Data Breach Today
DECEMBER 5, 2023
Credential-Stuffing Attack Led to Profile Scraping Genetics testing firm 23andMe says hackers, in a credential-stuffing attack this fall, siphoned the ancestry data of 6.9 million individuals. 23andMe disclosed the attack on Oct. 1, stating the attackers had scraped the profiles of 23andMe users who opted in to the company's DNA Relatives feature.
AIIM
DECEMBER 5, 2023
AIIM debuted a new version of the Certified Information Professional (CIP) credential. As of November 27, 2023, AIIM is offering a new version of the exam, which reflects the skills needed for today’s information professionals.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 5, 2023
Andariel Group Rented Server to Steal 1.2TB of Data, Extort $357,000 in Ransoms Seoul police have accused the North Korean hacker group Andariel of stealing sensitive defense secrets from South Korean defense companies and laundering ransomware proceeds back to North Korea. The hackers stole 1.2TB of data, including information on advanced anti-aircraft weapons.
Schneier on Security
DECEMBER 5, 2023
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
DECEMBER 5, 2023
TSA Official Details How Agency Aims to Implement AI Systems Across Operations The Transportation Security Administration is exploring the possibilities of a future of U.S. travel "underpinned by AI advancements," according to the agency's deputy CIO, with next-generation technologies shaping new verification and threat detection efforts.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 5, 2023
Hugging Face Fixes Flaw; Meta, Other Tech Giants Revoke Vulnerable Tokens Security researchers could access and modify an artificial intelligence code generation model developed by Facebook after scanning for API access tokens on AI developer platform Hugging Face and code repository GitHub. Tampering with training data is among the top threats to large language models.
Schneier on Security
DECEMBER 5, 2023
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.
Data Breach Today
DECEMBER 5, 2023
'TSA Is Not the Right Agency to Lead' REAL ID Implementation, Security Experts Say Security experts testified to Congress that the National Institute of Standards and Technology is better placed than the Transportation Security Administration to lead national implementation efforts for security-enhanced identification cards ahead of a looming 2025 deadline for national compliance.
Security Affairs
DECEMBER 5, 2023
ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk for organizations. Over the past few years, threat actors have increasingly had access to cost-effective and efficient means and services to carry out such kinds of attacks.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
DECEMBER 5, 2023
Zombie APIs are becoming more common, just because of the sheer number APIs and third-party vendors that organizations rely on. Joshua Scott, head of information security and IT at API platform Postman, says businesses need to identify "what is critical to the business and map backward.
WIRED Threat Level
DECEMBER 5, 2023
23andMe has provided more information about the scope and scale of its recent breach, but with these details come more unanswered questions.
Data Breach Today
DECEMBER 5, 2023
Urgent Action Needed to Prevent Ransomware Attacks Involving Vulnerability Exploit A recent spike in ransomware attacks has prompted federal regulators and the American Hospital Association to issue urgent warnings to hospitals and other healthcare firms to prevent potential exploitation of the Citrix Bleed software flaw affecting some NetScaler ADC and NetScaler Gateway devices.
Security Affairs
DECEMBER 5, 2023
The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about threat actors actively exploiting a critical vulnerability ( CVE-2023-26360 ) in Adobe ColdFusion to breach government agencies. The flaw is an Improper Access Control that can allow a remote attacker to execute arbitrary code.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
IT Governance
DECEMBER 5, 2023
IT Governance’s research has found the following for November 2023: 470 publicly disclosed security incidents. 519,111,354 records known to be breached. The number of incidents is particularly high this month, partly because we’ve improved our incident-finding processes, but also partly because we’ve seen several big supply chain attacks this month.
Security Affairs
DECEMBER 5, 2023
Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft’s Threat Intelligence is warning of Russia-linked cyber-espionage group APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.
KnowBe4
DECEMBER 5, 2023
On July 26, the U.S. Security & Exchange Commission (SEC) announced several new cybersecurity rules , taking affect mid-December 2023, that will significantly impact all U.S. organizations (and foreign entities doing business in the U.S.) that must follow SEC regulations.
WIRED Threat Level
DECEMBER 5, 2023
Adversarial algorithms can systematically probe large language models like OpenAI’s GPT-4 for weaknesses that can make them misbehave.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Jamf
DECEMBER 5, 2023
JTL security researchers discover how Lockdown Mode on iOS can be manipulated by a threat actor on compromised or jailbroken iPhones to trick users into believing that their device is protected by Lockdown Mode when in reality when in fact, it's not.
KnowBe4
DECEMBER 5, 2023
New data shows how the overwhelming majority of phishing attacks on financial institutions dwarf every other industry sector by as much as a factor of 30-to-1.
IBM Big Data Hub
DECEMBER 5, 2023
As the retail industry witnesses a shift towards a more digital, on-demand consumer base, AI is becoming the secret weapon for retailers to better understand and cater to this evolving consumer behavior. With the rise of highly personalized online shopping, direct-to-consumer models, and delivery services, generative AI can help retailers further unlock a host of benefits that can improve customer care, talent transformation and the performance of their applications.
Data Matters
DECEMBER 5, 2023
On 27 November 2023, the Council adopted the final text of the Data Act which facilitates (and in certain cases, mandates) the access to (personal and non-personal) data. The Data Act was originally proposed by the European Commission in 2022. Alongside the EU Data Governance Act (which came into force in June 2022) the Data Act forms part of the EU’s Data Strategy which aims to “ make the EU a leader in a data-driven society ”.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
KnowBe4
DECEMBER 5, 2023
Researchers at McAfee warn that attackers are increasingly utilizing PDF attachments in email phishing campaigns.
Daymark
DECEMBER 5, 2023
On October 30, 2023, the US Securities and Exchange Commission (SEC) announced fraud charges against SolarWinds and its former chief information security officer (CISO), alleging that “ SolarWinds’ public statements about its cybersecurity practices and risks were at odds with its internal assessments.” This comes on the heels of the SEC’s newly implemented rules for disclosures relating to cyber risk.
KnowBe4
DECEMBER 5, 2023
Top Four Security Tips for Cyber Safety on National Computer Security Day
IG Guru
DECEMBER 5, 2023
Check out the post here. The post Privacy First: A Better Way to Address Online Harms via EFF first appeared on IG GURU.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Collibra
DECEMBER 5, 2023
Today, AI is reshaping industries with its unprecedented scale and transformative impact. At the heart of the AI revolution is the principle of ‘trusted data,’ a cornerstone for successful AI initiatives. Trusted data — characterized by its accuracy, reliability and integrity — is not just a requirement but a catalyst for transformative changes across organizations.
National Archives Records Express
DECEMBER 5, 2023
Newly commissioned officers toss their hats into the air in celebration of their graduation from the U.S. Naval Academy. National Archives Identifier: 6466552 We are pleased to announce the release of the Success Criteria for Digitizing Permanent Records. This guidance supports the National Archives and Records Administration’s (NARA) regulation concerning digitization standards for permanent records ( 36 CFR 1236 Subpart E ).
CILIP
DECEMBER 5, 2023
Statement to Department for Communities on funding shortfall of approximately £1.75 million This statement is issued by CILIP, the Chartered Institute of Library and Information Professionals, the national body representing librarians and information professionals in Northern Ireland and the UK, in response to the lack of adequate funding for public library services.
Expert insights. Personalized for you.
298 
Let's personalize your content