Sat.Feb 11, 2023 - Fri.Feb 17, 2023

article thumbnail

ChatGPT Is Ingesting Corporate Secrets

Schneier on Security

Interesting : According to internal Slack messages that were leaked to Insider , an Amazon lawyer told workers that they had “already seen instances” of text generated by ChatGPT that “closely” resembled internal company data. This issue seems to have come to a head recently because Amazon staffers and other tech workers throughout the industry have begun using ChatGPT as a “ coding assistant ” of sorts to help them write or improve strings of code, the report

363
363
article thumbnail

Quantum Computers: What Is Q-Day? And What’s the Solution?

Lohrman on Security

Quantum computers hold the promise of amazing advances in numerous fields. So why are cybersecurity experts so worried about Q-Day? What must be done now to prepare?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Patch Tuesday, February 2023 Edition

Krebs on Security

Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.

article thumbnail

Weekly Update 335

Troy Hunt

No cyber. It's literally a "cyber-free" week, as least far as the term relates to security things. Instead, I'm unboxing an armful of Insta360 goodies and lamenting the state of IoT whilst putting even more IoT things into our massive garage renovation. I'm enjoying it though. Honestly. I think. References The Ubiquiti AI Bullet camera with license plate recognition is.

IoT 262
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Defending against AI Lobbyists

Schneier on Security

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month. And because the letter was responding to an essay we wrote, we’re starting to get worried. And while the technology can be regulated, the real solution lies in recognizing that the problem is human actors—and those we can do something about.

article thumbnail

GUEST ESSAY: Data loss prevention beccomes paramount — expecially in the wake of layoffs

The Last Watchdog

When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft or to getting compromised. This can happen due to intentional theft, human error, malware, or even physical destruction of servers.

LifeWorks

More Trending

article thumbnail

What Is Polymorphic Encryption?

Adam Levin

Polymorphic encryption refers to the encryption of data in multiple forms that are protected by multiple keys. The term is derived from the computer science concept of polymorphism, in which a single interface or symbol represents different types of data. What is encryption? Standard encryption is a method of protecting data so that only people authorized to access it can view it unencrypted.

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET. I’m speaking on “ How to Reclaim Power in the Digital World ” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM. I’m speaking at IT-S Now 2023 in Vienna, Austria, on June 1-2, 2023.

Mobile 53
article thumbnail

IoC detection experiments with ChatGPT

SecureList

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such as answering questions, summarizing text, and even solving cybersecurity-related problems, such as generating incident reports or interpreting decompiled code.

Malware 145
article thumbnail

Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube

Tech Republic Security

A report reveals a new network of malefactors in the lucrative crypto fraud market using videos, channels and web apps. The post Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube appeared first on TechRepublic.

Phishing 216
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack

Trend Micro

We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.

144
144
article thumbnail

On Pig Butchering Scams

Schneier on Security

“Pig butchering” is the colorful name given to online cons that trick the victim into giving money to the scammer, thinking it is an investment opportunity. It’s a rapidly growing area of fraud, and getting more sophisticated.

Scams 251
article thumbnail

The Rise of Security Service Edge (SSE): A Game-changer for the Modern Workforce

CyberSecurity Insiders

The pandemic shook businesses to its core, forcing users to trade in their office chairs for home desks. The result? Users, devices, and data scattered across the world. And for those in the networking and security fields, this shift brought major challenges. The traditional castle and moat access approach was no longer enough, and even the most reliable security tools became obsolete.

DDOS 141
article thumbnail

Check Point’s annual cybersecurity event spotlights power of AI

Tech Republic Security

The company showcased dozens of new security tools and services to detect and prevent malware, phishing, ransomware and other attacks, but AI took center stage. The post Check Point’s annual cybersecurity event spotlights power of AI appeared first on TechRepublic.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

‘Serious’ Ransomware Emergency in Oakland, Calif. — Legacy FAIL

Security Boulevard

Oakland is still reeling from last week’s ransomware attack. San Francisco’s poorer neighbor is asking for help. The post ‘Serious’ Ransomware Emergency in Oakland, Calif. — Legacy FAIL appeared first on Security Boulevard.

article thumbnail

Camera the Size of a Grain of Salt

Schneier on Security

Cameras are getting smaller and smaller , changing the scale and scope of surveillance.

article thumbnail

EU parliamentary committee says 'no' to EU-US data privacy framework

CSO Magazine

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies. The committee's decision — formally, a draft motion for a resolution— represents a rejection of the European Commission’s recommendation, announced in December , that the data privacy framework should be adopted.

article thumbnail

Security warning: Beep malware can evade detection

Tech Republic Security

Find out how Beep malware can evade your security system, what it can do and how to protect your business. The post Security warning: Beep malware can evade detection appeared first on TechRepublic.

Malware 183
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Your Mental Health Data for Sale or Rent — 20¢

Security Boulevard

U.S. GDPR ASAP: Data brokers are selling PII about mental health conditions—depression, anxiety, bipolar disorder, PTSD, OCD, etc. The post Your Mental Health Data for Sale or Rent — 20¢ appeared first on Security Boulevard.

article thumbnail

FBI is investigating a cybersecurity incident on its network

Bleeping Computer

The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency's network. [.

article thumbnail

EnterpriseDB adds Transparent Data Encryption to PostgreSQL

CSO Magazine

The new Transparent Data Encryption (TDE) feature will be shipped along with the company’s enterprise version of its database.

article thumbnail

What Twitter outage says about (over) zealous downsizing

Tech Republic Security

The outage message that Twitter users got last week could be read as a warning for big tech firms looking to slash their IT workforce. The post What Twitter outage says about (over) zealous downsizing appeared first on TechRepublic.

183
183
article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Oligo Security Mitigates Open Source Vulnerabilities at Runtime

Security Boulevard

Oligo Security today launched a runtime application security and observability platform that enables cybersecurity teams to detect and prioritize open source code vulnerabilities based on severity without affecting performance. Fresh from raising $28 million in funding, Oligo CEO Nadav Czerninski said the Oligo platform makes use of dynamic library-level analysis and behavior monitoring software to.

Software 131
article thumbnail

GoDaddy: Hackers stole source code, installed malware in multi-year breach

Bleeping Computer

Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack. [.

Malware 130
article thumbnail

BrandPost: The Future of Machine Learning in Cybersecurity

CSO Magazine

Machine learning (ML) is a commonly used term across nearly every sector of IT today. And while ML has frequently been used to make sense of big data—to improve business performance and processes and help make predictions—it has also proven priceless in other applications, including cybersecurity. This article will share reasons why ML has risen to such importance in cybersecurity, share some of the challenges of this particular application of the technology and describe the future that machine

article thumbnail

Cybersecurity pros less likely to be impacted by layoffs if economy slows

Tech Republic Security

In the face of recession worries, cybersecurity teams would be least affected by staffing cuts in 2023, according to a survey of C-suite executives by (ISC)². The post Cybersecurity pros less likely to be impacted by layoffs if economy slows appeared first on TechRepublic.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Cyber Attack on Succession Wealth and NHS Staff Data Leaked

CyberSecurity Insiders

Succession Wealth, a financial wealth management service offering company, has released a press statement that a cyber attack targeted its servers and it can only reveal details after the investigation gets concluded. Prima Facie revealed that hackers accessed no client data in the attack. However, a confirmation on this note can only be given after a detailed inquiry gets concluded.

article thumbnail

Hackers backdoor Microsoft IIS servers with new Frebniis malware

Bleeping Computer

Hackers are deploying a new malware named 'Frebniss' on Microsoft's Internet Information Services (IIS) that stealthily executes commands sent via web requests. [.

Malware 129
article thumbnail

Attacks on industrial infrastructure on the rise, defenses struggle to keep up

CSO Magazine

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled

Malware 130
article thumbnail

Mobile device management: Problems and solutions

Tech Republic Security

Explore the MDM market with the CEO of Kolide to learn its challenges and the possible solutions for enterprises and end users. The post Mobile device management: Problems and solutions appeared first on TechRepublic.

Mobile 155
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!