Krebs on Security
NOVEMBER 19, 2024
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.
Data Breach Today
NOVEMBER 22, 2024
One Vulnerability Had Been Undiscovered for Two Decades, Researchers Said Google researchers used an AI-powered fuzzing tool to identify 26 vulnerabilities in open-source code repositories, some of which had been lurking undiscovered for several decades. Each was found with AI, using AI-generated and enhanced fuzz targets, Google said.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
NOVEMBER 21, 2024
The recent AI+IM Forum Europe in Manchester brought together industry leaders and practitioners to explore the evolving landscape of information management in the age of artificial intelligence. Here are my key takeaways from this thought-provoking event.
WIRED Threat Level
NOVEMBER 22, 2024
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Krebs on Security
NOVEMBER 21, 2024
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
NOVEMBER 19, 2024
As organizations rush to embrace artificial intelligence (AI), many are overlooking a crucial element that could make or break their AI initiatives: effective information management. In this post, I'll explore why information lifecycle management is not just important, but essential for successful and ethical AI implementation.
Security Affairs
NOVEMBER 21, 2024
Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. “Today they are going to send me a report on the supposed hacking.
WIRED Threat Level
NOVEMBER 19, 2024
More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it.
Data Breach Today
NOVEMBER 21, 2024
FBI Ties Suspects to at Least 45 Attacks and Theft of Cryptocurrency Worth Millions The U.S. government on Wednesday unsealed criminal charges against five suspected members of the "loosely organized, financially motivated cybercriminal group" Scattered Spider. The suspects have been tied to 45 attacks, disrupting businesses and stealing cryptocurrency worth millions of dollars.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Collaboration 2.0
NOVEMBER 20, 2024
William Shatner and Leonard Nimoy reunite in a powerful short film using AI and deepfake technology to give fans the emotional farewell they deserve.
Security Affairs
NOVEMBER 21, 2024
Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities ( CVE-2024-0012 and CVE-2024-9474 ) in PAN-OS. CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain adm
WIRED Threat Level
NOVEMBER 21, 2024
Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked.
Data Breach Today
NOVEMBER 21, 2024
Members of Loosely Organized Group Recently Tied to Partnership With RansomHub Will the indictment of five alleged members of the loosely affiliated Scattered Spider cybercrime group disrupt its wider activities? The current count of known attacks tied to the group stands at over 130, but the accused have so far been tied by the FBI to only 45 of the attacks.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Collaboration 2.0
NOVEMBER 18, 2024
Using PDFs, text files, or audio files, Google's NotebookLM tool can generate a podcast episode that sounds just like two real people discussing your topic. We'll walk you through exactly how it's done.
Security Affairs
NOVEMBER 18, 2024
A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The organization launched an investigation into the incident with the help of a cybersecurity firm. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024.
Schneier on Security
NOVEMBER 21, 2024
This feels important : The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn’t need a warrant.
Data Breach Today
NOVEMBER 21, 2024
Buy of Application Security Startup Enhances Code-to-Cloud Vulnerability Management Wiz acquired application security posture management startup Dazz for $450 million to provide enterprises with a unified code-to-cloud solution. CEO Merav Bahat highlights how this partnership will streamline vulnerability management and strengthen remediation capabilities for global organizations.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Collaboration 2.0
NOVEMBER 20, 2024
Your boss has read about the power of generative AI and wants you to stop dithering about potential risks and start delivering results.
Security Affairs
NOVEMBER 18, 2024
GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. With regulators around the world intensifying scrutiny, companies are facing increasing pressure to comply with stringent data protection laws.
KnowBe4
NOVEMBER 22, 2024
Appealing to the most depraved of society, threat group FIN7 use the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT.
Data Breach Today
NOVEMBER 20, 2024
Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO Compensation Allegations of conflicts of interest in Cyberstarts’ Sunrise program have sparked debate in the CISO community. While the program connected CISOs with startups for advisory purposes, its profit-sharing incentives drew criticism, leading some participants to resign and the firm to halt compensation.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Collaboration 2.0
NOVEMBER 22, 2024
Maintaining the correct tire pressure on your vehicle not only helps you save on gas, but also makes driving safer. Stay properly inflated with the Syncwire Tire Inflator.
Security Affairs
NOVEMBER 19, 2024
Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY , DEEPDATA, and DEEPPOST.
Schneier on Security
NOVEMBER 22, 2024
Interesting analysis : We introduce and explore a little-known threat to digital equality and freedomwebsites geoblocking users in response to political risks from sanctions. U.S. policy prioritizes internet freedom and access to information in repressive regimes. Clarifying distinctions between free and paid websites, allowing trunk cables to repressive states, enforcing transparency in geoblocking, and removing ambiguity about sanctions compliance are concrete steps the U.S. can take to ensur
Data Breach Today
NOVEMBER 20, 2024
Military Says Ship-to-Shore Cranes Made in China Include Dangerous Security Flaws The United States Coast Guard is continuing to warn of significant security risks embedded in ship-to-shore cranes developed by companies with ties to Beijing while issuing new sensitive requirements for ports operating Chinese-made cranes across the country.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Collaboration 2.0
NOVEMBER 19, 2024
OpenAI's GPT-4o model makes it harder to determine who'll find free ChatGPT adequate and when ChatGPT Plus is worth it. We break down your options to help you decide.
Security Affairs
NOVEMBER 20, 2024
Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS, macOS, visionOS, and Safari web browser, which are actively exploited in the wild. The vulnerability CVE-2024-44309 is a cookie management issue in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious w
eSecurity Planet
NOVEMBER 21, 2024
Davin Jackson has joined the eSecurity Planet team as our cybersecurity expert and media personality, bringing with him nearly 20 years of experience in tech and cybersecurity. He has helped organizations of various sizes to improve their security against cyber threats. His licenses and certifications include GIAC Web Application Penetration Tester, GIAC Certified Penetration Tester (GPEN), Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker, among others.
Expert insights. Personalized for you.
237 
Let's personalize your content