Krebs on Security
FEBRUARY 26, 2023
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.
The Last Watchdog
FEBRUARY 26, 2023
Of the numerous security frameworks available to help companies protect against cyber-threats, many consider ISO 27001 to be the gold standard. Related: The demand for ‘digital trust’ Organizations rely on ISO 27001 to guide risk management and customer data protection efforts against growing cyber threats that are inflicting record damage , with the average cyber incident now costing $266,000 and as much as $52 million for the top 5% of incidents.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
FEBRUARY 28, 2023
The biggest dilemmas in running a modern cybersecurity team are not all about software, said CISOs from HSBC, Citi, and Sepio.
KnowBe4
FEBRUARY 28, 2023
An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
FEBRUARY 28, 2023
The Technologies You Need to See Into Those Dark Corners A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
MARCH 1, 2023
The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures. Related: The coming of agile cryptography These secrets work similarly to passwords, allowing systems to interact with one another. However, unlike passwords intended for a single user, secrets must be distributed.
KnowBe4
MARCH 2, 2023
This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when communications systems are designed without built-in security from the get-go. It is an excellent wake-up call for your C-level execs and powerful budget ammo.
Data Breach Today
MARCH 3, 2023
US Agency Says Royal Ransomware Group Is Made Up of Experienced Threat Actors The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.
Dark Reading
FEBRUARY 27, 2023
The publisher of the Wall Street Journal, New York Post, and several other publications had last year disclosed a breach it said was the work of a state-backed actor likely working for China.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
The Last Watchdog
FEBRUARY 27, 2023
A new generation of security frameworks are gaining traction that are much better aligned to today’s cloud-centric, work-from-anywhere world. Related: The importance of ‘attack surface management’ I’m referring specifically to Secure Access Service Edge (SASE) and Zero Trust (ZT). SASE replaces perimeter-based defenses with more flexible, cloud-hosted security that can extend multiple layers of protection anywhere.
IT Governance
MARCH 1, 2023
Welcome to our February 2023 list of data breaches and cyber attacks. Our research identified 106 publicly disclosed incidents accounting for 29,582,356 breached records this month. It follows a mammoth start to the year, with more than 277 million breached records in January , and brings the running total for the year to over 300 million pieces of compromised personal data.
Data Breach Today
MARCH 3, 2023
Noname Security Is Reportedly Up for Sale But Will Have to Shed Its Unicorn Status In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
OpenText Information Management
MARCH 1, 2023
Cloud computing has gone mainstream in today’s organizations, and many are adopting a cloud-first IT strategy. While enterprises still direct significant amounts of money towards on-premises—or off-cloud—software, that spend is decreasing while the pace of cloud adoption remains high. To elaborate on the speed, scale and diversity of the cloud market, according to Gartner, worldwide … The post Cloud is changing the way supply chains operate appeared first on OpenText Blogs.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Hunton Privacy
MARCH 2, 2023
On February 28, 2023, the Colorado Office of the Attorney General announced that revised draft Colorado Privacy Act (“CPA”) rules were adopted for review by the Colorado Attorney General prior to finalization and publication in the Colorado Register. The revised rules are not final, and, as drafted, will take effect on July 1, 2023. The revised draft rules follow prior drafts dated October 10, 2022 , December 21, 2022 , and January 27, 2023.
Jamf
FEBRUARY 27, 2023
Based on OpenAI’s ChatGPT, DAN is the jailbroken version of the advanced chatbot technology that operates free from policy constraints…but is this a good thing for the advancement of AI technology or does it further complicate matters relating to mainstream adaptability in our everyday world?
Data Breach Today
MARCH 1, 2023
2019 Ransomware Breach Affected 70,000 Patients, Destroyed Records of 2,500 of Them Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
IT Governance
MARCH 2, 2023
The NCSC (National Cyber Security Centre) has announced a major update to the technical controls of Cyber Essentials. The changes, which are based on feedback from assessors and applicants, will alter the way organisations are expected to protect and manage various forms of hardware and software. It’s part of a regular review of the scheme, conducted in consultation with technical experts from the NCSC, and follows a major overhaul last year.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
KnowBe4
MARCH 1, 2023
Since phishing attacks need legitimacy to increase their deliverability, this latest twist shows how phishing scammers and hackers are working together to ensure phishing attacks continue.
Dark Reading
FEBRUARY 27, 2023
Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it.
Data Breach Today
MARCH 2, 2023
Focus Includes Critical Infrastructure Security, Secure Software Development The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations, and liability for poor software development practices.
Schneier on Security
MARCH 3, 2023
Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing regulations. His conclusion: Regulators, especially regulators in the United States, often fear accusations of stifling innovation. As such, the cryptocurrency space has grown over the past decade with very little regulatory oversight.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
KnowBe4
FEBRUARY 27, 2023
Researchers at Checkmarx warn that attackers uploaded more than 15,000 packages to NPM, the open-source repository for JavaScript packages, to distribute phishing links. The packages themselves weren’t malicious, but they contained README text files with links to phishing sites.
Dark Reading
FEBRUARY 28, 2023
The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says.
Data Breach Today
FEBRUARY 27, 2023
CISA Director Says Programming Language Swap Will End Memory Safety Vulnerabilities A top U.S. government official urged industry to become more conscientious over cybersecurity by preventing vulnerabilities from accumulating before products ship. CISA head Jen Easterly called for a more assertive role for government and an industrywide shift to memory-safe programming languages.
eSecurity Planet
MARCH 1, 2023
Wireless security is the protection of wireless networks, devices and data from unwanted access and breaches. It involves a variety of strategies and practices designed to preserve the confidentiality, integrity and availability of wireless networks and their resources. Wireless security is critical because these networks are subject to eavesdropping, interception, data theft, denial of services ( DoS ) assaults, and malware infestations.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
MARCH 3, 2023
Two vulnerabilities affecting the Trusted Platform Module ( TPM ) 2.0 library could potentially lead to information disclosure or privilege escalation. The Trusted Computing Group (TCG) is warning of two vulnerabilities affecting the implementations of the Trusted Platform Module ( TPM ) 2.0 that could potentially lead to information disclosure or privilege escalation.
Dark Reading
MARCH 1, 2023
The flaw, which drew attention in October when it was found in ConnectWise products, could pose a significant risk to the supply chain if not patched immediately.
Data Breach Today
FEBRUARY 28, 2023
Attackers Exploited Vulnerability in Third-Party Software for Access The situation at LastPass keeps getting worse: the company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
Expert insights. Personalized for you.
293 
Let's personalize your content