Fri.Dec 01, 2023

article thumbnail

North Korea's Supercharged State-Backed Cryptocurrency Theft

Data Breach Today

Report Says State Backing Makes Pyongyang's Hackers Like Cybercriminals on Steroids To service the perpetually cash-starved regime of North Korea, hackers will continue their relentless onslaught on cryptocurrency - and all users of it - with state backing to industrialize their hacking and money laundering capabilities, experts warn.

IT 309
article thumbnail

My CIP Story: Using Certification to Advance Myself and Others

AIIM

I am brimming with pride right now. On November 27, 2023, the Association for Intelligent Information Management (AIIM) debuted a new version of the Certified Information Professional (CIP) credential. On November 27, I also found out that I had earned my CIP!

159
159
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

TrickBot Developer Pleads Guilty in US Court

Data Breach Today

Vladimir Dunaev Faces Up to 35 Years in Prison A Russian national pleaded guilty in U.S. federal court for his role in developing TrickBot. Operators of the malware targeted hospitals and healthcare centers with ransomware attacks during the height of the novel coronavirus pandemic. Vladimir Dunaev faces up to 35 years in prison.

article thumbnail

Expert warns of Turtle macOS ransomware

Security Affairs

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

British Lawmakers Push Ahead With Modifying UK GDPR

Data Breach Today

Data Protection and Digital Information Bill Heads to the House of Lords British Conservative lawmakers are pushing ahead with legislation modifying the U.K. codification of European privacy law despite objections from privacy advocates and concerns about the legislation's impact on European trade. Government backers say the bill will bolster the domestic AI industry.

GDPR 288

More Trending

article thumbnail

Why Broadcom Seeks 'Strategic Alternatives' for Carbon Black

Data Breach Today

Big Overlap With Symantec Makes Carbon Black Redundant, Though Buyers May Be Sparse It looks as if Carbon Black's days as part of Broadcom are numbered. Broadcom CEO Hock Tan told staff at newly acquired VMware in both an email and town hall meeting that he plans to "review strategic alternatives." The move comes just four years after VMware purchased Carbon Black for $2.1 billion.

IT 286
article thumbnail

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two issues are: CVE-2023-6345 Google Skia Integer Overflow Vulnerability CVE-2023-49103 ownCloud graphapi Information Disclosure Vulnerability CVE-2023-6345 – The CVE-2023-5217 is a high-severity integer overflow

IT 126
article thumbnail

ISACA Generative AI Survey: Training Gaps, Focus on Security

Data Breach Today

AI and Governance Expert Stresses Importance of Training for All Employees According to a recent pulse poll from ISACA on generative AI, only 6% of respondents' organizations are providing training to all staff on AI, and more than half - 54% - say that no AI training is provided at all, even to teams directly affected by AI.

Security 285
article thumbnail

Vishing Gang Takes Victims for “Tens of Millions” Using Little More than Social Engineering

KnowBe4

Czech and Ukrainian police have arrested six individuals responsible for a call center-based vishing scam designed to trick victims into thinking they were already victims of fraud.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

ISMG Editors: What Did the Sam Altman-OpenAI Saga Teach Us?

Data Breach Today

Also: ChatGPT Turns 1 Year Old; Police Nab Ransomware Gang Chief in Ukraine In the latest weekly update, four editors at Information Security Media Group discuss Sam Altman and OpenAI's brief leadership nightmare, the state of generative AI one year after the general release of ChatGPT, and how police nabbed a suspected ransomware group ringleader in Ukraine.

article thumbnail

How generative AI delivers value to insurance companies and their customers

IBM Big Data Hub

Insurers struggle to manage profitability while trying to grow their businesses and retain clients. They must comply with an increasing regulatory burden, and they compete with a broad range of financial services companies that offer investment products that have potential for better returns than traditional life insurance and annuity products. Although interest rates have increased at an unprecedented rate over the past year as central banks attempt to curb inflation, a significant part of insu

article thumbnail

Surgical Practice Notifying 437,400 Patients of Data Theft

Data Breach Today

The Incident Involves Ransomware Encryption and Follows Familiar, Concerning Trends A large, Seattle-based surgical group is notifying nearly 437,400 individuals that their information was potentially compromised in a ransomware and data theft incident earlier this year. The breach is part of a larger, disturbing trend in the healthcare sector in 2023.

article thumbnail

Security Awareness Training Can Help Defeat Deepfake and AI Phishing

KnowBe4

There is no doubt that more pervasive deepfake and AI technologies will make for more realistic, sophisticated, phishing attacks, and add to an already huge problem.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Types of enterprise resource planning (ERP) systems

IBM Big Data Hub

The fast-paced business world we live in today requires smart tools to manage a business’s operations and everyday needs. Enterprise resource planning (ERP) is a business management software built to do just that. This relatively new system offers a centralized platform with applications to manage all aspects of your business from supply chain management to inventory management to financial management.

Cloud 84
article thumbnail

USA: An Overview of State Data Privacy Laws Part Two – Scope and Enforcement

Data Matters

The US state data privacy landscape is fast evolving into a patchwork of broad state privacy laws that govern for-profit and non-profit entities that meet certain threshold criteria and the personal information of residents in each of those states. In Part 2 of the OneTrust DataGuidance Insight articles on state data privacy laws, Sidley Austin lawyer Sheri Porath Rockwell compares the scope and enforcement provisions of the comprehensive data privacy laws that have been enacted in 13 states to

article thumbnail

Hybrid cloud examples, applications and use cases

IBM Big Data Hub

To keep pace with the dynamic environment of digitally-driven business, organizations continue to embrace hybrid cloud, which combines and unifies public cloud, private cloud and on-premises infrastructure, while providing orchestration, management and application portability across all three. According to the IBM Transformation Index: State of Cloud , a 2022 survey commissioned by IBM and conducted by an independent research firm, more than 77% of business and IT professionals say they have ado

Cloud 79
article thumbnail

Retail and CPG companies to focus on intelligence, engagement, and security in 2024

OpenText Information Management

The retail industry has always been at the forefront of technological innovation, constantly adapting to meet the evolving needs of consumers. As we step into 2024, retailers are poised for yet another transformative year, driven by cutting-edge technologies that promise to reshape the shopping experience. From augmented reality (AR) to artificial intelligence (AI), here are … The post Retail and CPG companies to focus on intelligence, engagement, and security in 2024 appeared first on Ope

Retail 59
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Tokens and login sessions in IBM Cloud

IBM Big Data Hub

IBM Cloud authentication and authorization relies on the industry-standard protocol OAuth 2.0. You can read more about OAuth 2.0 in RFC 6749 —The OAuth 2.0 Authorization Framework. Like most adopters of OAuth 2.0, IBM has also extended some of OAuth 2.0 functionality to meet the requirements of IBM Cloud and its customers. Access and refresh tokens As specified in RFC 6749, applications are getting an access token to represent the identity that has been authenticated and its permissions.

Cloud 65
article thumbnail

Labor to reconsider mandatory data retention laws for companies in light of major hacks via The Guardian

IG Guru

Check out the article here. The post Labor to reconsider mandatory data retention laws for companies in light of major hacks via The Guardian first appeared on IG GURU.

article thumbnail

Supercharge security operations: How to unlock analysts’ productivity

IBM Big Data Hub

Security analysts are all too familiar with the challenges of alert fatigue, swivel chair type of analysis, and “ghost chasing” spurred by false positives. Facing massive volumes of data coming from an expanding digital footprint and attack surfaces across hybrid multi-cloud environments, they must quickly discern real threats from all the noise without getting derailed by stale intelligence.

article thumbnail

Frequent flyer programs: which is best for Australians – and is there a catch?

The Guardian Data Protection

Qantas, Velocity and KrisFlyer will earn you free flights or upgrades but you’ll have to give something too – your data Get our morning and afternoon news emails , free app or daily news podcast This month, the Singapore Airlines frequent flyer program, KrisFlyer, made a play for Australian customers with its “Kris+ Miles” offering. It meansmembers in Sydney and Melbourne are now able to earn by tapping their rewards app in store at select merchants (very select merchants – there are only 34 Kri

IT 48
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

How to move from IBM Cloud Functions to IBM Code Engine

IBM Big Data Hub

When migrating off IBM Cloud Functions, IBM Cloud Code Engine is one of the possible deployment targets. Code Engine offers apps, jobs and (recently function) that you can (or need) to pick from. In this post, we provide some discussion points and share tips and tricks on how to work with Code Engine functions. IBM Cloud Code Engine is a fully managed, serverless platform to (not only) run your containerized workloads.

Cloud 58
article thumbnail

Make your WhatsApp chats even more private with a secret code. Here's how

Collaboration 2.0

Don't want someone seeing your WhatsApp conversation? Now you can protect it with a password.

article thumbnail

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022.

article thumbnail

US Bipartisan Lawmakers Urge Crackdown on Chinese LiDAR

Data Breach Today

House Members Warn That Chinese-Made LiDAR Technology May Already Be in US Devices A bipartisan group of lawmakers urged the Biden administration to consider intensifying restrictions on semiconductor sales to Chinese companies in a bid to ensure that U.S. remote-sensing technology doesn't aid Beijing's national security efforts.

Sales 285
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Friday Squid Blogging: Strawberry Squid in the Galápagos

Schneier on Security

Scientists have found Strawberry Squid, “whose mismatched eyes help them simultaneously search for prey above and below them,” among the coral reefs in the Galápagos Islands. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

article thumbnail

US govt sanctioned North Korea-linked APT Kimsuky

Security Affairs

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) this week announced sanctions against the North Korea-linked APT group Kimsuky. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researchers in 2013.

Military 124
article thumbnail

When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two

WIRED Threat Level

A federal court ruled on Friday that Trump, as president, may be able to avoid civil action for his role in the January 6, 2021, attack on the US Capitol. But candidate Trump is something different.

IT 80