Data Breach Today
DECEMBER 22, 2023
Hackers Crippled Systems, Stole Patient Data From ESO Solutions Hackers carried out a double-extortion ransomware attack on medical software company ESO Solutions, exposing personal details and healthcare information of 2.7 million U.S. patients and encrypting some of the company's systems. Double-extortion attacks also exfiltrate data.
Security Affairs
DECEMBER 22, 2023
The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. The company refused to pay the ransom and the ransomware gang threatened to leak the alleged stolen documents, including project data, clients’ and partners’ info, and NDAs. “We’ve obtained 100 GB of data of N
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 22, 2023
Attackers Masquerade as Hotels to Steal Clients' Payment Card Data, Experts Warn Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
WIRED Threat Level
DECEMBER 22, 2023
I tried to sell a futon on Facebook Marketplace and nearly all I got were scammers.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
DECEMBER 22, 2023
Arion Kurtaj Was a Member of Lapsus$ Group That Also Hacked Nvidia and Revolut British prosecutors have sentenced a teenager behind high-profile hacks while he was part of the now-inactive Lapsus$ hacking group. Arion Kurtaj, from Oxford, will remain in medical care after doctors declared he was unfit to stand for trial owing to severe autism.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 22, 2023
Majority of Connected Medical Devices Contain Critical Vulnerabilities, FBI Says A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S. that can result in "potential catastrophic impact to hospital operations and patient care.
WIRED Threat Level
DECEMBER 22, 2023
Members of the US Congress touted improvements to children’s privacy protections as an urgent priority. So why didn’t they do anything about it?
Data Breach Today
DECEMBER 22, 2023
FalseFont Backdoor Enables Attackers to Remotely Connect to a Compromised System Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
Schneier on Security
DECEMBER 22, 2023
Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information from sources on the web to assist users in creation of their documents. We show that attackers can prepare websites that, when a user adds them as a source, manipulate the LLM into sending private information to the attacker or perform other malicious activities.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
KnowBe4
DECEMBER 22, 2023
I just found a great post by Morgan Wright, chief security advisor of SentinelOne. Here is a quick summary and a link to the full article is at the bottom. The recent attacks on water authorities like Aliquippa and St. Johns River have cast a spotlight on the vulnerability of critical infrastructure.
OpenText Information Management
DECEMBER 22, 2023
Remaining at the forefront of the ever-evolving innovation curve is imperative for ensuring the financial vitality of any organization. Despite this urgency, numerous treasury management departments rely on outdated data and manual processes, oblivious to the extensive ramifications of such practices. In a previous blog, I looked at the cost and resource savings companies can … The post Treasury Management: The true cost of manual processes and outdated data appeared first on OpenText Blog
IT Governance
DECEMBER 22, 2023
DORA’s supply chain security requirements IT Governance’s research for November 2023 found that 48% of the month’s incidents originated from the supply chain (i.e. were third-party attacks). For Europe , this number rises to 61%. Admittedly, it only takes a comparatively small number of supply chain attacks to skew the number of incidents. It’s in their nature for one attack to compromise potentially hundreds or even thousands of organisations.
Schneier on Security
DECEMBER 22, 2023
Ben Rothke chose A Hacker’s Mind as “the best information security book of 2023.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Hunton Privacy
DECEMBER 22, 2023
On December 20, 2023, the FTC issued a Notice of Proposed Rulemaking (“Notice”), which would bring long-anticipated changes to the children’s online data privacy regime at the federal level in the U.S. The Notice sets forth several important proposals aimed at strengthening the Children’s Online Privacy Protection Act Rule (“COPPA Rule”). The COPPA Rule has not been updated since 2012.
IG Guru
DECEMBER 22, 2023
CMP Guidance The post ICRM Reminders first appeared on IG GURU.
John Battelle's Searchblog
DECEMBER 22, 2023
I will not forsake you. But I might not call as often as I used to. I don’t often write about personal things here, but the two most-read posts of this past year were Mastering The Rudiments , about my journey with learning the drums, and Unretirement , a personal reflection on my career. I wrote both of those back in May – a shoulder month between seasons.
Collaboration 2.0
DECEMBER 22, 2023
The company wants to give its video-conferencing customers more data-led features using a federated approach to AI. Here's what that means.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
DECEMBER 22, 2023
It’s squid parts from college dissections , so it’s not a volume operation. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Expert insights. Personalized for you.
302 
Let's personalize your content