Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” On April 13, Microsoft said it executed a legal sneak atta

Ransomware 268

Ransomware Cybersecurity Healthcare Access 268

Dark Reading

APRIL 18, 2022

IT departments must account for the business impact and security risks such applications introduce.

Security 133

Security Risk IT 133

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

CMS 139

CMS IoT Passwords IT 139

Data Breach Today

APRIL 19, 2022

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade. The CloudSEK researchers who discovered the malware have not attributed it to any particular group.

IT 335

IT 335

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. youth. Individuals who possess security clearances are not prohibited from traveling to foreign countries; however, there are certain acts and behaviors that may raise foreign influence and/or for

Security 210

Security Risk Military Government 210

Schneier on Security

APRIL 20, 2022

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

Government 142

Government IT 142

Data Breach Today

APRIL 22, 2022

Also: FBI's Warning to Healthcare Entities; Ransomware Trends Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the FBI's warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K. government has been infected with NSO Group spyware.

Ransomware 333

Ransomware Government 333

Security Affairs

APRIL 18, 2022

US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog.

IT 142

IT Cybersecurity Risk Security 142

AIIM

APRIL 21, 2022

There are two things you should know about me. The first is that I love to eat. I have an appetite that was once described as “alarming.” In my teenage years, I would kick back and devour an entire large pizza in one sitting. As I grew older, I refined my pallet and developed a desire for quality ingredients and a craving for a variety of flavors. The second thing you should know is that I hate to cook.

Customer Experience 147

Customer Experience Digital transformation Insurance Government 147

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Dark Reading

APRIL 19, 2022

Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says.

Security 145

Security IT 145

Data Breach Today

APRIL 22, 2022

SOC.OS Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.

Security 330

Security IT 330

Security Affairs

APRIL 21, 2022

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective against malicious traffic. Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) which is currently developed by Cisco. The software performs real-time traffic analysis and packet logging on Internet Protocol (IP) networks, protocol analysis, content searching and matching.

IT 130

IT Cybersecurity Security Information Security 130

eSecurity Planet

APRIL 18, 2022

Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not. During such reconnaissance operations, attackers collect relevant data about their victims, but it’s not without risks for them.

IT 130

IT Paper Risk Security 130

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

APRIL 21, 2022

Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

Ransomware 140

Ransomware 140

Data Breach Today

APRIL 20, 2022

Containers Could Exploit the AWS Hot Patch to Take Over Its Underlying Host AWS has fixed "severe security issues" in hot patches it released in December to address the Log4Shell vulnerability in Java applications and containers. Palo Alto Networks' Unit 42 researchers said containers in server or cluster environments can exploit the patch to take over its underlying host.

Security 328

Security IT 328

Security Affairs

APRIL 21, 2022

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets.

Access 128

Access Cybersecurity Security IT 128

Daymark

APRIL 19, 2022

If your organization has been working towards NIST 800-171 and is now on the journey to achieve CMMC 2.0 (the Cybersecurity Maturity Model Certification) it can be difficult to understand what you’ve already achieved and what’s left to do. Both standards are intended to reduce threats and strengthen cybersecurity for sensitive government data. Here’s some details on how they relate to each other and what’s involved to take the next steps toward CMMC compliance.

Compliance 120

Compliance Cybersecurity Government IT 120

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

IT Governance

APRIL 19, 2022

After a lengthy delay, version 4.0 of the PCI DSS (Payment Card Industry Data Security Standard) was published on 31 March 2022. Although the current version (3.2.1) remains valid until March 2024, organisations that are subject to the PCI DSS should prepare for the update as soon as possible. So, what does that involve? The headline change to PCI DSS v4.0 is the introduction of the “customized approach”.

IT 119

IT Passwords Risk Compliance 119

Data Breach Today

APRIL 19, 2022

Tenants Accessed and Apps Such as Slack and Jira Viewed for Only 2 Okta Clients During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.

Access 300

Access IT 300

Security Affairs

APRIL 20, 2022

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online. Below the organizations breached in the last three days, since my previous update: Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs.

Archiving 127

Archiving Access Government Cybersecurity 127

Hunton Privacy

APRIL 21, 2022

On April 21, 2022, the United States, Canada, Japan, Singapore, the Philippines, the Republic of Korea and Chinese Taipei published a declaration (the “Declaration”) establishing the Global Cross-Border Privacy Rules Forum (the “Global CBPR Forum”). The Global CBPR Forum will establish an international certification system based on the existing APEC Cross-Border Privacy Rules (“CBPR”) and Privacy Recognition for Processors (“PRP”) Systems, enabling participation beyond APEC member economies.

Privacy 116

Privacy Government Information Security Security 116

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

APRIL 20, 2022

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks.

Phishing 129

Phishing 129

Data Breach Today

APRIL 21, 2022

Security and Ethical Concerns Persist as AI-Driven Lethal Weapon Systems Evolve Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially because lethal weapons keep evolving toward full autonomy but cannot be made hack-proof.

Security 281

Security 281

Security Affairs

APRIL 20, 2022

Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon , Primitive Bear, and ACTINIUM) continues to target Ukraine and it is using new variants of the custom Pterodo backdoor (aka Pteranodon ). The cyberespionage group is behind a recent series of spear-phishing attacks targeting Ukrainian entities and organizations related to Ukrainian affairs, since October 2021, Microsoft said.

Archiving 119

Archiving Phishing Communications Cybersecurity 119

Imperial Violet

APRIL 16, 2022

There are many encoding formats. CBOR is one of them. Like several others, a subset of it basically fine—I'm not starting that fight today. Whatever encoding you use, it's nice to reduce flexibility. If there are multiple ways of encoding the same thing then, for anything with a non-negligible diversity of implementations, you'll find that there is a canonical encoding, it's just not documented.

Mining 102

Mining IT Security 102

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

APRIL 20, 2022

A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.

Security 117

Security 117

Data Breach Today

APRIL 22, 2022

Group Also Claims to Have Targeted the US, Poland, Germany and UK Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days. It targets victims that it believes are adversaries of Russia, and several critical infrastructure entities in the Czech Republic are known to have been successfully targeted.

IT 261

IT 261

Security Affairs

APRIL 21, 2022

Cisco addressed a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA) that could allow stealing admin credentials. Cisco addressed a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA) , tracked as CVE-2022-20773, that could be exploited by an unauthenticated attacker to steal admin credentials remotely. Umbrella is Cisco’s cloud-based Secure Internet Gateway (SIG) platform that provides users with multiple levels of defense against internet-based

Cloud 115

Cloud Authentication Cybersecurity Security 115