Wed.Apr 24, 2024

article thumbnail

Cisco Fixes Firewall 0-Days After Likely Nation-State Hack

Data Breach Today

Networking Giant Dubs Campaign Against Government Customers 'Arcane Door' Probable nation-state hackers targeted Cisco firewall appliances in a campaign dating to late 2023, the networking giant disclosed Wednesday while releasing three patches, two of them rated critical. Cisco doesn't connect the hackers with a specific country. It dubs the campaign "Arcane Door.

article thumbnail

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

WIRED Threat Level

Sources suspect China is behind the targeted exploitation of two zero-day vulnerabilities in Cisco’s security appliances.

Access 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Major Areas of Cybersecurity Focus for Medical Device Makers

Data Breach Today

Medical device makers submitting products for premarket approval by the Food and Drug Administration often struggle the most with cybersecurity in three major areas - design controls, providing a software bill of materials and testing, according to Nastassia Tamari of the FDA.

article thumbnail

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Security Affairs

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos warned that the nation-state actor UAT4356 (aka STORM-1849) has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Login.gov to Test Facial Recognition Under New Leadership

Data Breach Today

Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service Login.gov, the federal government's single sign-on service, told staffers Wednesday that there would be a change in its top leadership starting next month as the organization ramps up plans to begin testing facial recognition technologies and new pricing models.

More Trending

article thumbnail

ThreatLocker Gets $115M to Fuel Zero Trust Defense, Eyes IPO

Data Breach Today

After Quintupling Revenue Over the Past 18 Months, ThreatLocker Wants to Go Public ThreatLocker completed a $115 million Series D funding round to further its zero trust cybersecurity ambitions. The Orlando-based company plans to use the funding to expand the number of applications it supports and prepare for a potential initial public offering.

article thumbnail

US offers a $10 million reward for information on four Iranian nationals

Security Affairs

The Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their role in cyberattacks against the U.S. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies.

Phishing 135
article thumbnail

Harnessing AI: A Step-by-Step Guide for Job Seekers

Data Breach Today

How ChatGPT Can Help You Write Your Job Application Documents Artificial intelligence offers innovative tools to refine your job application materials. This guide provides practical steps on how to use one common tool, ChatGPT, to enhance your resume and cover letter, ensuring they capture the attention of potential employers.

article thumbnail

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

WIRED Threat Level

More cities are cutting ties with ShotSpotter, the company whose microphones purport to detect gunshots. But new information shows that ShotSpotter is still sending data to local police in at least three cities, despite their contracts being canceled.

Privacy 129
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

AI Voice Cloning Pushes 91% of Banks to Rethink Verification

Data Breach Today

BioCatch Survey Report Focuses on New AI-Based Risks and Fraud-Fighting Solutions Banks are concerned about advancements in voice-cloning technology and the threat it poses to authentication. The failure of identity-centric solutions to combat synthetic identity fraud has convinced 91% of U.S. banks to reconsider their use of voice verification for major customers.

article thumbnail

Dan Solove on Privacy Regulation

Schneier on Security

Law professor Dan Solove has a new article on privacy regulation. In his email to me, he writes: “I’ve been pondering privacy consent for more than a decade, and I think I finally made a breakthrough with this article.” His mini-abstract: In this Article I argue that most of the time, privacy consent is fictitious. Instead of futile efforts to try to turn privacy consent from fiction to fact, the better approach is to lean into the fictions.

Privacy 116
article thumbnail

KnowBe4 Buys Egress to Aid Awareness Training, Email Defense

Data Breach Today

KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training Together KnowBe4 purchased an email security provider founded by a Check Point veteran to offer AI-based email protection and training that's automatically tailored relative to risk. Acquiring Egress will help organizations prevent, protect and defend against sophisticated email cybersecurity threats.

article thumbnail

Stronger Together: Join Thales & Imperva at RSA Conference 2024 Where the World Talks Security

Thales Cloud Protection & Licensing

Stronger Together: Join Thales & Imperva at RSA Conference 2024 Where the World Talks Security madhav Thu, 04/25/2024 - 05:17 In today’s increasingly connected and digital world, the cybersecurity industry stands as a bastion against a relentless tide of threats. Businesses in every sector are trying to digitally transform their operations using the cloud but are finding themselves in an increasingly tangled web of challenges.

Security 104
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Tines Raises $50M to Boost Enterprise-Focused AI Technology

Data Breach Today

Company to Focus on AI Solutions, Large Enterprise Growth After Series B Extension After closing a $50 million Series B extension led by Felicis and Accel, workflow platform provider Tines sets its sights on expanding its use beyond the security operations center and deepening its engagement with large enterprises by addressing industrywide challenges around AI implementation.

Security 147
article thumbnail

How to prevent prompt injection attacks

IBM Big Data Hub

Large language models (LLMs) may be the biggest technological breakthrough of the decade. They are also vulnerable to prompt injections , a significant security flaw with no apparent fix. As generative AI applications become increasingly ingrained in enterprise IT environments, organizations must find ways to combat this pernicious cyberattack. While researchers have not yet found a way to completely prevent prompt injections, there are ways of mitigating the risk.

article thumbnail

AI is Sexist, Racist and Homophobic

Data Breach Today

Regulation and Inclusive Training Data Can Help Reduce Bias, Experts Say Just because a machine says it, doesn't mean it's unbiased. In fact, you don't have to probe far to find underlying biases and prejudices in text composed by generative artificial intelligence. "If you look at historical text, they feature a lot of men in leadership roles," a UNESCO official said.

article thumbnail

Looking Back on the Channel Partner Event and Awards 2024

IT Governance

Previously , I had the pleasure of sitting down with Sophie Sayer, our Channel Sales Director, to talk about the IT Governance partner programme and partner event on 9 April 2024. Now that the drinks have been served and awards handed out, I caught up with her again. When I asked her how the event went, she said: The Channel Partner Event and Awards 2024 in Ely was an absolute triumph!

Sales 59
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Irrigation Records from Bureau of Indian Affairs Now Digitized

Unwritten Record

The records of the Bureau of Indian Affairs (BIA) Irrigation Division held by the Cartographic Branch are fully digitized and available to view and download from the National Archives Catalog. The records of the BIA Irrigation Division consist of maps showing Indian reservations and irrigation projects and plans for the construction of irrigation facilities and structures.

article thumbnail

Microsoft’s VASA-1 AI Unleashes the Future of Deepfakes with Single Image Transformation via Microsoft

IG Guru

Check out the article here. The post Microsoft’s VASA-1 AI Unleashes the Future of Deepfakes with Single Image Transformation via Microsoft first appeared on IG GURU.

article thumbnail

Google Cloud Next recap

Jamf

Google Cloud Next.

Cloud 40
article thumbnail

Successful 2024 Records Management Month Colloquium!

The Schedule

With over 260 participants, and led by the fabulous and insightful Trevor Owens and Chris Prom, this year’s SAA RMS Records Management Month Colloquium was a success! Thanks so much to everyone involved. You can access Trevor’s and Chris’s slides here.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Document Retention & Destruction Policy Guide

Docuware

Let’s say there were guidelines you could put in place that would protect your company from noncompliance fines, reduce storage costs and help avoid legal action and cyberthreats. Wouldn’t you want to establish them right away? It would be even better if these policies could be enforced automatically and without administrative effort. That’s where the creation of document retention policies comes in.

article thumbnail

RMS Section Meeting July 12th 2024, 2pm

The Schedule

Save the date for our annual section meeting in July! On July 12, 2-3:30 p.m., four presenters will share a sneak peek into their 2024 NAGARA presentation titled “Records Management Resurgence: Using Outreach, Education, and Cross-departmental Partnerships to Revive or Jumpstart a Records Program.” In this panel discussion, records management professionals from four different types of institutions will share methods they’ve used to bolster support and appreciation for the work RIM professionals

article thumbnail

Data privacy examples

IBM Big Data Hub

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. A school asks parents to verify their identities before giving out student information. These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used.