The Last Watchdog
JUNE 12, 2023
Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. Privacy controls allow you to say who or what can access a database of customer data or employee data.
IBM Big Data Hub
JUNE 15, 2023
There’s no debate that the volume and variety of data is exploding and that the associated costs are rising rapidly. The proliferation of data silos also inhibits the unification and enrichment of data which is essential to unlocking the new insights. Moreover, increased regulatory requirements make it harder for enterprises to democratize data access and scale the adoption of analytics and artificial intelligence (AI).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JUNE 15, 2023
A new version of the infamous browser extension is spreading through files on websites offering pirated wares, and leverages unique persistence mechanisms.
Data Breach Today
JUNE 13, 2023
Akamai: Rapid Digitalization, Flawed Code Led to 14 Billion Attacks in Past Year Hackers hit the e-commerce industry with 14 billion attacks in 15 months, pushing it to the top of the list of targets for web application and API exploits. A new Akamai report blames digitalization and the wide range of vulnerabilities hackers can exploit in web applications.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
JUNE 12, 2023
The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. Related: SolarWinds-style supply chain attacks on the rise Clop operatives went live last week with an unusual ultimatum — written in broken English and posted in a Dark Web forum — giving the victimized organizations a June 14 th deadline to make direct contact with them under threat of having sensitive stol
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
JUNE 15, 2023
The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.
Data Breach Today
JUNE 16, 2023
Gamaredon Spreads Custom Backdoor Through Thumb Drives A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
The Last Watchdog
JUNE 16, 2023
It was bound to happen. Clop, the Russia-based ransomware gang that executed the MOVEit-Zellis supply chain hack, has commenced making extortion demands of some big name U.S. federal agencies, in addition to global corporations. Related: Supply-chain hack ultimatum The nefarious Clop gang initially compromised MOVEit, which provided them a beachhead to gain access to Zellis, a UK-based supplier of payroll services.
Krebs on Security
JUNE 15, 2023
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Under a new order from the Cybersecurity and Infrastructure Security Agency (CISA), federal agencies will have 14 days to respond to any reports from CISA
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Thales Cloud Protection & Licensing
JUNE 15, 2023
A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management. Key Management as a Service (KMaaS) allows companies to manage encryption keys more effectively through a cloud-based solution instead of running the service on physical, on-premises
Data Breach Today
JUNE 12, 2023
Debt Collection Software Firm Intellihartx Says Nearly 490,000 Affected by Breach A company that makes patient debt collection software is the latest healthcare sector entity to report a hacking breach related to a flaw in Fortra's GoAnywhere secure file transfer software. To date, the GoAnywhere vulnerability has affected the health information of 4.4 million individuals.
WIRED Threat Level
JUNE 12, 2023
A newly declassified report from the Office of the Director of National Intelligence reveals that the federal government is buying troves of data about Americans.
Dark Reading
JUNE 16, 2023
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
IT Governance
JUNE 15, 2023
The UK’s broadcasting regulator, Ofcom, has revealed that it’s among the organisations whose data has been stolen in the massive MOVEit cyber attack. In a statement , Ofcom said that a “limited amount” of confidential information was stolen by criminal hackers, although its own systems were not compromised. The data relates to certain companies whose practices Ofcom regulates, as well as 412 of its employees.
Data Breach Today
JUNE 16, 2023
New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
Schneier on Security
JUNE 12, 2023
New research suggests that AIs can produce perfectly secure steganographic images: Abstract: Steganography is the practice of encoding secret information into innocuous content in such a manner that an adversarial third party would not realize that there is hidden meaning. While this problem has classically been studied in security literature, recent advances in generative models have led to a shared interest among security and machine learning researchers in developing scalable steganography te
Dark Reading
JUNE 16, 2023
MOVEit has created a patch to fix the issue and urges customers to take action to protect their environments, as Cl0p attacks continue to mount, including on government targets.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
The Last Watchdog
JUNE 15, 2023
London, UK, June 15, 2023 – Dropblock for mobile launches today, a free, Web3 storage application offering individuals, developers, and business users a unique and completely secure mobile storage and data sharing solution. Simply download Dropblock today from the App Store or from the Google Play Store to get 5GB of secure blockchain storage for free.
Data Breach Today
JUNE 15, 2023
Targets Include Southeast Asian Foreign Ministry, Foreign Trade Offices in Taiwan Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant. Hackers used a zero-day vulnerability in Barracuda Networks Email Security Gateway appliances.
IT Governance
JUNE 15, 2023
This week, we discuss a data breach affecting users of Progress Software’s MOVEit file transfer app, GDPR fines for LinkedIn and Spotify, and the delay of Google Bard’s EU launch because of privacy concerns. Also available on Spotify , Amazon Music , Apple Podcasts and SoundCloud. The post IT Governance Podcast 16.6.23: MOVEit, LinkedIn, Spotify and Google Bard appeared first on IT Governance UK Blog.
Dark Reading
JUNE 13, 2023
Threat actors have grown increasingly sophisticated in applying social engineering tactics against their victims, which is key to this oft-underrated cybercriminal scam's success.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
The Last Watchdog
JUNE 15, 2023
Cambridge, Mass., June 15, 2023. The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Secure Payment Confirmation (SPC) enables merchants, banks, payment service providers, card networks, and others to lower the friction of strong customer authentication (SCA), and produce cryptographic evidence of user consent, both important aspects of regulatory re
Data Breach Today
JUNE 14, 2023
SharePoint, Multicasting and Exchange Figure Prominently This Month Microsoft's June dump of monthly patches for the first time in months doesn't include a fix for an actively exploited zero day in a slew of fixes for 69 vulnerabilities spread across the computing giant's portfolio of products. Among them: SharePoint, Exchange and serves that enable multicasting.
Hunton Privacy
JUNE 16, 2023
On June 15, 2023, the UK Information Commissioner’s Office (“ICO”) called for businesses to address the privacy risks posed by generative artificial intelligence (“AI”) before “rushing to adopt the technology.” Stephen Almond, the ICO’s Executive Director of Regulatory Risk, said: “Businesses are right to see the opportunity that generative AI offers.
National Archives Records Express
JUNE 12, 2023
This is the next post in a series supporting the publication of 36 CFR section 1236 subpart E – Digitizing Permanent Records. All of the posts have been collected under the 36 CFR Section 1236 category. S49-07-001 – STS-049 – In cabin view of crewmember at the forward flight deck with laptop terminal National Archives Identifier: 22702275 In this blog post, we will explore the key aspects of metadata requirements and their significance in recordkeeping.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Dark Reading
JUNE 15, 2023
A third perp has been fingered, but CISA warns that LockBit variants continue to be a major threat on a global scale.
Data Breach Today
JUNE 13, 2023
St. Margaret's Health Is Permanently Shutting Hospitals and Clinics A rural Illinois medical system will shut down on Friday partly due to fallout from a 2021 ransomware incident as the toll of a wave of extortionate malware exacts rising costs from the healthcare industry. "These problems have no end in sight," said Mike Hamilton of security firm Critical Insight.
eSecurity Planet
JUNE 15, 2023
Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities. It is a critical part of an organization’s cybersecurity program. There are many different vulnerability management frameworks, but the vulnerability management lifecycle of most organizations today typically includes five phases. We’ll examine those and then look at vulnerability management lifecycle best practices.
Expert insights. Personalized for you.
202 
Let's personalize your content