Bitfinex update, Forcount promoter sentenced, Mt. Gox pushed repayment, an alleged fraudster fled, SEC charged Cumberland and TD Bank pleased guilty to BSA violations.

Marketing 281
article thumbnail

Does AI have the answers to what’s keeping transport and logistics executives up at night?

CGI

Transport and logistics, the lifeblood of our interconnected world, is currently facing unprecedented challenges that call for immediate action—from regulatory compliance and climate change to supply chain disruptions and digital acceleration. “Passenger flows have changed dramatically in the last couple of years, impacting bottom lines and cost structures.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

These bone-conducting headphones deliver the best sound - and a cool trick for swimmers

Collaboration 2.0

The H20 Tri headphones are perfect for outdoor activities - and they deliver actual bass! Plus: You can leave your phone at home and still listen to your music on the go.

96
article thumbnail

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Security Affairs

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately reported to VMware by Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) through the Trend Micro Zero Day Initiative (

article thumbnail

The best home EV chargers of 2024: Expert tested

Collaboration 2.0

We tested the best home EV chargers for your electric vehicle based on amperage, durability, and smart features, to help you choose the right one.

76
article thumbnail

Tech partner spotlight: Jamf and NavvTrack

Jamf

Keep precise track of your devices' locations — even within the office — with NavvTrack and Jamf.

72
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

NASA has a problem, and it's offering up to $3 million if you have a solution

Collaboration 2.0

The global competition has implications for Earth as well. Here's how to enter.

IT 76
article thumbnail

Master ERP modernization and streamline EDI at OpenText World 2024

OpenText Information Management

Join me at OpenText World 2024 in Las Vegas (November 19-21) where I’ll be hosting two live sessions that will equip you with the knowledge and tools to unlock the full potential of your business operations. Whether you're embarking on an ERP modernization journey or seeking cost-effective options for easy EDI integration , these sessions offer valuable insights and practical solutions.

article thumbnail

I tested Meta's limited edition Ray-Ban smart glasses, and they're a near-perfect wearable for me

Collaboration 2.0

Meta released 7,500 pairs of transparent glasses, and I secured a pair that impressed me with its camera, Meta AI responses, and audio playback performance.

article thumbnail

New York Department of Financial Services addresses cybersecurity risks from artificial intelligence

Data Protection Report

On October 16, 2024, the New York Department of Financial Services (“NYDFS” or “DFS”) issued guidance raising awareness about combatting cybersecurity risks arising from artificial intelligence (“AI”) used by DFS licensees, such as insurers and virtual currency businesses. Risks revolve around both threat actors’ use of AI offensively and businesses’ increasing AI reliance.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

8 reasons to avoid the latest Windows 11 update (hint: they're all bugs)

Collaboration 2.0

Microsoft's official 24H2 update for Windows 11 is saddled with a bunch of annoying and disruptive bugs. Here's what you may encounter if you jump to the new version right now.

76
article thumbnail

Nothing artificial about Learning Services’ intelligence!

OpenText Information Management

You don’t have to look far to find an article, opinion piece or academic paper espousing the transformative powers of generative artificial intelligence (AI). A McKinsey report estimates “that generative AI could add the equivalent of $2.6 trillion to $4.4 trillion annually” in productivity gains to the global economy. Foundry’s 2024 CIO Tech Priorities study finds “89% of IT decision-makers surveyed say they’re researching, piloting, or currently using AI-enabled technologies — up from 72% in 2

article thumbnail

Canceling a subscription is about to get a lot easier, thanks to new FTC rule

Collaboration 2.0

No more jumping through hoops to cancel a subscription or recurring membership. Here's how it'll work now.

76