Mon.Mar 04, 2024

article thumbnail

Microsoft: Look to Supply Chains, Zero Trust for AI Security

Data Breach Today

Tech Giant Shares Major Threats, Potential Safeguards for Firms Using AI The rapid rise of artificial intelligence technologies poses new risks. Enterprises using AI must regularly scan for prompt injection attacks, implement transparency in the supply chain and reinforce built-in software controls to serve their company's security needs, Microsoft said.

article thumbnail

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

The Last Watchdog

Charities and nonprofits are particularly vulnerable to cybersecurity threats, primarily because they maintain personal and financial data, which are highly valuable to criminals. Related: Hackers target UK charities Here are six tips for establishing robust nonprofit cybersecurity measures to protect sensitive donor information and build a resilient organization.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Optum Offering Financial Aid to Some Providers Hit by Outage

Data Breach Today

But Hospital Lobby Group Contends Funding Is 'Onerous' and 'Exceedingly' Limited Two weeks into a major cyberattack-induced outage at its Change Healthcare business, UnitedHealth Group is offering short-term financial aid to some healthcare providers whose cash flows may be running short because of the disruption in insurance payments. But not everyone is impressed.

Insurance 283
article thumbnail

New GTPDOOR backdoor is designed to target telecom carrier networks

Security Affairs

Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier networks. I recently found two very interesting Linux binaries uploaded to Virustotal.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Are You as Competent as You Think You Are?

Data Breach Today

The Dunning-Kruger Effect and the Truth About How You Evaluate Your Career Skills Knowing how competent we are and how we stack up against peers gives us the ability to decide when we can proceed based on our own experience and when we need to seek advice. But psychological research says we are lousy at evaluating our own capabilities and frequently overestimate our skills.

266
266

More Trending

article thumbnail

German Police Shut Underground Crimemarket Forum

Data Breach Today

3 Arrested and Domain Shuttered in the Investigation by Düsseldorf Police German police say they arrested operators behind one of the largest cybercrime underground marketplaces in the country and seized its domains as part of a two-year-long investigation into the group. Police arrested three suspected operators of the platform, including the alleged site admin.

IT 266
article thumbnail

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

WIRED Threat Level

The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

article thumbnail

Mobile-Driven Phishing Spoofs FCC, Cryptocurrency Giants

Data Breach Today

Researchers Say Hackers Used Fake Login Pages to Trick 100 Victims, Crypto Workers A new phishing campaign is targeting victims through mobile devices by mirroring legitimate login pages for the Federal Communications Commission and large cryptocurrency platforms including Binance and Coinbase. At least 100 victims, including crypto company employees, have fallen for the scam.

Phishing 250
article thumbnail

LLM Prompt Injection Worm

Schneier on Security

Researchers have demonstrated a worm that spreads through prompt injection. Details : In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG) , a way for LLMs to pull in extra data from outside its system.

Paper 132
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Experts Warn of Risks in Memory-Safe Programming Overhauls

Data Breach Today

They Say Rewriting Software Could Overwhelm Firms and Introduce New Vulnerabilities A new report from the Office of the National Cyber Director calls for the universal adoption of memory-safe programming languages, but experts warned ISMG the process of overhauling legacy information technology and high-impact code can be daunting, costly and risky.

Risk 240
article thumbnail

Some American Express customers’ data exposed in a third-party data breach

Security Affairs

American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that their credit card information has been compromised in a data breach involving a third-party merchant processor. The company did not disclose the number of impacted customers. “We became aware that a third party service provider engaged by numerous merchants experienced unauthorized access to its system.&#

article thumbnail

Rights Groups Call Out Shortcomings in EU Convention on AI

Data Breach Today

Critics Fear Exceptions for Private Sector, National Security Could Weaken Privacy Privacy groups are urging European lawmakers finalizing the global treaty on artificial intelligence to tighten rules surrounding the use of AI by the private sector and states. Lawmakers and other country representatives are set to meet for final negotiations on the treaty on March 11.

article thumbnail

META hit with privacy complaints by EU consumer groups

Security Affairs

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction the company Meta – which owns Facebook, Instagram and WhatsApp – for allegedly breaching privacy rules. Earlier this week, Meta announced it will set up a team to tackle disinformation and the abuse of generative AI in the run-up to the European Parliament elections – amid concerns a

Privacy 132
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Integrating Aristotelian virtues to guide the responsible use of AI in manufacturing

CGI

As we stand at the crossroads of innovation and progress in the ever-evolving landscape of technology, the wisdom of ancient Greek philosophers resonates with profound relevance, especially for an individual of Greek heritage like me. In particular, there is a strong connection between ancient philosophy and artificial intelligence (AI). I examine the intersection of Aristotle's virtues and AI in the context of manufacturing production, exploring how the principles can inform the ethical design

article thumbnail

How to become an AI+ enterprise

IBM Big Data Hub

We have all been witnessing the transformative power of generative artificial intelligence (AI), with the promise to reshape all aspects of human society and commerce while companies simultaneously grapple with acute business imperatives. In 2024, companies confront significant disruption, requiring them to redefine labor productivity to prevent unrealized revenue, safeguard the software supply chain from attacks, and embed sustainability into operations to maintain competitiveness.

article thumbnail

What the NFL can teach us about building a winning data security strategy

Thales Cloud Protection & Licensing

What the NFL can teach us about building a winning data security strategy madhav Tue, 03/05/2024 - 05:08 When it comes to data security, a unified approach is crucial. Cybersecurity should be viewed as a team effort, with defense, offense, and kicking teams all executing the focused game plan. In fact, many parallels can be drawn between cybersecurity and gridiron football.

article thumbnail

5G advantages and disadvantages: What business leaders need to know

IBM Big Data Hub

If you’re in the technology sector (or really, if you’re involved in any business that relies on digital technology at all), you’ve likely heard the buzz around 5G. The latest high-speed cellular network standard is poised to transform wireless connectivity as we know it and usher in a new age of digital transformation. Like any new technology, however, it’s wise to take a step back and consider the pros and cons before diving in.

Cloud 94
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company , Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country.

Military 141
article thumbnail

UK government’s response to AI White Paper consultation: next steps for implementing the principles

Data Protection Report

The authors acknowledge the assistance of Salma Khatab, paralegal, in researching and preparing some aspects of this blog The UK Department for Science, Innovation, and Technology (DSIT) has published its response to its consultation on its white paper, ‘A pro innovation approach to AI regulation ’ (the Response). The Response outlines key investment initiatives and regulatory steps.

Paper 64
article thumbnail

Webinar: Preserve365: World-Class Digital Preservation in your Microsoft 365 environment via Preservica on March 26th at 11am ET

IG Guru

Join Preservica on March 26th at 11am ET for a live replay of our launch webinar featuring a panel of industry experts as we explore the challenges and importance of managing long-term records in Microsoft 365. With nearly 30% of Microsoft data needing to be retained for more than 7 years, the sheer scale of […] The post Webinar: Preserve365: World-Class Digital Preservation in your Microsoft 365 environment via Preservica on March 26th at 11am ET first appeared on IG GURU.

article thumbnail

Register now for the Jamf Event this April 9

Jamf

Discover new and better ways to improve Mac ROI and increase Apple security. Learn ways to securely manage iPad and iPhone devices.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The libraries and K&IM skillset of the future

CILIP

Employers and educators discuss the libraries and K&IM skillset of the future Pictured from left: Sonia Ramdhian, Director of Sector Development, CILIP, The CILIP Employers Forum 2024 brought together delegates from fifty different organisations in the library and information science sector to discuss how the workforce can adapt to make librarians and knowledge managers become leaders in AI.

article thumbnail

NIST Releases Cybersecurity Framework 2.0

Hunton Privacy

On February 26, 2024, the National Institute of Standards and Technology (“NIST”) announced the release of Version 2.0 of its voluntary Cybersecurity Framework (“CSF”). The first iteration of the CSF was released in 2014 as a result of an Executive Order, to help organizations understand, manage, and reduce their cybersecurity risks. The original CSF was developed for organizations in the critical infrastructure sector, such as hospitals and power plants, but has since been voluntarily implement

article thumbnail

AI and AI policy top the agenda at CILIP Supplier Forum

CILIP

AI and AI policy top the agenda at CILIP Supplier Forum CILIP's outgoing CEO Nick Poole led 'Developing your AI policy', a workshop which provided practical insights and activities for delegates to begin creating their own organisational AI policy. This article is featured on the AI hub AI policy is set to become the new GDPR, and the release of the UK government’s AI Regulation White Paper this month is accelerating government action on building a legal framework for AI regulation.

article thumbnail

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

State actors actively attack Ivanti, Ubiquity, and Microsoft’s Windows AppLocker, and ransomware attackers probe for unpatched ScreenConnect servers in this week’s vulnerability recap. Apply patches as fast as possible to avoid attacks and the subsequent possible expenses and liabilities associated with breaches and remediation. February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect.

IoT 117
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.