Data Breach Today
OCTOBER 12, 2021
Count of Victims - Listed on Leak Sites or Not - Appears To Be Holding Steady One measure of the damage being done by ransomware groups continues to be how many victims get listed on ransomware operators' dedicated data-leak sites, as part of their so-called double extortion tactics. Unfortunately, the number of victims doesn't appear to be declining.
Krebs on Security
OCTOBER 12, 2021
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited. This month’s Patch Tuesday also includes security fixes for the newly released Windows 11 operating system. Separately, Apple has released updates for iOS and iPadOS to address a flaw that is being actively attacked.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
OCTOBER 11, 2021
Software today is built on a combination of open source and proprietary software packages. Developers can reuse and build on the packages created by others, which results in the rapid creation of new capabilities and technologies. Related: How SBOM factors into DevSecOps. This reuse creates dependencies, all of which don’t necessarily stay updated at the same pace.
Data Matters
OCTOBER 13, 2021
The U.S. Securities and Exchange Commission (SEC) Division of Enforcement is stepping up investigative efforts looking at registered firms’ use of personal devices for business communications, which can implicate their recordkeeping obligations and result in failure to retain and produce responsive business-related communications in SEC investigations.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
OCTOBER 11, 2021
Letter to 4 Departments Asserts that Cryptocurrency Is Enabling These Attacks A congressional letter sent to the heads of four federal agencies expressed an urgent need for the Biden administration to continue combating ransomware. This includes a particular focus on the cryptocurrency infrastructure that is enabling these cyberattacks, four Democratic lawmakers say.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Preservica
OCTOBER 10, 2021
October 10 th is Electronic Records Day, an annual event sponsored by the Council of State Archivists (CoSA) to raise awareness among US state government agencies, the general public, related professional organizations, and other stakeholders about the crucial role that electronic records play in their world. It is also an opportunity to thank CoSA and its members for their continuous efforts to advise records producers, create useful tools and resources, undertake research and grant projects to
The Last Watchdog
OCTOBER 13, 2021
In recent years, brands have started butting up against the line between convenience and privacy. Shoppers love the convenience of personalized experiences that their data powers, but then horror stories such as the Cambridge Analytica scandal make people skeptical about how much information companies should be collecting and sharing. Related: Apple battles Facebook over consumer privacy.
Data Breach Today
OCTOBER 11, 2021
Mandiant Report Says Threat Actors Deploy Ryuk, Leverage Initial Access Brokers A Russian-speaking threat actor group that deploys the Ryuk variant ransomware, leverages initial access brokers, and generally skips double-extortion attempts in favor of fast and higher payout ransoms has been predominately targeting the healthcare sector, warns security firm Mandiant.
Krebs on Security
OCTOBER 14, 2021
On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. In a press conference this morning, Missouri Gov. Mike Parson (R) said fixing the flaw could cost the state $50 million, and vowed his administration would seek to prosecute and investigate the “hackers” and anyone who aided the publication
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Threatpost
OCTOBER 12, 2021
The bug is under attack. Within hours of the patch release, a researcher published POC code, calling it a "great" flaw that can be used for jailbreaks and local privilege escalation.
Security Affairs
OCTOBER 12, 2021
Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August, it is the largest DDoS attack to date. Microsoft announced that its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) DDoS attack at the end of August, it represents the largest DDoS attack recorded to date. The attack was aimed at an Azure customer in Europe, but Microsoft did not disclose the name of the victim.
Data Breach Today
OCTOBER 15, 2021
Government Authorities Issue Advisories Following Hospital Attack Government authorities in Israel are warning healthcare sector entities in the country of potential cyberattacks after a ransomware attack this week on Hillel Yaffe Medical Center in the city of Hadera. The hospital said it is "using alternative systems" to care for its patients.
Schneier on Security
OCTOBER 12, 2021
I feel sorry for the accused : The “security incident” that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding — after an airline passenger mistook another traveler’s camera for a bomb, sources said Sunday. American Airlines Flight 4817 from Indianapolis — operated by Republic Airways — made an emergency landing at LaGuardia just after 3 p.m., and authorities took a suspicious passen
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Threatpost
OCTOBER 13, 2021
Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
Security Affairs
OCTOBER 9, 2021
Google has addressed a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. Google released security updates to address a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. The most severe vulnerability, tracked as CVE-2021-37977, is an after-free issue in Garbage Collection that could lead to arbitrary code execution.
Data Breach Today
OCTOBER 14, 2021
Attackers Can Push Code To A Protected Branch Researchers at Cider Security have uncovered a security loophole in GitHub Actions that allows adversaries to bypass the required reviews mechanism and push unreviewed code to a protected branch, allowing it into the pipeline to production.
Schneier on Security
OCTOBER 11, 2021
It’s not actually banned in the EU yet — the legislative process is much more complicated than that — but it’s a step: a total ban on biometric mass surveillance. To respect “privacy and human dignity,” MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of individuals in public spaces, saying citizens should only be monitored when suspected of a crime.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Hunton Privacy
OCTOBER 14, 2021
On October 8, 2021, Senator Ed Markey (D-Mass) and Representatives Kathy Castor (D-Fla) and Lori Trahan (D-Mass) penned a letter to Chair of the Federal Trade Commission Lina Khan, urging the agency to ensure that companies uphold the commitments made in their children’s privacy notices and “hold them accountable if they fail to do so.” In the letter, the lawmakers noted that many technology companies have recently announced updates to their respective platforms’ policies that are intended to en
Security Affairs
OCTOBER 11, 2021
Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the wild. Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild. The flaw is a critical memory corruption issue that resides in the IOMobileFrameBuffer, an application can trigger the vulnerability to execute commands on vulnerable devices with kernel privileges.
Data Breach Today
OCTOBER 14, 2021
Gov. Michael L. Parson Alleges Newspaper Employee Improperly Accessed Data A newspaper employee in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state's governor. The governor alleged the publication of the vulnerability after it was fixed was part of a "political vendetta.
Schneier on Security
OCTOBER 15, 2021
Even before Apple made its announcement , law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. It’s not a cryptographic backdoor, but it’s still a backdoor — and brings with it all the insecurities of a backdoor.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Jamf
OCTOBER 13, 2021
Jamf’s product team discusses the Universal Endpoint Management Connector (UEMC) that closely integrates the new security software acquisitions with Jamf Pro for improved communications for Apple devices in a way that didn’t exist before.
Security Affairs
OCTOBER 9, 2021
CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain containing production data. Original post @ [link]. CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain, containing what appear to be production-level database access credentials, as well as addresses to development endpoints. Sky, a subsidiary of Comcast, is Europe’s largest media company, boasting a 12% market share and a revenue of approximately £13.4 billion in 20
Data Breach Today
OCTOBER 13, 2021
Also, NJ AG Smacks Fertility Clinic With Big Fine in Hacking Incident A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.
OpenText Information Management
OCTOBER 11, 2021
Today’s networked world makes every system an easy target for cyberattacks. Automated tools make it easier for attackers to execute successful attacks and a new threat emerges almost every second. In this environment, it’s hard for cybersecurity to keep up. According to Cybersecurity Ventures, cybercrime is expected to cause $6 trillion (US) worth of damages globally in … The post Machine learning in cybersecurity appeared first on OpenText Blogs.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Matters
OCTOBER 14, 2021
On September 22, 2021, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory (the “ Advisory ”) outlining the Conti ransomware group’s tactics, techniques, and procedures (“TTPs”) to help companies protect against their attacks. This Advisory is especially notable because it is an example of the type of information sharing promised by the Biden administration, which includes techni
Security Affairs
OCTOBER 13, 2021
Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police warn customers of a booter service, abused to carry out distributed denial-of-service (DDoS) attacks, of to stop using it to avoid prosecution. The letter sent by the Dutch Police aims to work as a deterrent for cybercriminal activities explaining to them the consequence of prosecution due to criminal activities.
Data Breach Today
OCTOBER 12, 2021
OnDemand Webinar | Fraud ROI for Ecommerce: Drive More Revenue with Fewer False Positives Watch this onDemand webinar which includes an e-commerce case study on fighting fraud & user friction.
Expert insights. Personalized for you.
355 
Let's personalize your content