Krebs on Security

JUNE 8, 2023

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks , as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely u

IT 334

IT Security Ransomware Access 334

Data Breach Today

JUNE 3, 2023

Targeted Advertising on LinkedIn May Violate Europeans' Privacy Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.

GDPR 322

GDPR Privacy IT 322

The Last Watchdog

JUNE 6, 2023

A cloud migration backlash, of sorts, is playing out. Related: Guidance for adding ZTNA to cloud platforms Many companies, indeed, are shifting to cloud-hosted IT infrastructure, and beyond that, to containerization and serverless architectures. However, a “back-migration,” as Michiel De Lepper , global enablement manager, at London-based Runecast , puts it, is also ramping up.

Cloud 198

Cloud Compliance Risk Security 198

AIIM

JUNE 5, 2023

In honor of Pride Month in June, I wanted to share some thoughts about diversity, equity, and inclusion (DEI) in the information management industry. The Value of DEI in the Workplace Extensive research has already established the value of DEI in the workplace, with Boston Consulting Group finding that companies with diverse leadership teams report higher innovation revenue.

Energy and Utilities 158

Energy and Utilities Records Management Access IT 158

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

Access 223

Access Sales Passwords Authentication 223

The Last Watchdog

JUNE 7, 2023

Back in 2002, when I was a reporter at USA Today , I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system. Related: A call to regulate facial recognition This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

Cloud 188

Cloud Security Authentication Encryption 188

Weissman's World

JUNE 6, 2023

Here’s another good one for ya: Shinydocs’ upcoming panel webinar “The Information Supremacy” on June 20 at 11am ET! Ilona Koti, Jed Cawthorne, and I will compare and contrast the results of the 2023 AIIM Industry Watch report and Shinydocs’ own data survey, which cover such topics as: What IM challenges to prioritize in the… Read More » Join Me at “The Information Supremacy,” a Shinydocs Panel on June 20 The post Join Me at “The Information Suprema

Government 156

Government 156

Dark Reading

JUNE 6, 2023

Hackers used a little to do a lot, cracking a high-value target with hardly more than the living-off-the-land tools (PowerShell especially) found on any standard Windows computer.

135

135

Data Breach Today

JUNE 5, 2023

HHS Settlement Is Latest Involving Negative Social Media Responses Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review.

246

246

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

The Last Watchdog

JUNE 8, 2023

When Threat Intelligence Platform ( TIP ) and Security Orchestration, Automation and Response ( SOAR ) first arrived a decade or so ago, they were heralded as breakthrough advances. Related: Equipping SOCs for the long haul TIP and SOAR may yet live up to that promise. I had an evocative discussion about this at RSA Conference 2023 with Willy Leichter , vice president of marketing, and Neal Dennis , threat intelligence specialist, at Cyware , which supplies a cyber fusion solution built around a

Cloud 186

Cloud Marketing Ransomware Cybersecurity 186

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to. It was scared of UK law enforcement, and worried that this essay would reflect badly on it.

Computer and Electronics 131

Computer and Electronics Encryption Government Privacy 131

Hunton Privacy

JUNE 6, 2023

On June 2, 2023, Judge Brantley Starr of the U.S. District Court for the Northern District of Texas released what appears to be the first standing order regulating use of generative artificial intelligence (“AI”)—which has recently emerged as a powerful tool on many fronts—in court filings. Generative AI provides capabilities for ease of research, drafting, image creation and more.

Artificial Intelligence 125

Artificial Intelligence Information Security Security 125

Data Breach Today

JUNE 9, 2023

Opportunistic, Less Sophisticated Hackers Test Limits of the Concept of Code Reuse Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups.

Ransomware 270

Ransomware 270

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

The Last Watchdog

JUNE 5, 2023

As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats. Related: Leveraging human sensors Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.

Cybersecurity 113

Cybersecurity Artificial Intelligence Security Risk 113

Dark Reading

JUNE 6, 2023

Attackers could exploit a common AI experience — false recommendations — to spread malicious code via developers that use ChatGPT to create software.

136

136

OpenText Information Management

JUNE 9, 2023

As I wrote earlier, IBM brought a lawsuit against Micro Focus alleging breach of contract and copyright infringement by Micro Focus Enterprise Suite products. Here is the blog I posted as to the technical aspects of the meritless claim. We confidently asserted then that IBM’s claims are legally and factually without merit. With respect to … The post Court Dismisses IBM’s Breach of Contract Claim Against Micro Focus Finding the Claim to Lack Merit appeared first on OpenText Blogs.

119

119

Data Breach Today

JUNE 9, 2023

Progress Software Says New Vulnerabilities Are Unrelated to Zero Day Used by Clop The company behind the MOVEit managed file transfer application is urging customers into a new round of emergency patching after identifying additional vulnerabilities. "These newly discovered vulnerabilities are distinct from the previously reported vulnerability," said Progress Software.

258

258

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Hunton Privacy

JUNE 5, 2023

On May 31, 2023, the Federal Trade Commission announced a proposed order against home security camera company Ring LLC (“Ring”) for unfair and deceptive acts or practices in violation of Section 5 of the FTC Act. According to the FTC’s complaint , Ring allegedly made false or misleading representations that it took reasonable steps to ensure that Ring home security cameras are a secure means to monitor private areas of consumers’ homes.

Security 114

Security Passwords Privacy Authentication 114

John Battelle's Searchblog

JUNE 6, 2023

The Gather founding team from top left: Zan Doan, CTO, Sudhir Kandula, COO, Mengmeng Chen, Cofounder & CPO, Sumit Agarwal, Cofounder & CEO A few weeks ago I was genuinely thunderstruck. My co-editor at P&G Signal (thanks Stan!) introduced me to a new company – one that promised to give consumers control over their personal data in new and innovative ways.

Personal data 111

Personal data Military e-Delivery IT 111

IT Governance

JUNE 8, 2023

Phishing is one of the most common and dangerous forms of cyber crime. For years, the deceptively simple attack method has tricked organisations and individuals into handing over sensitive information or downloading malware. All it takes is a well-crafted email, social media post or phone message, and an employee who is too negligent or unaware to spot that its true nature.

Phishing 109

Phishing Data breaches Communications Government 109

Data Breach Today

JUNE 5, 2023

UK Payroll Provider Zellis' MOVEit Hack Affects British Airways, Boots and the BBC Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.

Ransomware 257

Ransomware 257

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Jamf

JUNE 6, 2023

An overview of the new operating systems, features and mind-blowing technology that was announced on day one of Apple’s World Wide Developers Conference (WWDC) 2023.

112

112

WIRED Threat Level

JUNE 3, 2023

Plus: Amazon’s Ring was ordered to delete algorithms, North Korea’s failed spy satellite, and a rogue drone “attack” isn’t what it seems.

IT 124

IT Privacy Security 124

eSecurity Planet

JUNE 9, 2023

Cloud native application protection platforms (CNAPP) give enterprises the tools and functionality they need to protect their cloud applications and workloads from security threats. Securing cloud-native apps requires an extensive approach that goes well beyond basic security solutions. Cloud native application protection platforms (CNAPP) accomplish that by combining a range of cloud security tools and functions such as cloud workload protection platforms (CWPP) , cloud security posture managem

Cloud 104

Cloud Compliance Analytics Risk 104

Data Breach Today

JUNE 6, 2023

Report's Lead Author Shares Top Findings, Best Practices Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents.

Data breaches 249

Data breaches Security 249

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Schneier on Security

JUNE 5, 2023

Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go about building new models, taking advantage of much more powerful hardware to consolidate all those discrete functions into a small number of domain controllers.

Risk 103

Risk Security IT Cybersecurity 103

Dark Reading

JUNE 7, 2023

Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.

114

114

eSecurity Planet

JUNE 7, 2023

AI has been the subject of a lot of hype in recent months, but one place where the hype is justified is cybersecurity. AI will completely remake the cybersecurity landscape — and create a lot of disruption in the process. To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs.

Security 104

Security Education Cybersecurity Manufacturing 104