Data Breach Today
JULY 21, 2021
Measure Requires Reporting Certain Cyber Incidents to CISA Within 24 Hours of Discovery A bipartisan group of senators introduced a federal breach notification bill Wednesday that would require federal agencies, federal contractors and organizations that are considered critical to U.S. national security to report security incidents to CISA within 24 hours of discovery.
Krebs on Security
JULY 21, 2021
A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today. 60-year-old Mark Herring died of a heart attack after police surrounded his home in response to a swatting attack. Shane Sonderman , of Lauderdale County, Tenn. admitted to conspiring with a group of criminals that’s been “swatting” and harassing people for months in a bid to coerce targe
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 21, 2021
2014 Hacking Incident Affected 66,000 Employees A proposed $2.7 million settlement has been reached in a lawsuit filed against the University of Pittsburgh Medical Center in the wake of a 2014 data breach that exposed tens of thousands of employees' personal information and resulted in tax fraud.
The Last Watchdog
JULY 21, 2021
Most of us, by now, take electronic signatures for granted. Related: Why PKI will endure as the Internet’s secure core. Popular services, like DocuSign and Adobe Sign, have established themselves as convenient, familiar tools to conduct daily commerce, exclusively online. Yet electronic signatures do have their security limitations. That’s why “wet” signatures, i.e. signing in the presence of a notary, remains a requirement for some transactions involving high dollars or very sensitive rec
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JULY 21, 2021
Apple Apparently Pushes 'Zero Click' Patch, But Are Much Stronger Measures Required? Following revelations that commercial spyware vendor NSO Group was able to exploit the latest model of the Apple iPhone to install surveillance software, experts describe how Apple could be doing more to lock down its iOS mobile operating system as well as curtail attacks by making them much costlier to run.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 21, 2021
Attorney Marcus Christian Describes Pitfalls to Avoid Marcus Christian, a former executive assistant U.S. attorney, implores businesses to not immediately abandon their incident response plans once it appears a suspected incident is resolved.
eSecurity Planet
JULY 21, 2021
Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Amnesty International and Forbidden Stories – a Paris-based nonprofit media group that works with journalists – said earlier this week that users of the Israeli-developed spyware were able to hack into iPhone 11 and iPhone 1
Data Breach Today
JULY 21, 2021
Deals Focus on Bolstering Security Capabilities Cybereason and Rapid7 made acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.
Threatpost
JULY 21, 2021
In another vast software supply-chain attack, the password-stealer is filching credentials from Chrome on Windows systems via ChromePass.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JULY 21, 2021
Company Says West African Group Used Homoglyph Techniques to Trick Victims Microsoft has announced the takedown of 17 domains that an unnamed threat group operating out of West Africa used to host fake Microsoft websites when conducting business email compromise attacks
Hunton Privacy
JULY 21, 2021
On July 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth published a white paper on How the Legitimate Interest Ground for Processing for Processing Enables Responsible Data Use and Innovation (the “Paper”). The Paper explains the growing importance of the legitimate interests legal basis for organizations, whether for routine or more complex and innovative data processing activities.
Data Breach Today
JULY 21, 2021
Cognyte Identifies Top 6 Flaws, Including One That's 17 Years Old Researchers at Cognyte have identified the six common vulnerabilities and exposures - or CVEs - that were most frequently discussed by apparent cyberattackers on dark web forums between Jan. 1, 2020 and March 1, 2021. Five of these CVEs were for Microsoft products.
Security Affairs
JULY 21, 2021
Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. The author of the post claims that the data was acquired from US insurance giant Humana and includes detailed medical records of the company’s health plan members dating back to 2019.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
JULY 21, 2021
Plus, White House Says MFA, Encryption to Be Widely Deployed in Federal Networks New guidance from the National Institute of Standards and Technology spells out security measures for "critical software" used by federal agencies and minimum standards for testing its source code. The best practices could be a model for the private sector as well.
Security Affairs
JULY 21, 2021
French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group. The French national cyber-security agency ANSSI warned of ongoing attacks against a large number of French organizations conducted by the Chine-linked APT31 cyberespionage group. The state-sponsored hackers are hijacking home routers to set up a proxy mesh of compromised devices to conceal its attack infrastructure.
Data Breach Today
JULY 21, 2021
NSO Group Refutes Alleged Targeting List - But How Does It Know Customers' Targets? Can NSO Group and other commercial spyware vendors survive the latest revelations into how their tools get used? The Israeli firm is again being accused of selling spyware to repressive regimes, facilitating the surveillance of journalists, political opponents, business executives and even world leaders.
Threatpost
JULY 21, 2021
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
JULY 21, 2021
A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs. .
Threatpost
JULY 21, 2021
Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and it’s selling like hotcakes.
Jamf
JULY 21, 2021
The Pegasus surveillance software used to target terrorist and criminal threats has been linked to governments using it to target journalists, activists and dissidents. Using the sophisticated tools to monitor and capture privacy data without the user's explicit consent in an effort that mirrors known spyware activity.
Data Protection Report
JULY 21, 2021
According to the California Attorney General, consumers may now utilize a new technology called the Global Privacy Control (“GPC”) in order to opt out of a “sale” of personal information under the California Consumer Privacy Act (“CCPA”). The GPC, according to its website , was developed by “various stakeholders including technologists, web publishers, technology companies, browser vendors, extension developers, academics, and civil rights organizations.”.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
IG Guru
JULY 21, 2021
Since the emergence of the COVID 19 pandemic, most businesses and individuals have embraced remote working. However, with more people working from home, the issue of online privacy has taken precedence. Now more than ever, everyone is concerned about their privacy on online platforms like Whatsapp and Facebook. In this article, we explore solutions to […].
Threatpost
JULY 21, 2021
Ransomware is the threat of 2021. It’s impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, we’ll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.
Security Affairs
JULY 21, 2021
Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware. FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.
WIRED Threat Level
JULY 21, 2021
Eliminating the global feed is a good step. But until the platform offers privacy by default, it remains a liability for many of its users.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
JULY 21, 2021
Researchers are skeptical that much will come from calling out China for the Microsoft Exchange attacks and APT40 activity, but the move marks an important foreign-policy change.
Reltio
JULY 21, 2021
How an increased focus on first-party data could be the recipe for success in delivering an amazing omnichannel customer experience. There’s less than a year to go before the demise of third-party cookies becomes complete. Consumers have become increasingly mistrustful of how their personal identifiable information (PII) or personal data is used, and the advent of CCPA, GDPR and other data protection laws have shone a light on this.
Threatpost
JULY 21, 2021
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.
Expert insights. Personalized for you.
336 
Let's personalize your content