Darkreading.com reported that “Rated at a CVSS score of 10, the bug is as bad as it gets, allowing remote cyberattackers unfettered access to corporate environments… A max-critical unauthenticated remote code execution (RCE) vulnerability is impacting Atlassian Confluence Data Center and Confluence Server, in all versions released before Dec. 5.
Continue Reading Atlassian Bug needs Patch ASAP!
Anyone surprised the Senate is Outraged over the SEC X Account Hack based on lack of MFA?
Darkreading.com reported that “Senators from both parties called the Securities and Exchange Commission’s lack of MFA “inexcusable” and demand investigation into the regulator’s cybersecurity lapse. … Following the Securities and Exchange Commission’s X account, formerly known as Twitter, compromise on Jan. 9, two Senators have issued a statement calling the
Continue Reading Anyone surprised the Senate is Outraged over the SEC X Account Hack based on lack of MFA?
Zero Trust in the Cloud take serious planning!
DarkReading.com reported that “Zero trust is a high-level strategy that assumes that individuals, devices, and services attempting to access company resources, both externally and internally, can’t automatically be trusted. The approach has become popular because it addresses the risk associated with the modern attack surface. However, tying together various data
Continue Reading Zero Trust in the Cloud take serious planning!
NY Hospital Fined $300K for Web Tracker Use!
HealthInfoSecurity.com reported that “State regulators have fined a large New York academic medical center $300,000 to settle privacy violations related to the organization’s prior use of tracking tools in its websites and patient portal. Regulators said the hospital had violated HIPAA rules in sharing patient information with third parties for
Continue Reading NY Hospital Fined $300K for Web Tracker Use!
Google mediates a settlement in a 4 year old class action Privacy Protection lawsuit!
BankInfoSecurity.com reported “Google reached a preliminary settlement in a class action lawsuit that alleged the tech giant had misled consumers about their privacy protections when using the private browsing Incognito mode of its Chrome web browser.” The December 28, 2023 article entitled ” Google to Settle $5B ‘Incognito Mode’ Privacy
Continue Reading Google mediates a settlement in a 4 year old class action Privacy Protection lawsuit!
Watch out! AI is a risk to financial systems!
BankInfoSecurity.com reported that “In its annual report, the Financial Stability Oversight Council – a team made up mostly of financial regulators and chaired by the secretary of the Department of the Treasury – highlighted AI’s potential to spur innovation but flagged its ability to introduce “certain risks.” “. The December 18
Continue Reading Watch out! AI is a risk to financial systems!
What do you think of the new EU AI Act?
GovInfoSecurity.com reported that “European lawmakers and officials announced a compromise late Friday over a regulation on artificial intelligence in the works since 2021, making the trading bloc first in the world to comprehensively regulate the nascent technology.” The December 8, 2023 report entitled “Europe Reaches Deal on AI Act, Marking
Continue Reading What do you think of the new EU AI Act?
Anyone Surprised to Hear 1.5M Hotel Customers’ Data was Stolen!
BankInfoSecurity.com reported that “Hospitality giant Indian Hotels said it’s probing the alleged theft of sensitive data from its systems after a criminal claimed to have stolen data pertaining to 1.5 million customers.” The November 24, 2023 report entitled “Indian Hotels Probes Alleged Customer Data Breach” (https://www.bankinfosecurity.com/indian-hotels-probes-alleged-customer-data-breach-a-23687?rf=2023-11-27_ENEWS_SUB_BIS__Slot1_ART23687&mkt_tok=MDUxLVpYSS0yMzcAAAGPsIVP_eqUjGouubODdT5r8DjwgT471B0YThRmNSqyB3-BMZiLaRRjivUCRnVrgE9MW3fea7yzDHEnVwXkSk1EVtQI3VNYOxjM0oV63fddwmqKEtZOCw) included these
Continue Reading Anyone Surprised to Hear 1.5M Hotel Customers’ Data was Stolen!
WOW! Ransomware Gang BlackCat Tattles to the SEC!
BankInfoSecurity.com reported that “The notorious BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days.” The November 16, 2023 article entitled “BlackCat Gang Tattles to SEC About Victim Not Disclosing Breach” (https://www.bankinfosecurity.com/blackcat-gang-tattles-to-sec-about-victim-disclosing-breach-a-23611?rf=2023-11-17_ENEWS_SUB_BIS__Slot1_ART23611&mkt_tok=MDUxLVpYSS0yMzcAAAGPfO8qfBRKXpKKhl9uvOhaGZ8RHOMe7Jr3fnHnF8s0ca0pBaJ9np6bb_K1s597087s60t6mmROrPdxgHBfG2CY-QUlifWhx-Dt43tBOlbOiOM9ykvv1w) included these comments:
The ransomware
Continue Reading WOW! Ransomware Gang BlackCat Tattles to the SEC!
AI has already changed hiring, training, & change management!
Computerworld.com reported that “in 2015 New York Life Insurance Co. began building up a data science team to investigate the use of predictive models to improve efficiency and increase productivity.” The November 14, 2023 article entitled “Q&A: NY Life exec says AI will reboot hiring, training, change management” (https://www.computerworld.com/article/3710208/qa-ny-life-exec-says-ai-will-reboot-hiring-training-change-management.html
Continue Reading AI has already changed hiring, training, & change management!