Data Breach Today
APRIL 8, 2024
Tech Giant Asks Creators to Declare Content with 'Made with AI' Label Meta will slap a "made with AI" label on generative artificial intelligence contest posted onto its social media sites starting in May, a change the social media giant says will result in more content carrying a warning for users. The company will look for "industry standard AI image indicators.
AIIM
APRIL 11, 2024
It’s funny how corporate leaders get serious about information governance right after their company has been hit with a lawsuit or regulatory action. OK, it’s not funny at all. But that’s usually when many executives decide it's time to implement information governance and in particular, document retention. We’re here to advise you to not put off having a defensible retention p rogram in place long before any legal action occur s.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 11, 2024
Cybersecurity occupies a growing priority status in merger and acquisition discussions. But what about the specific role of identity security? SailPoint's Lori Diesen showcases the value of transitioning to SaaS-based identity security to reduce risk during M&A activity.
Security Affairs
APRIL 6, 2024
Cisco warns customers of Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site scripting flaw. Cisco warns of a Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers Cross-Site scripting (XSS) flaw. The medium severity issue, tracked as CVE-2024-20362 (CVSS score 6.1), resides in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Krebs on Security
APRIL 10, 2024
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com , which until very recently rendered as fedex.com in tweets.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 8, 2024
Warning: Low-Tech, Deceptive Social Engineering Attacks Remain Difficult to Detect British police are investigating attempts to target Members of Parliament, their advisers and other Conservative and Labour insiders via spear-phishing messages as part of an apparent honeytrap sexting scam. Experts say low-tech attacks based on social engineering remain difficult to detect.
Security Affairs
APRIL 10, 2024
Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux. Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux. The vulnerability is an Improper Control of Generation of Code (‘Code Injection’) issue that resides in FortiClientLinux.
Krebs on Security
APRIL 11, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.
WIRED Threat Level
APRIL 11, 2024
Privacy-focused company DuckDuckGo is launching a tool to remove data from people-search websites, a VPN, and an identity theft restoration service.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
APRIL 12, 2024
Experts Warn AI Tools Can Now Compromise Voice Password Systems Used by Many Banks At many financial institutions, your voice is your password. Tiny variations in pitch, tone and timbre make human voices an ideal method for authenticating customers - as long as computers can't be trained to synthesize those pitch, tone and timbre characteristics in real time.
Security Affairs
APRIL 9, 2024
Researchers found multiple vulnerabilities in LG webOS running on smart TVs that could allow attackers to gain root access to the devices. Bitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices. The vulnerabilities discovered by the researchers impact WebOS versions 4 through 7 running on LG TVs. “WebOS runs a service on ports 3000/3001 (HTTP/HTTPS/WSS) which is used by
Krebs on Security
APRIL 9, 2024
If only Patch Tuesdays came around infrequently — like total solar eclipse rare — instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month’s patch batch — a record 147 flaws in Windows and related software.
WIRED Threat Level
APRIL 8, 2024
AI tools are getting better at cloning people's voices, and scammers are using these new capabilities to commit fraud. Avoid getting swindled by following these expert tips.
Advertiser: ZoomInfo
Incorporating generative AI (gen AI) into your sales process can speed up your wins through improved efficiency, personalized customer interactions, and better informed decision- making. Gen AI is a game changer for busy salespeople and can reduce time-consuming tasks, such as customer research, note-taking, and writing emails, and provide insightful data analysis and recommendations.
Data Breach Today
APRIL 10, 2024
Survey: SMBs, Charities Mostly Targeted With Phishing, Online Impersonation in 2023 Cybercriminals launched 7.78 million attacks against U.K. businesses and nearly 1 million against charity organizations, according to the latest U.K. government survey report. But fewer than half of those firms reported the incidents to authorities, something researchers say is a concerning trend.
Security Affairs
APRIL 8, 2024
Greylock McKinnon Associates, a service provider for the Department of Justice, suffered a data breach that exposed data of 341650 people. Greylock McKinnon Associates (GMA) provides expert economic analysis and litigation support to a diverse group of domestic and international clients in the legal profession, the business community, and government agencies, including the Department of Justice (DoJ).
The Last Watchdog
APRIL 8, 2024
CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. Related: The ‘cyber’ case for D&O insurance Vanessa Pegueros knows this all too well. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. I recently attended an IoActive-sponsored event in Seattle at which Pegueros gave a presentation titled: “Merging Cybersecurity, the Board & Executive Team” Peguero
WIRED Threat Level
APRIL 12, 2024
US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans' information.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
APRIL 12, 2024
US Cyber Mission Force Led 22 Defensive Cyber Operations in 2023, Commander Says Air Force Gen. Timothy Haugh told the Senate Armed Services Committee the U.S. Cyber Command carried out nearly two dozen defensive cyber operations across the globe in 2023, expanding in size and scope since the "hunt forward" teams were first launched in 2014.
Security Affairs
APRIL 8, 2024
The U.S. Department of Health and Human Services (HHS) warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The U.S. Department of Health and Human Services (HHS) reported that threat actors are carrying out attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The Health Sector Cybersecurity Coordination Center (HC3) recently observed threat actors using sophisticated social engineering tactics to target IT help desks in the
Schneier on Security
APRIL 11, 2024
Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery : The security of the global internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers.
WIRED Threat Level
APRIL 6, 2024
Ad trackers are out of control. Use a browser that reins them in.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
APRIL 8, 2024
RansomHub Claims It Has 4TBs of Data Stolen by BlackCat in Change Healthcare Attack A second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as-a-service group BlackCat claims to have stolen in February. Is this the latest ruse in a messy attack?
Security Affairs
APRIL 11, 2024
Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. The company fixed the following DoS vulnerabilities: CVE-2024-3385 – The company reported that a packet processing mechanism in Palo Alto Networks PAN-OS software allows a remote attacker to reboot hardware-based fire
Schneier on Security
APRIL 8, 2024
This is a newly discovered email vulnerability: The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible.
WIRED Threat Level
APRIL 9, 2024
The US Congress will this week decide the fate of Section 702, a major surveillance program that will soon expire if lawmakers do not act. WIRED is tracking the major developments as they unfold.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
APRIL 11, 2024
Also: A Romanian Botnet and Alcohol Counselor Monument Settles with US FTC Over Ads This week, Sisense supply chain attack, a likely Romanian botnet, Patch Tuesday, an Apple spyware warning and AT&T notifies customers of breach. Alcohol counselor Monument shared data with Meta, a breach of Home Depot employee data, a breach at Targus and a threat actor targeted Moroccan activists.
Security Affairs
APRIL 12, 2024
Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, but the employed recognized the attack and the attempt failed.
Schneier on Security
APRIL 10, 2024
Last week I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version.
Expert insights. Personalized for you.
304 
Let's personalize your content