The Last Watchdog
JUNE 12, 2023
Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. Privacy controls allow you to say who or what can access a database of customer data or employee data.
IBM Big Data Hub
JUNE 15, 2023
There’s no debate that the volume and variety of data is exploding and that the associated costs are rising rapidly. The proliferation of data silos also inhibits the unification and enrichment of data which is essential to unlocking the new insights. Moreover, increased regulatory requirements make it harder for enterprises to democratize data access and scale the adoption of analytics and artificial intelligence (AI).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JUNE 15, 2023
A new version of the infamous browser extension is spreading through files on websites offering pirated wares, and leverages unique persistence mechanisms.
Data Breach Today
JUNE 13, 2023
Akamai: Rapid Digitalization, Flawed Code Led to 14 Billion Attacks in Past Year Hackers hit the e-commerce industry with 14 billion attacks in 15 months, pushing it to the top of the list of targets for web application and API exploits. A new Akamai report blames digitalization and the wide range of vulnerabilities hackers can exploit in web applications.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Last Watchdog
JUNE 12, 2023
The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. Related: SolarWinds-style supply chain attacks on the rise Clop operatives went live last week with an unusual ultimatum — written in broken English and posted in a Dark Web forum — giving the victimized organizations a June 14 th deadline to make direct contact with them under threat of having sensitive stol
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
JUNE 15, 2023
The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.
Data Breach Today
JUNE 16, 2023
Gamaredon Spreads Custom Backdoor Through Thumb Drives A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
The Last Watchdog
JUNE 16, 2023
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations. Related: Supply-chain hack ultimatum The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services.
Krebs on Security
JUNE 13, 2023
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
JUNE 12, 2023
A newly declassified report from the Office of the Director of National Intelligence reveals that the federal government is buying troves of data about Americans.
Data Breach Today
JUNE 15, 2023
Targets Include Southeast Asian Foreign Ministry, Foreign Trade Offices in Taiwan Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant. Hackers used a zero-day vulnerability in Barracuda Networks Email Security Gateway appliances.
Dark Reading
JUNE 16, 2023
This new role safeguarding cloud deployments requires an exceedingly rare set of technical and soft skills.
Thales Cloud Protection & Licensing
JUNE 15, 2023
A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management. Key Management as a Service (KMaaS) allows companies to manage encryption keys more effectively through a cloud-based solution instead of running the service on physical, on-premises
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
JUNE 10, 2023
Documents WIRED obtained detail new prison-monitoring technology that keeps tabs on inmates' location, heartbeats, and more.
Data Breach Today
JUNE 12, 2023
Debt Collection Software Firm Intellihartx Says Nearly 490,000 Affected by Breach A company that makes patient debt collection software is the latest healthcare sector entity to report a hacking breach related to a flaw in Fortra's GoAnywhere secure file transfer software. To date, the GoAnywhere vulnerability has affected the health information of 4.4 million individuals.
Dark Reading
JUNE 16, 2023
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
Schneier on Security
JUNE 12, 2023
New research suggests that AIs can produce perfectly secure steganographic images: Abstract: Steganography is the practice of encoding secret information into innocuous content in such a manner that an adversarial third party would not realize that there is hidden meaning. While this problem has classically been studied in security literature, recent advances in generative models have led to a shared interest among security and machine learning researchers in developing scalable steganography te
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
IT Governance
JUNE 15, 2023
The UK’s broadcasting regulator, Ofcom, has revealed that it’s among the organisations whose data has been stolen in the massive MOVEit cyber attack. In a statement , Ofcom said that a “limited amount” of confidential information was stolen by criminal hackers, although its own systems were not compromised. The data relates to certain companies whose practices Ofcom regulates, as well as 412 of its employees.
Data Breach Today
JUNE 16, 2023
New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
Dark Reading
JUNE 15, 2023
A third perp has been fingered, but CISA warns that LockBit variants continue to be a major threat on a global scale.
KnowBe4
JUNE 11, 2023
The Wall Street Journal today revealed that North Korea's hacker army managed to steal a huge amount of cryptocurrency amounting to $3 billion to finance their nuclear program. US officials have confirmed this news.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
IT Governance
JUNE 15, 2023
This week, we discuss a data breach affecting users of Progress Software’s MOVEit file transfer app, GDPR fines for LinkedIn and Spotify, and the delay of Google Bard’s EU launch because of privacy concerns. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 16.6.23: MOVEit, LinkedIn, Spotify and Google Bard appeared first on IT Governance UK Blog.
Data Breach Today
JUNE 14, 2023
SharePoint, Multicasting and Exchange Figure Prominently This Month Microsoft's June dump of monthly patches for the first time in months doesn't include a fix for an actively exploited zero day in a slew of fixes for 69 vulnerabilities spread across the computing giant's portfolio of products. Among them: SharePoint, Exchange and serves that enable multicasting.
Dark Reading
JUNE 12, 2023
The attack highlights growing interest among threat actors to target data from software-as-a-service providers.
KnowBe4
JUNE 15, 2023
The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Hunton Privacy
JUNE 16, 2023
On June 15, 2023, the UK Information Commissioner’s Office (“ICO”) called for businesses to address the privacy risks posed by generative artificial intelligence (“AI”) before “rushing to adopt the technology.” Stephen Almond, the ICO’s Executive Director of Regulatory Risk, said: “Businesses are right to see the opportunity that generative AI offers.
Data Breach Today
JUNE 13, 2023
Online Music Streamer Will Appeal Decision From Swedish Data Protection Authority Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.
Dark Reading
JUNE 16, 2023
MOVEit has created a patch to fix the issue and urges customers to take action to protect their environments, as Cl0p attacks continue to mount, including on government targets.
Expert insights. Personalized for you.
202 
Let's personalize your content