Dark Reading
FEBRUARY 15, 2023
Incident response triage and software vulnerability discovery are two areas where the large language model has demonstrated success, although false positives are common.
The Last Watchdog
FEBRUARY 13, 2023
When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft or to getting compromised. This can happen due to intentional theft, human error, malware, or even physical destruction of servers.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
KnowBe4
FEBRUARY 14, 2023
Attackers are abusing a legitimate service called “GeoTargetly” to launch localized phishing attacks, according to Jeremy Fuchs at Avanan. GeoTargetly is meant to be used by advertisers to display ads in countries’ local languages. Avanan observed a phishing campaign that’s using phishing emails to target multiple countries in South America.
Schneier on Security
FEBRUARY 16, 2023
Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun using ChatGPT as a “ coding assistant ” of sorts to help them write or improve strings of code, the report
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
eSecurity Planet
FEBRUARY 14, 2023
In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The process for creating the report was time-consuming, manual and costly.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
FEBRUARY 17, 2023
Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains.
KnowBe4
FEBRUARY 17, 2023
The curse of knowledge is a cognitive bias that occurs when someone is trying to communicate information to another person, but falsely assumes that the other person has the same level of knowledge or understanding of the topic. This can lead to the communicator overestimating the other person's understanding of the subject, and thus not providing enough detail or explanation.
eSecurity Planet
FEBRUARY 15, 2023
Microsoft’s February 2023 Patch Tuesday fixes 75 vulnerabilities, nine of them rated critical, and three (all rated important) that are being exploited. “This is only the second Patch Tuesday of the year, and we have already tripled the number of weaponized threats that need to be fixed in this release,” Syxsense CEO and founder Ashley Leonard told eSecurity Planet. “We also have five patches that resolve vulnerabilities with a CVSS score of more than 9 (critical), which
Data Breach Today
FEBRUARY 14, 2023
The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Tonto Team may be a unit of China's People's Liberation Army. Malwarebytes says the group has ramped up spying against Russian government agencies.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
FEBRUARY 17, 2023
Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers.
Hunton Privacy
FEBRUARY 15, 2023
On February 14, 2023, in a Draft Motion for a Resolution on the adequacy of the protection afforded by the proposed EU-U.S. Data Privacy Framework (the “Framework”), the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the “Committee”) urged the European Commission not to adopt adequacy based on the Framework, on the basis that it “fails to create actual equivalence” with the EU in the level of data protection that it provides.
Jamf
FEBRUARY 17, 2023
Jamf Threat Labs investigated a WebKit vulnerability that was exploited in the wild. Attackers can exploit CVE-2022-42856 to control code execution within WebKit, giving them the ability to read/write files. This blog explores what the vulnerability looked like in the code and the patches Apple applied.
Data Breach Today
FEBRUARY 11, 2023
Group Says It Has Confidential Data, Tech Docs; A10 Says Operations Not Impacted The Play ransomware group listed networking hardware manufacturer A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber. The group says it has confidential data, technical documentation and more.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
OpenText Information Management
FEBRUARY 16, 2023
No matter your industry or business function, whether you’re dealing with highly complex and regulated processes like clinical trials; simply need to automate manual data entry into everyday tools; or want a fast track to the cloud, seamlessly connecting content to process is essential to meet the demands of modern work. With Cloud Edition (CE) … The post Master modern work with intelligent, connected, secure and responsible experiences appeared first on OpenText Blogs.
Dark Reading
FEBRUARY 14, 2023
How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.
IT Governance
FEBRUARY 14, 2023
Confidentiality, integrity and availability. These are the three components of the CIA triad, an information security model designed to protect sensitive information from data breaches. The CIA triad is a widely accepted principle within the industry, and is used in ISO 27001 , the international standard for information security management. It’s also referenced in the GDPR (General Data Protection Regulation) , with Article 32 stating that organisations must “implement appropriate technical and
Data Breach Today
FEBRUARY 14, 2023
Group Targeted American Victims and Pocketed Over 5 Million Euros Police busted nine members of a cyber fraud gang that targeted mainly Americans. Spanish police arrested eight members, and U.S. authorities arrested one. In less than a year, the ring pocketed 5 million euros in scammed funds, say the Spanish National Police.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
FEBRUARY 17, 2023
Managed detection and response (MDR) goes beyond other managed security services by essentially giving organizations their own expert security analyst team to help identify and respond to cyber threats. The emergence of MDR was in many ways inevitable. Security has become so time-consuming and complex that many organizations have realized, vital though the function is, that it lies well beyond their core competency and has become a distraction to their regular business model.
Dark Reading
FEBRUARY 17, 2023
The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack.
IT Governance
FEBRUARY 16, 2023
Pepsi Bottling Ventures confirmed this week that vast quantities of personal data were stolen in a cyber attack. The incident began late last year, after criminal hackers broke into the organisation’s systems and installed malware. It took almost three weeks for Pepsi Bottling Ventures, the largest bottler of Pepsi-Cola in the US, to spot the intrusion, during which time the attackers had widespread access to its internal systems.
Data Breach Today
FEBRUARY 16, 2023
Vulnerability Potentially Caused Deaths and Thousands of Thefts in the US Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Hanzo Learning Center
FEBRUARY 15, 2023
In the 2022 Collaboration Data Benchmarking Report , just over a third (38%) of organizations said that they could not live without collaboration tools, while another 35% said that some of their teams could not live without collaboration tools. When asked how important collaboration tools will be 12 months down the road, 16% of organizations said they wouldn’t be able to live without them, while 37% said they will become more dependent on them.
Dark Reading
FEBRUARY 17, 2023
A growing group of OWASP members and board leaders are calling for the AppSec group to make big changes to stay apace with modern development.
Collibra
FEBRUARY 13, 2023
If you’re a Collibra user, you may have noticed in our recent releases that some areas look a little different — modern and even more user-friendly. That’s thanks to Arbor — Collibra’s newest design system. Arbor is a React-based system that was built on a solid foundation of Material UI v5 components and has now evolved to encompass so much more.
Data Breach Today
FEBRUARY 17, 2023
The Campaign Installed Malware on Internal Systems and Obtained Source Code Internet domain registrar GoDaddy says it is the victim of a yearslong hacking campaign that installed malware on internal systems and obtained source code. The hackers' "apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution," the company says.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
eSecurity Planet
FEBRUARY 17, 2023
Threat hunting starts with a pretty paranoid premise: That your network may have already been breached and threat actors may be inside waiting for an opportunity to strike. Sadly, that turns out to be true in many cases. You can’t be paranoid enough when it comes to cybersecurity. And that’s why cyber threat hunting adds human and technical elements to cyber defenses to try to find signs that those cyber defenses may have already been breached.
Dark Reading
FEBRUARY 14, 2023
78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting.
Security Affairs
FEBRUARY 16, 2023
During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022. Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!
Expert insights. Personalized for you.
111 
Let's personalize your content