The Last Watchdog
MARCH 13, 2023
This year has kicked off with a string of high-profile layoffs — particularly in high tech — prompting organizations across all sectors to both consider costs and plan for yet another uncertain 12 or more months. Related: Attack surface management takes center stage. So how will this affect chief information security officers (CISOs) and security programs?
Dark Reading
MARCH 15, 2023
The sooner CISOs become proactive in understanding the flip side of the organizations they protect, the better they'll be at their jobs.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
MARCH 12, 2023
Experts warn that employees are providing sensitive corporate data to the popular artificial intelligence chatbot model ChatGPT. Researchers from Cyberhaven Labs analyzed the use of ChatGPT by 1.6 million workers at companies across industries. They reported that 5.6% of them have used it in the workplace and 4.9% have provided company data to the popular chatbot model since it launched.
WIRED Threat Level
MARCH 15, 2023
Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. But the platform’s tools to weed them out only go so far.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. The report found that in 2022 there was a 240% increase in phishing pages that attempted to redirect potential security researchers and bots away from the sites.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 16, 2023
Microsoft Patches Another SmartScreen Signature-Based Vulnerability A financial motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group. Microsoft issued a patch in its March dump of fixes.
Security Affairs
MARCH 17, 2023
Hitachi Energy disclosed a data breach, the Clop ransomware gang stole the company data by exploiting the recent GoAnywhere zero-day flaw. Hitachi Energy disclosed a data breach, the company was hacked by the Clop ransomware gang that stole its data by exploiting the recently disclosed zero-day vulnerability in the GoAnywhere MFT (Managed File Transfer).
WIRED Threat Level
MARCH 15, 2023
Evgenii Serebriakov now runs the most aggressive hacking team of Russia’s GRU military spy agency. To Western intelligence, he’s a familiar face.
Krebs on Security
MARCH 14, 2023
Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
MARCH 16, 2023
Cybereason Enters Leaders Quadrant While Trellix Falls From Leader to Niche Player Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.
Security Affairs
MARCH 17, 2023
A new Golang-based DDoS botnet, tracked as HinataBot, targets routers and servers by exploiting known vulnerabilities. Akamai researchers spotted a new DDoS Golang-based botnet, dubbed HinataBot, which has been observed exploiting known flaws to compromise routers and servers. The experts reported that the HinataBot bot was seen being distributed since the beginning of 2023 and its operators are actively updating it.
WIRED Threat Level
MARCH 13, 2023
With victims refusing to pay, cybercriminal gangs are now releasing stolen photos of cancer patients and sensitive student records.
Krebs on Security
MARCH 15, 2023
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
MARCH 16, 2023
Also: Please Help the Sector Pay for Cybersecurity, Execs Tell Senate Panel Healthcare executives called on Congress to ensure minimum cybersecurity standards, saying a wholly voluntary approach is failing clinics and hospitals. Gaps are widest at small rural hospitals, testified a former hospital CISO before the Senate Homeland Security and Governmental Affairs Committee.
Security Affairs
MARCH 17, 2023
An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations. A few days ago, Fortinet researchers warned of an advanced threat actor that is targeting governmental or government-related entities.
WIRED Threat Level
MARCH 15, 2023
From US state laws to the international stage, definitions of “cybercrime” remain vague, broad, and increasingly entrenched in our legal systems.
KnowBe4
MARCH 16, 2023
I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they do. This post is aimed to help clarify some common misunderstandings.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MARCH 16, 2023
On Radar: Zoll, CHU Saint-Pierre, Latitude Financial, LA Housing Authority In this week's data breach roundup: medical device manufacturer Zoll, CHU University hospitals, Australian company Latitude Financial, Hawaiian death registry, Los Angeles Housing Authority, Indian Railway ticketing app, updates on U.S. Marshals Service and Congress, and a new ransomware decryptor!
Security Affairs
MARCH 17, 2023
Unquestionably, ‘insider threats’ is one of the most neglected aspects of cybersecurity and some companies fail to recognize associated dangers. Cyberattacks are growing more complex as technology advances. Many businesses concentrate their cybersecurity efforts solely on external attacks, which leaves more openings for internal risks. Some companies fail to recognise the danger of losing confidential information owing to employee negligence or malice.
WIRED Threat Level
MARCH 16, 2023
WIRED spoke with the coauthor of the Restrict Act, a bipartisan bill to crack down on tech from six “hostile” countries.
Data Protection Report
MARCH 13, 2023
EDPB Guidelines on the interplay between Article 3 and the provisions in Chapter V of the General Data Protection Regulation on international data transfers On 14 February 2023, the European Data Protection Board ( EDPB ) published its Guidelines on the interplay between Article 3 and the provisions in Chapter V of the General Data Protection Regulation ( GDPR ) on international data transfers (the Guidelines ).
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
MARCH 17, 2023
European Parliament and Council of the EU Set to Engage in Trilogue The European Parliament approved Thursday legislation creating a continentwide framework for digital identity that European leaders hope will diminish the role of big tech companies such as Google and Apple. Members of the European Parliament have pushed for additional privacy measures.
Security Affairs
MARCH 16, 2023
Google’s Project Zero hackers found multiple flaws in Samsung ’s Exynos chipsets that expose devices to remote hack with no user interaction. White hat hackers at Google’s Project Zero unit discovered multiple vulnerabilities Samsung ’s Exynos chipsets that can be exploited by remote attackers to compromise phones without user interaction. The researchers discovered a total of eighteen vulnerabilities, the four most severe of these flaws (CVE-2023-24033 and three other vulnerabilities that
WIRED Threat Level
MARCH 11, 2023
Plus: A data breach exposes Washington, Ring camera footage has a new problem, and the George Santos scandal slips into the world of cybercrime.
IT Governance
MARCH 16, 2023
The UK government has announced plans to ban ministers and civil servants from using TikTok on work devices. It follows concern regarding the data privacy practices of the Chinese-owned app, with the European Parliament making a similar ruling last week. The problems stem from TikTok’s ties to the Chinese government and the ways that people’s personal data could be used for nefarious purposes.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
MARCH 15, 2023
'Inaccessible Computers' Incident Initially Reported as Affecting 501 People A vendor of clinical and third-party administrative services to managed care organizations and healthcare providers serving elderly and disabled patients said a cybersecurity incident last summer has affected more than 4.2 million individuals.
Security Affairs
MARCH 16, 2023
Polish intelligence dismantled a cell of Russian spies that gathered info on military equipment deliveries to Ukraine via the EU member. Polish counter-intelligence has dismantled a cell of Russian spies that gathered information on the provisioning of military equipment to Ukraine via the EU member. “The ABW counter-intelligence agency has arrested nine people suspected of working for the Russian secret service,” Poland’s Interior Minister Mariusz Kaminski told reporters.
WIRED Threat Level
MARCH 15, 2023
The threat of scammers using voice deepfakes in their cons is real, but researchers say old-school voice-impersonation attacks are still the more pressing concern.
Expert insights. Personalized for you.
203 
Let's personalize your content