Data Breach Today
APRIL 24, 2023
James E. Lee Shares 2023 Q1 Data Breach Report Highlights According to findings from the Identity Theft Resource Center's 2023 Q1 Data Breach Report, the number of publicly reported data compromises decreased, but the number of data breaches with no actionable information about the root cause of the compromise grew.
Krebs on Security
APRIL 27, 2023
A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
APRIL 24, 2023
In an open letter , seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s Online Safety Bill could destroy end-to-end encryption: As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ab
Dark Reading
APRIL 27, 2023
The government needs to shift focus and reconsider how it thinks about securing our nation's digital and physical assets.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
WIRED Threat Level
APRIL 27, 2023
No matter what happens with generative AI, its disruptive forces are already beginning to play a role in the fast-approaching US presidential race.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 24, 2023
Lisa Monaco Says Justice Department Values Stopping Cybercrime Over Court Victories The United States' second-highest-ranking prosecutor said the Department of Justice has pivoted its security strategy from pursuing courtroom victories to preventing and disrupting cybercrime. Lisa Monaco said Justice officials now embrace that put victims at the center of its cybercrime response.
The Last Watchdog
APRIL 28, 2023
“Stronger together” was the theme of RSA Conference 2023 , which returned to its pre-Covid grandeur under the California sunshine last week at San Francisco’s Moscone Center. Related: Demystifying ‘DSPM’ Rising from the din of 625 vendors, 700 speakers and 26,000 attendees came the clarion call for a new tier of overlapping, interoperable, highly automated security platforms needed to carry us forward.
WIRED Threat Level
APRIL 28, 2023
In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.
Security Affairs
APRIL 28, 2023
Google obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot information stealer. Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information stealer Cryptbot. The IT giant obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
APRIL 24, 2023
Emerging AI Tech, Identity Concerns and Latest Threats Are Among the Hot Topics ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of opening-day speakers and hot topics including the emergence of AI, the latest intel on nation-state threats, security product innovation and deals, and ransomware trends. Join us for daily updates from RSA.
The Last Watchdog
APRIL 24, 2023
Patch management has always been time-consuming and arduous. But it gets done, at least to some degree, simply because patching is so crucial to a robust cybersecurity posture. Patch programs are rarely perfect though, and imperfect patching arguably enables successful cybersecurity breaches – it’s an ever-growing concern for countless IT teams. Related: MSSPs shift to deeper help Managed Security Service Providers (MSSPs) do their best to patch their client’s systems while also juggling a long
WIRED Threat Level
APRIL 26, 2023
The legislation would insert the government into online platforms' age-verification efforts—a move that makes some US lawmakers queasy.
Security Affairs
APRIL 28, 2023
The Ukrainian cyber police arrested a Ukraine man for selling the data of over 300 million people from different countries. The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries. The man had information on passport data, taxpayer numbers, birth certificates, driver’s licenses, and bank account data.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
APRIL 28, 2023
AllegisCyber Capital's Bob Ackerman on the Need to Understand Offensive Playbooks Offense is what paces innovation in cybersecurity since threat actors constantly look for new ways to compromise systems, said AllegisCyber Capital's Bob Ackerman. Many offensive cyber capabilities developed by the national intelligence community make their way into the wild and become exploitable.
The Last Watchdog
APRIL 25, 2023
Software composition analysis — SCA – is a layer of the security stack that, more so than ever, plays a prominent role in protecting modern business networks. Related: All you should know about open-source exposures This is especially true as software developers increasingly rely on generic open source and commercial components to innovate in hyperkinetic DevOps and CI/CD mode.
WIRED Threat Level
APRIL 24, 2023
To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.
Security Affairs
APRIL 28, 2023
A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versio
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
APRIL 22, 2023
Attackers Deployed DaemonSets to Steal Resources From Victims Threat actors are exploiting Kubernetes Role-Based Access Control in the wild to create backdoors and to run cryptocurrency miners. Researchers observed a recent campaign that targeted at least 60 Kubernetes clusters by deploying DaemonSets to hijack and steal resources from the victims' clusters.
Weissman's World
APRIL 27, 2023
Many of our fears about Artificial Intelligence (AI) are absolutely terrifying! So, no surprise, it’s becoming a major talking point in the information profession. And while there’s definitely something to be worried about here., it probably isn’t what you think it is. It’ll take just 3 minutes for me to tell you what it is.… Read More » Worried About AI?
WIRED Threat Level
APRIL 27, 2023
The security issues raised by ChatGPT and similar tech are just beginning to emerge, but Rob Joyce says it’s time to prepare for what comes next.
Security Affairs
APRIL 28, 2023
OpenAI announced that access to its chatbot service ChatGPT is allowed again in Italy after the company met the demands of regulators. OpenAI restored access to ChatGPT in Italy after the company met the demands of the Italian Data Protection Authority, Garante Privacy. In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
APRIL 28, 2023
Highly Structured Group Using Traces of Babuk Ransomware's Leaked Source Code RTM Locker ransomware-as-a-service operators have now turned their attention to Linux, network-attached storage devices and ESXi hosts. The highly structured group appears to be using a new ransomware strain that shows traces of Babuk ransomware's leaked source code.
OpenText Information Management
APRIL 24, 2023
As information expands exponentially, it is becoming more complex and extensive than ever before. To remain competitive, organizations must explore new ways of harnessing information – to not only power and protect it – but to innovate, ramp up growth, and increase speed to market. Since the acquisition of Micro Focus 90 days ago, OpenText … The post Announcing OpenText Cloud Editions (CE) 23.2 appeared first on OpenText Blogs.
WIRED Threat Level
APRIL 23, 2023
Pumpkin Sandstorm. Spandex Tempest. Charming Kitten. Is this really how we want to name the hackers wreaking havoc worldwide?
Security Affairs
APRIL 27, 2023
Iran-linked APT group Charming Kitten employed a new malware dubbed BellaCiao in attacks against victims in the U.S., Europe, the Middle East and India. Iran-linked Charming Kitten group, (aka APT35 , Phosphorus , Newscaster , and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
APRIL 28, 2023
Sullivan Says Prison Sentence for Him Would Deter Others From Taking CISO Positions Prosecutors are urging a U.S. federal judge to sentence former Uber CISO Joe Sullivan to 15 months in prison for his role in impeding an investigation into the ride-hailing company's security practices. Sullivan exploited "his position to cover up a deeply embarrassing event," prosecutors wrote.
Schneier on Security
APRIL 25, 2023
Following a report on its activities , the Israeli spyware company QuaDream has shut down. This was QuadDream: Key Findings Based on an analysis of samples shared with us by Microsoft Threat Intelligence , we developed indicators that enabled us to identify at least five civil society victims of QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East.
WIRED Threat Level
APRIL 22, 2023
Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more.
Expert insights. Personalized for you.
312 
Let's personalize your content