AIIM
JANUARY 2, 2025
When Systems Don't Talk to Each Other In my organization, we have dozens of corporate systems, and all of them do really important things as part of the work of the organization. But if somebody wants to ask a question like, "How are we providing services into a particular community?" and "What are the types of services in a particular community we're offering over time?
Data Breach Today
JANUARY 3, 2025
Developers Listed as Public Contact Points Targeted in Phishing Campaign A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
JANUARY 2, 2025
Lukasz Olejnik writes about device fingerprinting, and why Google’s policy change to allow it in 2025 is a major privacy setback.
Security Affairs
JANUARY 2, 2025
The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjackingis a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
AIIM
DECEMBER 31, 2024
As we reflect on the transformative developments in AI and automation throughout 2024, several key trends have emerged that are shaping the future of information management. During a recent webinar , AIIM Florida Chapter Chairman Craig Laue and I discussed the top industry news and research of the year and what they mean for the future of the industry.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
JANUARY 3, 2025
A network of Facebook pages has been advertising fuel filters that are actually meant to be used as silencers, which are heavily regulated by US law. Even US military officials are concerned.
Security Affairs
DECEMBER 29, 2024
ZAGG Inc. notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. ZAGG Inc. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce. The company has not disclosed the number of impacted customers were impacted by this security breach.
Data Breach Today
JANUARY 3, 2025
iPhone Maker Introduced Feature Without Explicit Consent Apple's artificial intelligence-led photo analyzer is raising privacy concerns months after the company appears to have enabled the feature by default. It uses a combination of on-device machine learning and encrypted cloud-based processing.
Collaboration 2.0
JANUARY 3, 2025
Cache and cookies can clog your browser and slow down your iPhone, but there's a simple way to bring your device back up to speed and give it a performance boost for the new year. Here's how.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Adam Shostack
JANUARY 2, 2025
My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design. I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach.
Security Affairs
JANUARY 3, 2025
Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol) are two protocols used to retrieve and manage emails from mail servers.
Data Breach Today
DECEMBER 31, 2024
9 Telcos Have Been Breached by Beijing-Backed 'Salt Typhoon,' White House Says U.S. telecommunications giants AT&T and Verizon Communications believe they have finally ejected Chinese cyber espionage hackers from their networks. The White House said the "Salt Typhoon" nation-state hackers infiltrated at least nine U.S. telcos' infrastructure, and have been hard to eject.
Collaboration 2.0
JANUARY 2, 2025
If you have an aging computer and want to give it new life, there are plenty of lightweight Linux distributions that will serve you for years to come.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
JANUARY 1, 2025
Your messages going back years are likely still lurking online, potentially exposing sensitive information you forgot existed. But there's no time like the present to do some digital decluttering.
Security Affairs
JANUARY 3, 2025
FireScam malware steals credentials and financial data by monitoring Android app notifications and sending data to a Firebase database. Cybersecurity firm Cyfirma warns of the FireScam Android info-stealing malware that supports spyware capabilities. The malicious code steals credentials and financial data by monitoring app notifications and sending the information to a Firebase database.
Data Breach Today
JANUARY 3, 2025
DDoS Attacks Primarily Target Logistics, Government and Financial Entities A spate of distributed denial-of-service attacks during the end-of-year holiday season disrupted operations at multiple Japanese organizations, including the country's largest airline, wireless carrier and prominent banks. The effect of the attacks has been temporary.
Collaboration 2.0
DECEMBER 31, 2024
It's a tiny PC with lots of power and tons of potential - and it's not a Raspberry Pi.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
WIRED Threat Level
DECEMBER 30, 2024
Treasury says hackers accessed certain unclassified documents in a major breach, but experts believe the attacks impacts could prove to be more significant as new details emerge.
Security Affairs
DECEMBER 30, 2024
China-linked threat actors breached the U.S. Treasury Department by hacking a remote support platform used by the agency. China-linked threat actors breached the U.S. Treasury Department via a compromised remote support platform. The Treasury Department discovered the security breach on December 8th from its vendor BeyondTrust , according to a letter to lawmakers.
Data Breach Today
DECEMBER 30, 2024
Hackers Targeted a PAN-OS Flaw Days After Its Disclosure A suspected Chinese hacking campaign that began in November is exploiting a vulnerability in Palo Alto firewalls to install a custom malware backdoor for espionage. UNC5325 activity aligns with the Chinese hacking strategy of targeting edge devices.
Collaboration 2.0
DECEMBER 30, 2024
By now, you've probably heard that Google plans to migrate Chromebooks to Android, but I believe there's a much better option that's already proven itself.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
WIRED Threat Level
JANUARY 3, 2025
Many people reported they hit a screen preventing them from seeing the alert unless they signed in.
Adam Shostack
JANUARY 2, 2025
A new paper on 'Pandemic Scale Cyber Events Josiah Dykstra and I have a new pre-print at Arxiv, Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19. The abstract is: The devastating health, societal, and economic impacts of the COVID-19 pandemic illuminate potential dangers of unpreparedness for catastrophic pandemic-scale cyber events.
Data Breach Today
DECEMBER 30, 2024
Users of Cyberhaven's Data-Loss Prevention Chrome Extension Among Those Targeted Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a data-loss tool built by cybersecurity startup Cyberhaven, which said attackers appeared to be targeting Facebook Ads accounts.
Collaboration 2.0
JANUARY 2, 2025
If you're a fan of OnlyOffice Desktop Editors and AI, you'll be thrilled to know those two things have come together to make your life a bit easier. Here's how I did it in four easy steps.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
JANUARY 3, 2025
Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including inpatient and outpatient care, emergency services, and specialty care in areas such as cardiology, onco
Adam Shostack
JANUARY 2, 2025
Threat model Thursday, let's dive deep into a detailed approach to using ATT&CK For Threat Model Thursday, lets look at Threat Modeling with ATT&CK from the Center for Threat Informed Defense at MITRE. As always with Threat Model Thursday, my goal is to respectfully engage with interesting work and ask what we can learn from it. This one is particularly interesting because Ive been teaching threat modeling with kill chains, including ATT&CK, for many years.
Data Breach Today
JANUARY 3, 2025
Access Management Leaders Remain Unchanged as Customer Identity Cases Proliferate Advances in customer identity around better user experience, strong authentication, and centralized identity processes have driven rapid growth in the access management market. The space by grew 17.6% to $5.85 billion in 2023 as organizations increasing look to replace homegrown CIAM solutions.
Expert insights. Personalized for you.
118 
Let's personalize your content