Data Breach Today
MARCH 19, 2024
Dataset Leaked for Free; ShinyHunters Cybercrime Gang First Advertised It in 2021 Data breach blast from the past: Data pertaining to 70 million individuals that the ShinyHunters gang claimed were AT&T customers has been leaked via a hacking forum, three years after criminals first offered it for sale. AT&T said the information didn't appear to have been stolen from its systems.
Data Matters
MARCH 21, 2024
On March 13, 2024, the European Parliament formally adopted the EU Artificial Intelligence Act (“ AI Act ”) with a large majority of 523-46 votes in favor of the legislation. The AI Act is the world’s first horizontal and standalone law governing AI, and a landmark piece of legislation for the EU. The post EU Formally Adopts World’s First AI Law appeared first on Data Matters Privacy Blog.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Jamf
MARCH 20, 2024
Securing your organization is a difficult task. Choosing the right software solutions can help. Learn how a unified security platform makes security easier.
Krebs on Security
MARCH 22, 2024
The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep , an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
MARCH 20, 2024
As Nation-State Group Hacks Big Targets, Trellix's John Fokker Details Defenses Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Troy Hunt
MARCH 18, 2024
I hate having to use that word - "alleged" - because it's so inconclusive and I know it will leave people with many unanswered questions. But sometimes, "alleged" is just where we need to begin and over the course of time, proper attribution is made and the dots are joined. We're here at "alleged" for two very simple reasons: one is that AT&T is saying "the data didn't come from us", and the other is that I have no way of proving otherwise.
OpenText Information Management
MARCH 18, 2024
AI changes everything—every role, every organization, and every industry. Those who make the most of it will be poised to lead their industries. Are you ready to put this game-changing technology to work for you? Join us at OpenText™ World Europe 2024 to learn how you can reimagine work with AI. Our complimentary event will be held in three locations: London (Queen Elizabeth II Centre, April 15), Munich (MOC—Event Center Messe München, April 16 & 17), and Paris (Maison de la Chimie, April 18
Data Breach Today
MARCH 18, 2024
AI-Led Disinformation Campaign, Deepfakes Biggest Threats, Experts Warn Nation-state-led disinformation campaigns intended at eroding public trust are the biggest threat to the upcoming U.K. election, experts told a parliamentary panel on Monday. Incidents of disinformation created with artificial intelligence have already appeared.
Security Affairs
MARCH 22, 2024
Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participants earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for demonstrating 29 unique zero-days. On day one , the Team Synacktiv successfully demonstrated exploits against a Tesla car.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
eSecurity Planet
MARCH 19, 2024
Microsoft, as usual, led the pack in quantity for Patch Tuesday this March with fixes for nearly 59 vulnerabilities including two critical flaws. Patching teams may be busy with this anticipated work, but be sure to also address the off-schedule critical vulnerabilities that affect Fortinet, QNAP, Kubernetes, and WordPress plug-ins. March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE).
WIRED Threat Level
MARCH 20, 2024
Cookie pop-ups now show the number of “partners” that websites may share data with. Here's how many of these third-party companies may get your data from some of the most popular sites online.
Data Breach Today
MARCH 20, 2024
HHS: Bot-Driven Attacks Can Overwhelm Email Servers, Networks and Disrupt Workflow Federal authorities are warning healthcare and public health sector entities of email bomb attacks, a type of denial-of-service attack that can overwhelm email systems and networks and distract victims from other nefarious activities. The incidents can also disrupt clinical and business workflow.
Security Affairs
MARCH 20, 2024
Atlassian fixed tens of vulnerabilities in Bamboo, Bitbucket, Confluence, and Jira products, including a critical flaw that can be very dangerous. Atlassian addressed multiple vulnerabilities in its Bamboo, Bitbucket, Confluence, and Jira products. The most severe vulnerability, tracked as CVE-2024-1597 (CVSS score of 10), is a SQL injection flaw that impacts the org.postgresql:postgresql third-party dependency of Bamboo Data Center and Server. “This org.postgresql:postgresql Dependency
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Jamf
MARCH 18, 2024
Learn about how privilege elevation, a new feature of Jamf Connect, helps organizations balance the end user’s needs with administrative oversight without compromising device or credential security while permitting IT and Security teams to “ work smarter, not harder ”.
WIRED Threat Level
MARCH 21, 2024
The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels.
Data Breach Today
MARCH 22, 2024
Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards' A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
Security Affairs
MARCH 18, 2024
Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, unauthenticated attacker can exploit their vulnerability to execute arbitrary code on impacted servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Schneier on Security
MARCH 20, 2024
The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can’t identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said. The Port Authority says officers in 2023 roughly doubled the number of summonses issued for obstructed, missing or fictitious license plates compared wit
OpenText Information Management
MARCH 21, 2024
60 years can really fly by! On April 7, 2024, the Mainframe will turn 60. At this milestone, we should all reflect on what the mainframe has done to the computing industry. What would the world look like without it? What is the current state of the mainframe? And what is its future? This post will touch on these points and give us all a chance to celebrate the mainframe at 60 years.
Data Breach Today
MARCH 22, 2024
Latest APT29 Campaign Uses a Previously Unseen Malware Backdoor A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.
Security Affairs
MARCH 21, 2024
Boffins devised a new application-layer loop DoS attack based on the UDP protocol that impacts major vendors, including Broadcom, Microsoft and MikroTik. Researchers from the CISPA Helmholtz Center for Information Security (Germany) devised a new denial-of-service (DoS) attack, called loop DoS attack, that hundreds of thousands of internet-facing systems from major vendors.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
MARCH 22, 2024
BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. For Android, the world’s most popular and widely used mobile operating system, the program awarded over $3.4 million.
IT Governance
MARCH 20, 2024
In the UK, cyber security has been dropping down the board’s list of priorities. A 2022 Proofpoint study found that 76% of UK board members believed their organisation to be at risk of a material cyber attack in the next 12 months – higher than the global average of 65%. However, the 2023 edition of that study found that this had dropped to 44% in the UK, whereas the global average had climbed to 73%.
Data Breach Today
MARCH 20, 2024
Treasury Department Sanctions Heads of Russian 'Influence-for-Hire' Firms The U.S. Department of the Treasury sanctioned the heads of Russian-based companies for spearheading disinformation campaigns that impersonated legitimate media outlets and government organizations across the globe. The firms coordinated an information manipulation campaign targeting Latin America.
Security Affairs
MARCH 18, 2024
Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The agency discovered the incident on February 16, 2024, and immediately launched an investigation with the help of cybersecurity experts.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Schneier on Security
MARCH 18, 2024
Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which will remain in service through the year 2070.
KnowBe4
MARCH 21, 2024
The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion.
Data Breach Today
MARCH 21, 2024
Also: UnitedHealth Group, Nemesis Market, Phishing Tricks and AceCryptor This week, Flipper Devices petitioned Canada, UnitedHealth Group dealt with its attack, Nemesis Market was seized, phishers fooled ML, AceCryptor returned to Europe, Brazil and Ukraine made arrests, another Ivanti flaw, London rebuked for possible data exposure, and Fujitsu reported malware attack.
Expert insights. Personalized for you.
305 
Let's personalize your content