Data Breach Today
SEPTEMBER 28, 2023
Also, New Malware Targets New Bitwarden Users This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.
Data Matters
SEPTEMBER 28, 2023
Companies are facing more attacks on their information systems. And, as their cyber risk skyrockets, the SEC has stepped in with new regulations, telling businesses what to disclose about these incidents — and requiring detailed disclosures on cyber risk management more broadly. With the deadline for compliance fast approaching, businesses are scrambling to mitigate their legal risk and comply with regulations that some say may be an overreach.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 28, 2023
From Paying Ransoms to Rebuilding IT Systems, Here's What the Response Looked Like A medical center president and school district IT leader talked to lawmakers Wednesday about lessons learned from their experiences responding to harrowing ransomware attacks. 'The cyberattack was much harder than the pandemic by far,' said Vermont Medical Center President Stephen Leffler.
Security Affairs
SEPTEMBER 28, 2023
Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, CTO of Betterworks, will explore a practical framework to transform Generative AI prototypes into
Data Breach Today
SEPTEMBER 28, 2023
Affiliates Relied on Less Complex, Trackable Methods, It Says Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. Only a sliver transacted with a crypto mixer.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 28, 2023
VPN Service Behemoth Doubles Valuation In Just 17 Months Despite Economic Headwinds The maker of the world's most popular VPN service hauled in $100 million on a $3 billion valuation to accelerate growth through mergers and acquisitions. The Warburg Pincus-led investment will allow the Lithuania-based internet privacy and security vendor to expand its product offering.
Dark Reading
SEPTEMBER 28, 2023
CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.
Data Breach Today
SEPTEMBER 28, 2023
Limited Details Disclosed but Google said it is a Heap-based Buffer Overflow Bug Google rolled out an urgent Chrome browser security update to address a zero day actively exploited by a commercial spyware vendor. The high-severity bug is the fifth zero day patched by Chrome this year. Google did not provide details, only stating that it is aware of an exploit in the wild.
Security Affairs
SEPTEMBER 28, 2023
US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Data Breach Today
SEPTEMBER 28, 2023
Also: Web3 Lost $889M in Q3, Hackers Stole from HTX, Nansen, OpenSea This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.
Security Affairs
SEPTEMBER 28, 2023
Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.
Data Breach Today
SEPTEMBER 28, 2023
Proposed Class Action Claim Against Amerita Linked to Larger PharMerica Breach Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its parent company, PharMerica, which reported a breach affecting nearly 6 million individuals. Amerita recently reported its own breach that affected about 220,000 people.
KnowBe4
SEPTEMBER 28, 2023
Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Dark Reading
SEPTEMBER 28, 2023
So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.
KnowBe4
SEPTEMBER 28, 2023
Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
Dark Reading
SEPTEMBER 28, 2023
The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.
KnowBe4
SEPTEMBER 28, 2023
Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
WIRED Threat Level
SEPTEMBER 28, 2023
A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.
KnowBe4
SEPTEMBER 28, 2023
The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.
Jamf
SEPTEMBER 28, 2023
In this episode of Jamf After Dark, Matt Woodruff, Senior Sales Engineer at Jamf, joins co-hosts Sean Rabbitt and Kat Garbis to discuss his time at Black Hat and the 2023 Security 360: Annual Trends Report.
KnowBe4
SEPTEMBER 28, 2023
The latest cyber claims report from Coalition , a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
SEPTEMBER 28, 2023
Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.
KnowBe4
SEPTEMBER 28, 2023
A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
IBM Big Data Hub
SEPTEMBER 28, 2023
According to a recent IBV study , 64% of surveyed CEOs face pressure to accelerate adoption of generative AI, and 60% lack a consistent, enterprise-wide method for implementing it. An AI and data platform, such as watsonx, can help empower businesses to leverage foundation models and accelerate the pace of generative AI adoption across their organization.
KnowBe4
SEPTEMBER 28, 2023
A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.
Advertisement
While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.
Dark Reading
SEPTEMBER 28, 2023
Artificial intelligence and machine learning aren't yet delivering on their cybersecurity promises. How can we close the gaps?
KnowBe4
SEPTEMBER 28, 2023
Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM).
Dark Reading
SEPTEMBER 28, 2023
Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
Expert insights. Personalized for you.
287 
Let's personalize your content