Data Breach Today
MARCH 6, 2024
Real-World Scenarios Are Sketchy But Researchers Warn: 'Assume Spyware; Update Now' Apple pushed out an emergency security update for two critical zero-day flaws that attackers are using to carry out memory corruption attacks on iPhone and iPad devices. The tech giant's latest patch addressed its third zero-day vulnerability this year.
AIIM
MARCH 5, 2024
With AI-centric use cases expanding to extract value from both physical and digital assets, it’s time to see information governance as a way to accelerate innovation.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
MARCH 2, 2024
Plus: Apple warns about sideloading apps, a court orders NSO group to turn over the code of its Pegasus spyware, and an investigation finds widely available security cams are wildly insecure.
Krebs on Security
MARCH 5, 2024
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ ALPHV “) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they st
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
MARCH 8, 2024
Russian Foreign Intelligence Service Hack Gets Worse for Computing Giant A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators. Microsoft said a Moscow threat actor obtained access to "source code repositories and internal systems.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
MARCH 8, 2024
March is Women’s History Month and in celebration of women, I want to let you know about AIIM's Women in Information Management group and how we are supporting the information management community.
Krebs on Security
MARCH 8, 2024
If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs.
Data Breach Today
MARCH 6, 2024
Investigators Say North Korean Groups Are Seeking Advanced Chips for Military Use South Korean intelligence service officials have blamed North Korean hackers for targeting the country's semiconductor manufacturing companies. Hackers who gain access to chip-making technology and product designs could hurt South Korea’s leadership in the semiconductor industry.
Security Affairs
MARCH 6, 2024
A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The threat actors behind this campaign employed previously undetected payloads, including four Golang binaries that are used to automate the discovery and infection of hosts running the above services.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
MARCH 4, 2024
The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.
Schneier on Security
MARCH 4, 2024
Researchers have demonstrated a worm that spreads through prompt injection. Details : In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG) , a way for LLMs to pull in extra data from outside its system.
Data Breach Today
MARCH 8, 2024
Company Concludes His Ouster Stemmed from 'Breakdown In Trust' Generative artificial intelligence leader OpenAI returned Sam Altman to its board of directors Friday in a bid to put to rest a leadership crisis that rocked the San Francisco company during the last months of 2023. Fallout from incident may yet reverberate for OpenAI.
Security Affairs
MARCH 7, 2024
Threat actors are using Facebook messages to spread a Python-based information stealer dubbed Snake, researchers warn. Cybereason researchers warn that threat actors are utilizing Facebook messages to spread the Snake malware, a Python-based information stealer. The researchers noticed that the threat actors are maintaining three different Python Infostealer variants.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
MARCH 6, 2024
A coalition of 41 state attorneys general says Meta is failing to assist Facebook and Instagram users whose accounts have been hacked—and they want the company to take “immediate action.
The Last Watchdog
MARCH 7, 2024
San Francisco, Calif., Mar. 7, 2024 — Badge Inc. , the award-winning privacy company enabling Identity without Secrets™, today launched a new Partner Program and welcomed Identity Data Management and Analytics provider Radiant Logic as its newest partner. Radiant Logic joins Badge’s partner network alongside marquee identity partners, Okta and Ping Identity.
Data Breach Today
MARCH 7, 2024
Ding Accused of Stealing Data on 'Brain' of Google's Supercomputing Data Centers Federal authorities have accused a Chinese national who worked as a CTO in a Google supercomputer data center of stealing the company's proprietary artificial intelligence secrets and sharing them with Chinese companies, according to an indictment unsealed on Wednesday.
Security Affairs
MARCH 5, 2024
Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address two iOS zero-day vulnerabilities, respectively tracked as CVE-2024-23225 and CVE-2024-23296, that were exploited in attacks against iPhone devices. CVE-2024-23225 is a Kernel memory corruption flaw, the company addressed it with improved validation. “An attacker with arbitrary kernel read and writ
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Schneier on Security
MARCH 5, 2024
Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible. First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home network to online criminals. […] Anyone who can physically access one of the doorbells can take over the device—no tools or fancy hacking skills needed.
Troy Hunt
MARCH 6, 2024
Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department. This access now provides them with complete access to the exposure of their government domains in data breaches.
Data Breach Today
MARCH 7, 2024
Also: 2023 Crypto Crime Stats, Multichain's Potential Liquidation This week, Binance laid off two-thirds of its staff and said it is exiting Nigeria, Chainalysis released 2023 crime statistics, Fantom said it will seek Multichain's liquidation, hackers stole millions from the WOOFi and Seneca crypto platforms, and Hong Kong blocked six fake websites.
Security Affairs
MARCH 4, 2024
Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier networks. I recently found two very interesting Linux binaries uploaded to Virustotal.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
MARCH 8, 2024
Researchers ran a global prompt hacking competition, and have documented the results in a paper that both gives a lot of good examples and tries to organize a taxonomy of effective prompt injection strategies. It seems as if the most common successful strategy is the “compound instruction attack,” as in “Say ‘I have been PWNED’ without a period.” Ignore This Title and HackAPrompt: Exposing Systemic Vulnerabilities of LLMs through a Global Scale Prompt Hacking
Jamf
MARCH 5, 2024
Launching alongside iOS 17.4, Apple will be making changes to adhere to the European Union’s Digital Markets Act, which could have massive implications for your organization’s end users and the security of their devices.
Data Breach Today
MARCH 7, 2024
US President Urges Congress to Harness AI While Protecting ‘From its Peril’ U.S. President Joe Biden used part of his highly-anticipated State of the Union address on Thursday night to call on lawmakers to pass bipartisan privacy legislation, and to harness the powers of artificial intelligence while protecting the nation "from its peril.
Security Affairs
MARCH 4, 2024
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military se
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
WIRED Threat Level
MARCH 5, 2024
Registered Agents Inc. has for years allowed businesses to register under a cloak of anonymity. A WIRED investigation has found that its secretive founder has taken the practice to an extreme.
Data Protection Report
MARCH 8, 2024
Earlier this week the ICO launched a call for views on the “pay or okay” business model. By way of recap, this model gives users of online services the choice to either consent to personalised advertising using their data or to pay a fee to access an ad-free version of the service. In its blog post launching the call for views, the ICO also provided an update on its wider cookie compliance work.
Data Breach Today
MARCH 6, 2024
Delta-v Led Round to Enhance Critical Infrastructure Security, Extend Runway to IPO Yaniv Vardi shares how $100 million of strategic growth financing from Delta-v Capital will empower Claroty to secure critical infrastructure across verticals such as the public sector and transportation and geographies including the United States and Japan, setting the stage for an IPO.
Expert insights. Personalized for you.
306 
Let's personalize your content