The Last Watchdog
JANUARY 8, 2023
In golf there’s a popular saying: play the course, not your opponent. Related: How ‘CAASM’ closes gaps. In an enterprise, it’s the same rule. All areas of an organization need to be free to “play their own game.”. And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation.
Dark Reading
JANUARY 12, 2023
Organizations must be vigilant about balancing performance gains with security, governance, and compliance as they expand their use of Kubernetes.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 12, 2023
Organizations Need to Know How Privacy Laws Affect Compliance Demands
Krebs on Security
JANUARY 9, 2023
Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
JANUARY 12, 2023
Attack Is Disrupting International Mail Export Services The cyber incident at the Royal Mail that is impeding exports from the United Kingdom is reportedly a ransomware attack by the LockBit ransomware-as-a-service group. Britain's national postal service told customers Thursday not to post export items.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
IT Governance
JANUARY 9, 2023
Welcome to our review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly lists of data breaches and cyber attacks. Here, you’ll find an overview of the cyber security landscape in 2022, including the total number of publicly disclosed security incidents, the number of compromised records and the sectors most susceptible to data breaches.
Krebs on Security
JANUARY 10, 2023
Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency , and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection.
Data Breach Today
JANUARY 13, 2023
Bug Exploited Symbolic Links to Find a File Path to Sensitive Data A high-severity vulnerability patched by Google Chrome a few months ago allowed hackers to steal sensitive files such as crypto wallets. Hackers increasingly are targeting individuals and organizations that hold cryptocurrencies, writes Imperva security researcher Ron Masas, who discovered the flaw.
eSecurity Planet
JANUARY 11, 2023
Microsoft’s first Patch Tuesday of 2023 addresses 98 vulnerabilities, more than twice as many as last month – including one zero-day flaw that’s being actively exploited, as well as 11 critical flaws. The zero-day, CVE-2023-21674 , is a Windows Advanced Local Procedure Call (ALPC) elevation of privilege vulnerability with a CVSS score of 8.8.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Schneier on Security
JANUARY 9, 2023
The two people who shut down four Washington power stations in December were arrested. This is the interesting part: Investigators identified Greenwood and Crahan almost immediately after the attacks took place by using cell phone data that allegedly showed both men in the vicinity of all four substations, according to court documents. Nowadays, it seems like an obvious thing to do—although the search is probably unconstitutional.
Dark Reading
JANUARY 13, 2023
Rhadamanthys spreads through Google Ads that redirect to bogus download sites for popular workforce software — as well as through more typical malicious emails.
Data Breach Today
JANUARY 9, 2023
Check Point Spotted Hacking Forum Posters Probing AI Tool's Malware Capabilities Low-level hackers are probing the capacity of ChatGPT to generate scripts that could be used toward criminal ends, such as for stealing files or malicious encryption. One poster on a hacking forum described the process as writing pseudo-code. More sophisticated cases are likely a matter of time.
eSecurity Planet
JANUARY 10, 2023
In a paper published late last month, 24 Chinese researchers suggested that RSA-2048 encryption could be broken using a quantum computer with 372 physical quantum bits. Cryptographer Bruce Schneier drew attention to the paper [PDF] last week in a blog post , noting that IBM recently announced a 433-qubit quantum computer, far exceeding the researchers’ stated requirements. “This is something to take seriously,” Schneier wrote. “It might not be correct, but it’s not
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
OpenText Information Management
JANUARY 10, 2023
Network security is constantly evolving. To stay ahead of bad actors, follow these 10 best practices to reduce the risk of data compromise. 1. Review the basics As obvious as it sounds, it’s always good to start by auditing the basic security elements of your network: Are your facilities, servers and systems physically secure? Are … The post Top 10 network security best practices appeared first on OpenText Blogs.
Data Protection Report
JANUARY 9, 2023
With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. . Privacy developments in Singapore – enhanced financial penalties under Personal Data Protection Act 2012 (Singapore PDPA), Singapore Court of Appeal clarifies right to private action under PDPA and Singapore High Cou
Data Breach Today
JANUARY 13, 2023
Agency Says the Company's Policies Violated National Data Protection Law TikTok must pay a fine of 5 million euros to the French government after the country's data protection agency said the short-form video app violated national privacy law restricting the monitoring of web browser activity. TikTok is at the center of a number of privacy controversies worldwide.
Dark Reading
JANUARY 12, 2023
A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
OpenText Information Management
JANUARY 13, 2023
Recently I wrote a blog outlining why intelligent capture is the secret weapon Life Sciences companies need. I talked about how Life Sciences companies need to implement intelligent capture technology to transform documents into actionable business insights and achieve their digital transformation goals. Whether you’re in clinical trials, R&D labs, or invoicing, having the ability … The post <a><strong>How to prepare for intelligent capture in Life Sciences</strong&
Data Protection Report
JANUARY 10, 2023
Introduction. On 5 December 2022, the Information Commissioner’s office ( ICO ) published its new guidance on direct marketing (the Direct Marketing Guidance ). The Direct Marketing Guidance is accompanied by various resources, including checklists, FAQs, an online training module, specific guidance relating to SMEs, B2B marketing, data brokers, political campaigning and direct marketing in the public sector.
Data Breach Today
JANUARY 12, 2023
Reports 'No Evidence' Twitter Flaw Exploited to Amass Latest Leaked Data on Users Twitter says a massive collection of purported user data being sold and then leaked via cybercrime markets was not amassed by exploiting a vulnerability in its systems but is instead "likely a collection of data already publicly available online through different sources.
Dark Reading
JANUARY 13, 2023
The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Hunton Privacy
JANUARY 11, 2023
On January 10, 2023, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP and Cisco’s Privacy Center of Excellence published a joint report on “ Business Benefits of Investing in Data Privacy Management Programs ” (the “Report”). The Report provides insights into how several leading global companies realize value from privacy management programs and demonstrates that organizations are experiencing a wide range of risk and compliance benefits as well as other tangible
Schneier on Security
JANUARY 12, 2023
Brian Krebs is reporting on a vulnerability in Experian’s website: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history.
Data Breach Today
JANUARY 11, 2023
Subcontractor Server Hacked in Both Incidents Compromising Data of Millions Personal information for nearly 3.2 million Aflac cancer insurance and almost 760,000 Zurich Insurance auto insurance policy holders in Japan has been leaked on the dark web following hacks on a third-party contractor.
Dark Reading
JANUARY 9, 2023
Business users receive a message from Facebook warning their accounts will be permanently suspended for using photos illegally if they don't appeal within 24 hours, leading victims to a credential-harvesting page instead.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
IT Governance
JANUARY 11, 2023
Welcome to our January 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we delve into a scam that attempts to trick cyber security professionals and look at a new banking trojan that has experts worried. Criminal hackers target infosec professionals in Flipper Zero scam.
eSecurity Planet
JANUARY 9, 2023
Vulnerability management tools go well beyond patch management and vulnerability scanning tools by discovering security flaws in network and cloud environments and prioritizing and applying fixes. Many IT departments struggle to stay on top of security vulnerabilities, and many don’t even know every IT asset they own, making comprehensive vulnerability management solutions an increasingly critical cybersecurity tool.
Data Breach Today
JANUARY 13, 2023
Massachusetts Citizens Excluded From Feds' Case Against Shields Health Care Group Shields Health Care Group, a Massachusetts-based medical imaging services provider, is facing two class action lawsuits filed this week - a consolidated federal case and a similar, separate case filed in state court - both in the wake of the same 2022 data breach affecting 2 million individuals.
Expert insights. Personalized for you.
214 
Let's personalize your content