Data Breach Today
MARCH 6, 2023
Expert Etay Maor Says Limitations, Biases Make the AI Bot Unreliable - for Now Technologists were quick to point out that popular AI-based chatbot, ChatGPT, could lower the bar for attackers in phishing campaigns and even write malware code, but Cato Networks' Etay Maor advises taking these predictions "with a grain of salt" and explores the pros and cons of ChatGPT.
The Last Watchdog
MARCH 8, 2023
APIs (Application Programming Interfaces) play a critical role in digital transformation by enabling communication and data exchange between different systems and applications. Related: It’s all about attack surface management APIs help digital transformation by enabling faster and more efficient business processes, improving customer experience, and providing new ways to interact with your business.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
MARCH 8, 2023
Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic.
Krebs on Security
MARCH 9, 2023
A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owne
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
MARCH 7, 2023
More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Protection Report
MARCH 6, 2023
The reform of Hong Kong’s Personal Data (Privacy) Ordinance (Cap.486) (the PDPO ) is back on the agenda. In our earlier post in 2020, we reported that the Constitutional and Mainland Affairs Bureau published a discussion paper (the Discussion Paper ) seeking the Legislative Council’s Panel on Constitutional Affairs’ (the Panel ) views on proposed changes to the PDPO.
Krebs on Security
MARCH 7, 2023
The domain name registrar Freenom , whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta , which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains.
Troy Hunt
MARCH 9, 2023
What if I told you. that you could run a website from behind Cloudflare and only have 385 daily requests miss their cache and go through to the origin service? No biggy, unless. that was out of a total of more than 166M requests in the same period: Yep, we just hit "five nines" of cache hit ratio on Pwned Passwords being 99.999%. Actually, it was 99.9998% but we're at the point now where that's just splitting hairs, let's talk about how we've managed to only have two
Data Breach Today
MARCH 4, 2023
Attackers Exploit Economic Downturn by Deploying Malware in Resumes, ID Attachments Threat actors are exploiting the ongoing economic downturn using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
eSecurity Planet
MARCH 9, 2023
For budget-constrained organizations with high technical capabilities, Open Source Vulnerability Scanning tools can provide low-cost options for organizations of all sizes. However, most non-technical organizations cannot afford to retain the experienced IT talent necessary to effectively use and maintain open source tools that don’t come with formal technical support.
Dark Reading
MARCH 9, 2023
IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved.
Hunton Privacy
MARCH 8, 2023
On March 8, 2023, the UK Secretary of State for Science, Innovation and Technology, Michelle Donelan, introduced the Data Protection and Digital Information (No. 2) Bill to UK Parliament. The first version of the reform bill was originally proposed by the UK government in July 2022, but was put on pause during September 2022. According to UK government in its press release , the Bill will “introduce a simple, clear and business-friendly framework that will not be difficult or costly to implemen
Data Breach Today
MARCH 9, 2023
Hospital Chain Faults Zero-Day Vulnerability in 3rd-Party File Transfer Software Community Health Systems will soon begin notifying up to 1 million individuals estimated to have been affected by data compromise when attackers exploited a zero-day vulnerability in vendor Fortra's GoAnywhere MFT, which is secure managed file transfer software.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
KnowBe4
MARCH 8, 2023
Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that m ore than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes.
Dark Reading
MARCH 7, 2023
An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn't appear to be part of the leak.
Hunton Privacy
MARCH 10, 2023
On March 1-3, 2023, the Utah legislature passed a series of bills, SB 152 and HB 311, regarding social media usage for minors. For social media companies with more than five million users worldwide, SB 152 would require parental permission for social media accounts for users under age 18, while HB 311 would hold social media companies liable for harm minors experience on the platforms.
Data Breach Today
MARCH 8, 2023
Campaign Mainly Targets Indian And Pakistani Android Users with Romance Honey Trap A cyberespionage campaign using Trojanized apps implanted with a backdoor to exfiltrate sensitive data is doing the rounds in India and Pakistan. Researchers at cybersecurity firm Eset identify the threat actor as Transparent Tribe, a group aligned with the Pakistani government.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
MARCH 10, 2023
HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. The malware, dubbed “BlackMamba,” is the latest example of exploits that can evade even the most sophisticated cybersecurity products.
Schneier on Security
MARCH 7, 2023
This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities of Large Language Models (LLMs). They are already being adopted in practice and integrated into many systems, including integrated development environments (IDEs) and search engines. The functionalities of current LLMs can be modulated via natural language prompts, while their exact internal functionality remains implicit and unass
Hunton Privacy
MARCH 7, 2023
On March 7, 2023, the Irish Data Protection Commission (“DPC”) published its Annual Report for 2022 (the “Report”). The Report contains details on several areas of the DPC’s work, including complaints from data subjects received by the DPC, personal data breach notifications received by the DPC and statutory inquiries conducted by the DPC. Highlights from the Report include: During 2022, the DPC received 2,700 complaints from data subjects under the General Data Protection Regulation (“GDPR”).
Data Breach Today
MARCH 8, 2023
An Estimated 600,000 Customers Affected by Breach Records of more than half a million customers of a lending service owned by India's largest private sector bank are apparently downloadable for free on a criminal data breach forum. HDFC Bank says it detected a data breach at one of its service providers that processes customer information.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
IT Governance
MARCH 7, 2023
Welcome to our March 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we’re dedicating our feature to a topic that has been circling the cyber security sector – and many others besides – for some time: AI (artificial intelligence).
KnowBe4
MARCH 7, 2023
ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you with a fake new ChatGPT feature.
Hunton Privacy
MARCH 6, 2023
On March 2, 2023, the FTC announced a proposed order against BetterHelp, Inc., an online mental health counseling service, for sharing consumer data, including sensitive mental health information, with third parties for targeted advertising and other purposes. The FTC’s proposed order is notable, in that it is the first such order that would return funds to consumers whose health data was affected.
Data Breach Today
MARCH 6, 2023
Group Threatens Full Data Dump If Its Extortion Demands Are Not Met Play ransomware hackers attempting to extort the San Francisco Bay Area city of Oakland dumped 10 gigabytes of stolen information over the weekend and threatened that more dumps may come. Researchers have spotted similarities between the Play, Hive and Nokoyawa ransomware groups.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
IT Governance
MARCH 9, 2023
This week, we discuss a data breach affecting WH Smith, the latest proposals to reform data protection law in the UK, TikTok’s response to being banned by the European Commission and European Parliament, and the proposed US RESTRICT Act, and a woman who has been sentenced for defrauding Luton Borough Council in a cyber attack. The post IT Governance Podcast 2023-5: WH Smith, the Data Protection and Digital Information Bill, TikTok appeared first on IT Governance UK Blog.
OpenText Information Management
MARCH 8, 2023
“I raise up my voice—not so that I can shout, but so that those without a voice can be heard. … We cannot all succeed when half of us are held back.” Malala Yousafzai Today on International Women’s Day (IWD), we raise up our voices to celebrate the good and speak out against the unjust. … The post International Women’s Day 2023: Embrace Equity appeared first on OpenText Blogs.
Dark Reading
MARCH 6, 2023
The third iteration of the Exploit Prediction Scoring System (EPSS) performs 82% better than previous versions, giving companies a better tool for evaluating vulnerabilities and prioritizing patching.
Expert insights. Personalized for you.
228 
Let's personalize your content