Data Breach Today
APRIL 13, 2023
Google Funds Vulnerability Disclosure Policy Group and Legal Defense for White Hats Silicon Valley giant Google called on tech companies to be more robust in their approach to patching vulnerabilities in an afternoon marked by announcements designed to boost vulnerability research. Google money is supporting the Hacking Policy Council and the Security Research Legal Defense Fund.
The Last Watchdog
APRIL 12, 2023
At 10 am PDT, next Wednesday, April 19 th , I’ll have the privilege of appearing as a special guest panelist and spotlight speaker on Virtual Guardian’s monthly Behind the Shield cybersecurity podcast. Related: The Golden Age of cyber spying is upon us You can RSVP – and be part of the live audience – by signing up here. The moderator, Marco Estrela, does a terrific job highlighting current cybersecurity topics ripped from the headlines.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
APRIL 13, 2023
Ultimate Packer for Executables (UPX) is an open-source packer that can reduce the file size of an executable drastically (better than Zip files), and it is compatible with a large range of executable formats, like Windows DLLs, macOS apps, or Linux ELF. Vendors sometimes use packing to prevent basic reverse engineering or illegal redistribution. Packers basically take the original executable and add a small piece of code called a “stub” to the newly created executable.
Data Breach Today
APRIL 13, 2023
Jack Teixeira, 21, Accused of Sharing Classified National Defense Info on Discord A member of the Massachusetts Air National Guard has been arrested for leaking highly classified military and intelligence documents. The U.S. Department of Justice announced that Jack Teixeira, 21, was taken into custody by FBI agents following the leaking of more than 100 documents.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Last Watchdog
APRIL 10, 2023
Instilling a culture of cyber security at your organization requires your people to maintain a high level of knowledge and awareness about cyber security risks—and that takes an effective, impactful, and ongoing security awareness program. Related: Deploying employees as human sensors However, a security awareness program is only as good as its content.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
APRIL 11, 2023
When Tony invited me to write a guest blog for AIIM, I planned to write a techie piece on the latest document AI news. I was even tempted to ask ChatGPT to write one in the style of Monty Python. You’ll be pleased to know that moment of temporary insanity quickly passed. Instead of techie talk, I would like to tell you a story about the secret value of AIIM and why I think it’s vital that we all pitch in and help Tori Miller Liu and the team to move AIIM forward.
Data Breach Today
APRIL 8, 2023
Apple Recommends Immediate Updating Due to Extensive List of Affected Devices Apple issued security updates to address two zero-day vulnerabilities being actively exploited in the wild and targeting iPads, Macs and iPhones. Both vulnerabilities can lead to arbitrary code execution, but Apple said it found no exploits related to cybercrime or nation-state groups.
WIRED Threat Level
APRIL 13, 2023
Security researchers are jailbreaking large language models to get around safety rules. Things could get much worse.
Krebs on Security
APRIL 11, 2023
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones , iPads and Macs.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
APRIL 13, 2023
There are plenty of AD objects and groups that should be considered tier zero in every environment, but some will vary among organizations.
Data Breach Today
APRIL 11, 2023
The Spyware Can Record Audio, Take Pictures, Track Locations and Steal Passwords A low-profile Israeli advanced spyware firm used a suspected zero-day to surveil the lives of journalists, political opposition figures and a nongovernmental organization worker across multiple continents, say researchers from the Citizen Lab and Microsoft.
Schneier on Security
APRIL 12, 2023
The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices that access these ports.
Thales Cloud Protection & Licensing
APRIL 13, 2023
Post-Quantum Cryptography (PQC): Three Easy Ways to Prepare madhav Fri, 04/14/2023 - 06:05 The infamous Y2K “disaster” was successfully averted because people paid heed and prepared well in advance. Likewise, many Post-Quantum Computing (PCQ) security concerns can be addressed ahead of time with proper planning. Organizations that rely on data security and protection need to start preparing and refining strategies immediately.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Dark Reading
APRIL 14, 2023
Western Digital has yet to comment on claims that the breach reported earlier this month led to data being stolen.
Data Breach Today
APRIL 11, 2023
But If Hydra Takedown Is a Guide, Fresh Disruptions May Take Big Bite Out of Market The cybercrime economy appears to remain alive and well: Compared to last year, researchers report seeing an increase in the number of known ransomware victims as well as initial access listings, which facilitate such attacks. The impact the takedowns of BreachForums and Genesis remains to be seen.
Schneier on Security
APRIL 11, 2023
Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby. News articles.
eSecurity Planet
APRIL 14, 2023
A massive cyber attack targeting drive maker Western Digital Corp. (WDC) could potentially have serious and long-term implications. One of the hackers apparently disclosed the extent of the cyber attack to TechCrunch this week. Hackers accessed a range of company assets and stole about 10 terabytes of data, but the disclosure with the greatest potential for damage is that the hackers claim to have the ability to impersonate WDC code-signing certificates.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Dark Reading
APRIL 13, 2023
Quantum computers might be a decade away, but guess how long it will take to switch systems over to post-quantum cryptography?
Data Breach Today
APRIL 13, 2023
European Embassies and Diplomats at Most Risk, Warns Polish CERT A Russian hacking campaign is targeting European embassies and diplomats as part of an ongoing cyberespionage campaign aimed at stealing Western government intelligence on the war in Ukraine, according to a joint alert by the Polish CERT and Military Counterintelligence Service.
Schneier on Security
APRIL 10, 2023
Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. It’s an interesting experiment, and the results are likely to vary wildly based on the details of the experiment.
KnowBe4
APRIL 13, 2023
A method used in domain impersonation attacks, combosquatting aids the threat actor by using a modified domain name to further increase the credibility of an attack.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Dark Reading
APRIL 11, 2023
The campaign shrouds the commodity infostealer in OpenAI files in a play that aims to take advantage of the growing public interest in AI-based chatbots.
Data Breach Today
APRIL 14, 2023
Concerns Raised Over ChatGPT's Compliance With GDPR The French and Spanish data privacy watchdogs have launched separate probes into ChatGPT over potential data privacy violations. European scrutiny of the chatbot mounted after the Italian data protection agency announced a temporary ban on ChatGPT in March.
Data Matters
APRIL 10, 2023
The U.S. Food and Drug Administration (FDA or Agency) has issued new draft guidance on “Marketing Submission Recommendations for a Predetermined Change Control Plan for Artificial Intelligence/Machine Learning (AI/ML)-Enabled Device Software Functions” 1 that discusses a “science-based approach to ensuring that AI/ML-enabled devices can be safely, effectively, and rapidly modified, updated, and improved in response to new data.” 2 This approach should offer more certainty to industry as FDA’s
KnowBe4
APRIL 10, 2023
Researchers at Securonix are tracking an ongoing phishing campaign dubbed “TACTICAL#OCTOPUS” that’s been targeting users in the US with tax-related phishing emails.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Dark Reading
APRIL 10, 2023
The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security.
Data Breach Today
APRIL 14, 2023
National Guard Airman Jack Teixeira Charged With Mishandling Intelligence The arrest of a low-level U.S. military IT specialist, Jack Teixeira, on suspicion of leaking highly classified documents begs the question of why he had access to them in the first place. The national guard airman has been charged with inappropriately retaining and sharing intelligence.
IT Governance
APRIL 11, 2023
Welcome to our April 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we look at a scam targeting YouTube content creators, the traditional tax-related phishing campaigns that occur at this time of year and a new report highlighting a surge in email-based scams attacks.
Expert insights. Personalized for you.
147 
Let's personalize your content