Data Breach Today
MARCH 6, 2023
Expert Etay Maor Says Limitations, Biases Make the AI Bot Unreliable - for Now Technologists were quick to point out that popular AI-based chatbot, ChatGPT, could lower the bar for attackers in phishing campaigns and even write malware code, but Cato Networks' Etay Maor advises taking these predictions "with a grain of salt" and explores the pros and cons of ChatGPT.
The Last Watchdog
MARCH 8, 2023
APIs (Application Programming Interfaces) play a critical role in digital transformation by enabling communication and data exchange between different systems and applications. Related: It’s all about attack surface management APIs help digital transformation by enabling faster and more efficient business processes, improving customer experience, and providing new ways to interact with your business.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
MARCH 8, 2023
Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic.
Krebs on Security
MARCH 9, 2023
A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owne
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Dark Reading
MARCH 7, 2023
More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
MARCH 10, 2023
A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store reaching over 50,000 installations.
Krebs on Security
MARCH 7, 2023
The domain name registrar Freenom , whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta , which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains.
WIRED Threat Level
MARCH 7, 2023
Once praised for its generous social safety net, the country now collects troves of data on welfare claimants.
Data Breach Today
MARCH 8, 2023
Campaign Mainly Targets Indian And Pakistani Android Users with Romance Honey Trap A cyberespionage campaign using Trojanized apps implanted with a backdoor to exfiltrate sensitive data is doing the rounds in India and Pakistan. Researchers at cybersecurity firm Eset identify the threat actor as Transparent Tribe, a group aligned with the Pakistani government.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Security Affairs
MARCH 9, 2023
Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: [link] Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. The latest Cybernews discovery showcases that popular car brands sometimes leave their doors open, as if inviting threat actors to feast on their client data.
Troy Hunt
MARCH 9, 2023
What if I told you. that you could run a website from behind Cloudflare and only have 385 daily requests miss their cache and go through to the origin service? No biggy, unless. that was out of a total of more than 166M requests in the same period: Yep, we just hit "five nines" of cache hit ratio on Pwned Passwords being 99.999%. Actually, it was 99.9998% but we're at the point now where that's just splitting hairs, let's talk about how we've managed to only have two
WIRED Threat Level
MARCH 8, 2023
After successful autonomous flight tests in December, the military is ramping up its plans to bring artificial intelligence to the skies.
Data Breach Today
MARCH 4, 2023
Attackers Exploit Economic Downturn by Deploying Malware in Resumes, ID Attachments Threat actors are exploiting the ongoing economic downturn using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
MARCH 10, 2023
AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. CPNI is information related to the telecommunications services purchased by the customers, including the number of lines for each account or the wireless plan to which customers are subscribed. “We recently determined that an un
Data Protection Report
MARCH 6, 2023
The reform of Hong Kong’s Personal Data (Privacy) Ordinance (Cap.486) (the PDPO ) is back on the agenda. In our earlier post in 2020, we reported that the Constitutional and Mainland Affairs Bureau published a discussion paper (the Discussion Paper ) seeking the Legislative Council’s Panel on Constitutional Affairs’ (the Panel ) views on proposed changes to the PDPO.
WIRED Threat Level
MARCH 4, 2023
Plus: The US Marshals disclose a “major” cybersecurity incident, T-Mobile has gotten pwned so much, and more.
Data Breach Today
MARCH 9, 2023
Hospital Chain Faults Zero-Day Vulnerability in 3rd-Party File Transfer Software Community Health Systems will soon begin notifying up to 1 million individuals estimated to have been affected by data compromise when attackers exploited a zero-day vulnerability in vendor Fortra's GoAnywhere MFT, which is secure managed file transfer software.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
MARCH 10, 2023
An international law enforcement operation seized the infrastructure associated with the NetWire RAT and resulted in the arrest of its administrator. A coordinated international law enforcement operation resulted in the seizure of the infrastructure associated with the NetWire RAT, the police also arrested its administrator. Busted! A coordinated #lawenforcement action has taken down the #Netwire Remote Access Trojan infrastructure.
KnowBe4
MARCH 8, 2023
Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that m ore than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes.
WIRED Threat Level
MARCH 6, 2023
A system used by the Dutch city of Rotterdam ranked people based on their risk of fraud. The results were troubling.
Data Breach Today
MARCH 8, 2023
An Estimated 600,000 Customers Affected by Breach Records of more than half a million customers of a lending service owned by India's largest private sector bank are apparently downloadable for free on a criminal data breach forum. HDFC Bank says it detected a data breach at one of its service providers that processes customer information.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Security Affairs
MARCH 9, 2023
Akamai has mitigated the largest DDoS (distributed denial of service) attack ever, which peaked at 900.1 gigabits per second. Akamai reported that on February 23, 2023, at 10:22 UTC, it mitigated the largest DDoS attack ever. The attack traffic peaked at 900.1 gigabits per second and 158.2 million packets per second. The record-breaking DDoS was launched against a Prolexic customer in Asia-Pacific (APAC). “On February 23, 2023, at 10:22 UTC, Akamai mitigated the largest DDoS attack ever la
Dark Reading
MARCH 7, 2023
An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn't appear to be part of the leak.
WIRED Threat Level
MARCH 5, 2023
Peter Eckersley did groundbreaking work to encrypt the web. After his sudden death, a new organization he founded is carrying out his vision to steer artificial intelligence toward “human flourishing.
Data Breach Today
MARCH 7, 2023
7 Tips to Reduce Risk to Patients, Beneficiaries and the Organization As healthcare becomes increasingly interconnected, web tracking is easy to overlook but could introduce additional risks to patient privacy. Learn about the different kinds of patient data and the seven recommendations for reducing risk to patients, beneficiaries and the organization.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
MARCH 9, 2023
The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was employed in attacks against several media and entertainment organizations worldwide. The ransomware initially targeted only Windows-based systems, with a focus on technology companies.
Schneier on Security
MARCH 7, 2023
This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities of Large Language Models (LLMs). They are already being adopted in practice and integrated into many systems, including integrated development environments (IDEs) and search engines. The functionalities of current LLMs can be modulated via natural language prompts, while their exact internal functionality remains implicit and unass
WIRED Threat Level
MARCH 4, 2023
Employee monitoring increased with Covid-19’s remote work—and stuck around for back-to-the-office.
Expert insights. Personalized for you.
268 
Let's personalize your content