Data Breach Today
JULY 23, 2024
Claroty CEO Vardi on Compensating Controls, Segmentation and Secure Remote Access The recent CrowdStrike outage highlights the need to shift from reactive risk management to proactive measures in cyber-physical security. Claroty CEO Yaniv Vardi emphasizes the importance of compensating controls, network segmentation and secure remote access in preventing similar incidents.
Krebs on Security
JULY 12, 2024
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Matters
JULY 31, 2024
On July 23, 2024, the competition authorities of the EU, the UK, and the U.S. issued a joint statement on competition in generative artificial intelligence (AI) foundation models and AI products (Joint Statement). Since the emergence of generative AI, each of the authorities has been individually ramping up its work in order to understand better the potential risks to competition that AI may pose.
The Last Watchdog
JULY 25, 2024
Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. Related: Microsoft blames outage on EU A flawed update to CrowdStrike’s Falcon security software caused millions of computers running Microsoft Windows to display the infamous blue screen of death.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Weissman's World
JULY 19, 2024
I recently gave a presentation to ARMA International about the human consequences of what we do, and though you probably can get a copy of it from ARMA itself – and for sure you can from me – I wanted to take a minute to reinforce the criticality of my point. Most of us spend… Read More » Wanted! An IG Code of Human Ethics The post Wanted!
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 17, 2024
Costs Have Already Hit $2 Billion, Parent Company UnitedHealth Group Reports Fallout from the February ransomware hit on Change Healthcare, including the theft of data pertaining to up to one-third of Americans, has so far led to $2 billion in costs and may yet reach $2.5 billion, says parent company UnitedHealth Group.
Krebs on Security
JULY 19, 2024
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied manually on a per-machine basis.
Data Matters
JULY 26, 2024
The protection of minors online continues to be a focus for EU regulators. Following the publication last year by the European Parliament of its guidelines on online age verification methods for children, the European Commission has recently announced it will be holding a dedicated stakeholder workshop in September 2024 to discuss guidelines for age verification and protecting minors.
The Last Watchdog
JULY 1, 2024
The coalescing of the next-gen security platforms that will carry us forward continues. Related: Jump starting vulnerability management Adaptiva, a leader in autonomous endpoint management, recently announced the launch of OneSite Patch for CrowdStrike. This new solution integrates with CrowdStrike’s Falcon XDR platform to improve the efficiency and speed of patching critical vulnerabilities in enterprise systems.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
JULY 26, 2024
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released security updates for BIND that address DoS vulnerabilities that could be remotely exploited. An attacker can exploit these vulnerabilities to disrupt DNS services.
AIIM
JULY 24, 2024
Copyright is intended to incentivize creativity to serve the purpose of enriching the public by providing access to creative work. Generative AI engines use content (aka information or unstructured data) to develop large language models. This content can and often does include copyrighted works.
Data Breach Today
JULY 26, 2024
National Police Probe Botnet Campaign That Infected 3,000 Machines The French government has launched an investigation into a suspected Chinese espionage campaign that infected thousands of networks in France. The botnet campaign pushed out the PlugX remote access Trojan that has infected 3,000 machines in France since 2020.
Krebs on Security
JULY 26, 2024
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard from a reader who said they received a notice that their email address had been used to create a potentially malicious Workspace account that Google
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
KnowBe4
JULY 23, 2024
Incident Report Summary: Insider Threat TLDR: KnowBe4 was in need of a software engineer for our internal IT AI team. Posted the job, got resumes, did the interviews, did the background check, checked the references and hired the person. We sent the Mac and the moment it was received it immediately started to load malware. The EDR software saw it and started to throw alerts to our InfoSec SOC team.
WIRED Threat Level
JULY 24, 2024
A former Google engineer has built a search engine, WebXray, that aims to find illicit online data collection and tracking—with the goal of becoming “the Henry Ford of tech lawsuits.
Security Affairs
JULY 27, 2024
Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs of Russian banks, the cyber operation began on July 23. “This is an opportune moment to fully implement the Kremlin’s long-desired ‘import substitution’ in the form of wooden abacuses, paper savings books, and cave paintings for accounting.” reported the KyivPost. “In Russia, it has al
AIIM
JULY 2, 2024
The age of artificial intelligence (AI) has advanced rapidly with the release of tools like ChatGPT becoming available to the end user. These tools can compile information from various sources to answer questions on a wide range of topics. But how accurately can they comprehend truly complex disciplines that require years of specialized expertise?
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
JULY 30, 2024
Involving Law Enforcement After Ransomware Attacks Drives Down Costs, Study Finds Data breaches continue to grow more costly, with the average cost of a breach hitting an all-time high of $4.9 million, driven by greater business disruption and post-breach customer support and remediation expenses, according to the latest annual Cost of a Data Breach Report from IBM.
Krebs on Security
JULY 23, 2024
The Chinese company in charge of handing out domain names ending in “ top ” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that.top was the most common suffix in phishing websites over the past year, second only to domains ending in “ com.” Image: Shutterstock.
Schneier on Security
JULY 15, 2024
Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored as metadata, not visible in the article’s text directly, but assigned to a digital object identifier, or DOI—a unique identifier for each sci
WIRED Threat Level
JULY 19, 2024
A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
JULY 24, 2024
A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. The security incident exposed the personal and health information of the patients.
AIIM
JULY 16, 2024
I want to share my thoughts on the relationship between information management and emerging technologies like AI and bots. I'll discuss how I view information management as part of an evolving ecosystem that encompasses various technologies and practices.
Data Breach Today
JULY 26, 2024
UEFI Developer Leaked a Secure Boot Asymmetric Key Hundreds of laptop and server models from mainstream manufacturers are at risk of hacking that bypasses protections meant to ensure only trusted software can load during computer bootup, warn researchers from California supply chain startup Binarly.
Krebs on Security
JULY 15, 2024
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Data Breach Today
JULY 24, 2024
Cybersecurity Vendor's Preliminary Review Details Problems, Promises Improvements CrowdStrike, in a preliminary report, has blamed internal testing problems for failing to prevent the faulty "rapid content update" that caused worldwide disruption on Friday. The cybersecurity vendor has promised to refine its testing and deployment processes to avoid any repeats.
Data Breach Today
JULY 2, 2024
Insurance Giant Says Hackers Stole Data of 2.5 Million Individuals A February ransomware attack against Prudential Financial affected 2.5 million customers, the financial giant disclosed after initially calculating the totally as 36,000. In an emailed statement, Prudential said the tally shouldn't increase a second time.
Data Breach Today
JULY 22, 2024
Microsoft's Tool Requires Physical Access, a 'Time-Consuming and Laborious Task' Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproportionate part of the user base, as the outages in healthcare, transportation and banking demonstrate.
Expert insights. Personalized for you.
343 
Let's personalize your content