2020 - Information Management Today

OMB M-23-07 Released

National Archives Records Express

DECEMBER 27, 2022

OMB and NARA have just released a new memo, OMB/NARA M-23-07 , Update to Transition to Electronic Records , (December 23, 2022). Information about exceptions is available in NARA Bulletin 2020-01 , Guidance on OMB/NARA Memorandum Transition to Electronic Records (M-19-21). This memo extends the M-19-21 deadlines to June 30, 2024.

Records Management

Records Management Government

Coronavirus-themed attacks April 05 – April 11, 2020

Security Affairs

APRIL 12, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from April 05 to April 11, 2020. April 07 – COVID19: Europol arrests man behind €6M face masks and hand sanitisers scam. April 07 – Interpol warns that crooks are increasingly targeting hospitals. Pierluigi Paganini.

Phishing

Phishing Ransomware Data breaches Government

Crooks stole 800,000€ from ATMs in Italy with Black Box attack

Security Affairs

NOVEMBER 29, 2020

Here the list of victim Banks with date and impacted City: [link] pic.twitter.com/NkRr5IfUGn — Bank Security (@Bank_Security) November 27, 2020. MARCO 10/28/2020 SPINEA BANCA CAMBIANO 10/30/2020 MONTELUPO FIORENTINO BBPM 11/06/2020 BIASSONO BBPM 11/8/2020 Santo Srefano Ticino BCC 10/11/2020 Junction of Capannelle (RM) OFFICE PP.

Manufacturing

Manufacturing Security Information Security IT

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Coronavirus-themed attacks May 03 – May 09, 2020

Security Affairs

MAY 10, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 03 to May 09, 2020. May 07 – Snake Ransomware hits Europe’s largest private hospital operator Fresenius during COVID-19 outbreak. Coronavirus-themed attacks April 26 – May 02, 2020. Pierluigi Paganini. SecurityAffairs – COVID-19, hacking).

Ransomware

Ransomware Government Cybersecurity Security

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 23, 2022

CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js

CMS

CMS IT Authentication Libraries

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, SIM swapping).

Cybersecurity

Cybersecurity Authentication Cloud Security

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

CGI

JULY 3, 2020

Fri, 07/03/2020 - 02:22. Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity. This CGI blog post discusses monitoring horticulture assets from space to help insurers reduce risks and ensure business continuity.

Insurance

Insurance Risk

How computer vision and AI can revolutionize supply chain and grid management for utilities

CGI

JULY 7, 2020

Tue, 07/07/2020 - 07:08. The driving forces behind autonomous vehicle technology are computer vision (CV) and artificial intelligence (AI). Applications for these technologies exist in the utilities industry as well, and innovators are finding them.

Artificial Intelligence

A solution for balancing customer payment burdens with business cash flow

CGI

AUGUST 7, 2020

Fri, 08/07/2020 - 08:41. A solution for balancing customer payment burdens with business cash flow. This CGI blog post discusses how request-to-pay solutions balance customer payments burdens with business cash flow. kathy.jacquay@….

Moving from automation to hyper-automation in challenging times

CGI

AUGUST 4, 2020

Tue, 08/04/2020 - 07:53. Some argue that RPA leads to job losses by taking over repetitive and simple tasks typically performed by people, while others assert that RPA doesn’t take jobs away but makes those jobs easier to do.

Examining the future of retail bank branches post pandemic

CGI

JULY 27, 2020

Mon, 07/27/2020 - 02:20. Examining the future of retail bank branches post pandemic. This CGI blog post discusses the future of the traditional retail bank branch once the COVID 19 pandemic ends.

Retail

EDPB Adopts Three Sets of Guidelines in Final Form

Hunton Privacy

FEBRUARY 24, 2023

Guidelines on Certification as a Tool for Transfers Guidelines 07/2022 provide guidance as to the application of Article 46(2)(f) of the GDPR on transfers of personal data to third countries or to international organizations on the basis of certification. The Guidelines were updated to reflect comments received during public consultation.

GDPR

GDPR Personal data

EU launches bug bounty programs for 15 software

Security Affairs

DECEMBER 31, 2018

58.000,00 € 07/01/2019. 58.000,00 € 07/01/2019. 71.000,00 € 07/01/2019. 90.000,00 € 07/01/2019. 58.000,00 € 07/01/2019. 31/07/2019. 15/04/2020. 15/10/2020. 15/04/2020. Bug Bounty Platform. 15/08/2019. Apache Kafka. 15/08/2019. 15/08/2019. 15/12/2019.

Libraries

Libraries Privacy Security IT

The Tokyo Cybersecurity Olympic Games

Thales Cloud Protection & Licensing

JULY 22, 2021

Thu, 07/22/2021 - 15:10. The opening ceremony for the delayed 2020 Tokyo Olympics will take place on Friday July 2021, and we can expect to see a very different spectacle, with no spectators present due to rising COVID-19 cases in Japan. The Tokyo Cybersecurity Olympic Games.

Cybersecurity

Cybersecurity Encryption Risk Access

Five strategic actions manufacturers can take to rebound stronger from the crisis

CGI

JULY 19, 2020

Mon, 07/20/2020 - 00:55. Manufacturers are at a critical juncture. In the time immediately following the pandemic crisis, efforts concentrated on keeping workers safe and managing business continuity.

Manufacturing

TOP 5 ATT&CK techniques used by Threat Actors tied to Iran

Outpost24

JULY 22, 2022

Fri, 07/22/2022 - 03:56. TOP 5 ATT&CK techniques used by Threat Actors tied to Iran. Florian Barre. Blueliv, an Outpost24 company. Threat Intelligence. False flags and strong anonymity measures can be used to make attribution of cyberattacks more and more difficult.

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

Researchers provided details for each of the campaigns they have analyzed.

Retail

Retail Phishing Marketing IT

Examining the future of retail bank branches post pandemic

CGI

JULY 27, 2020

Mon, 07/27/2020 - 02:20. Examining the future of retail bank branches post pandemic. This CGI blog post discusses the future of the traditional retail bank branch once the COVID 19 pandemic ends.

Retail

Examining the future of retail bank branches post pandemic

CGI

JULY 27, 2020

Mon, 07/27/2020 - 02:20. Examining the future of retail bank branches post pandemic. This CGI blog post discusses the future of the traditional retail bank branch once the COVID 19 pandemic ends.

Retail

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

CGI

JULY 3, 2020

Fri, 07/03/2020 - 02:22. Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity. This CGI blog post discusses monitoring horticulture assets from space to help insurers reduce risks and ensure business continuity.

Insurance

Insurance Risk

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

CGI

JULY 3, 2020

Fri, 07/03/2020 - 02:22. Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity. This CGI blog post discusses monitoring horticulture assets from space to help insurers reduce risks and ensure business continuity.

Insurance

Insurance Risk

Five strategic actions manufacturers can take to rebound stronger from the crisis

CGI

JULY 19, 2020

Mon, 07/20/2020 - 00:55. Manufacturers are at a critical juncture. In the time immediately following the pandemic crisis, efforts concentrated on keeping workers safe and managing business continuity.

Manufacturing

Five strategic actions manufacturers can take to rebound stronger from the crisis

CGI

JULY 19, 2020

Mon, 07/20/2020 - 00:55. Manufacturers are at a critical juncture. In the time immediately following the pandemic crisis, efforts concentrated on keeping workers safe and managing business continuity.

Manufacturing

How automation can improve pandemic response in health care

CGI

NOVEMBER 18, 2020

Wed, 11/18/2020 - 07:41. This blog discusses how health care organizations are using robotic process automation (RPA) in various ways to address needs created by the pandemic. kathy.jacquay@….

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Thales Cloud Protection & Licensing

JULY 20, 2021

Tue, 07/20/2021 - 09:40. 2020 was a challenging year for the world. This was especially true across Europe where the consequences of hacked vulnerabilities had become all too clear as 2020 came to a close. Business as Usual During a Terrible, Horrible, No Good, Very Bad Year.

Encryption

Encryption Cloud Data breaches Compliance

Moving from automation to hyper-automation in challenging times

CGI

AUGUST 4, 2020

Tue, 08/04/2020 - 07:53. Some argue that RPA leads to job losses by taking over repetitive and simple tasks typically performed by people, while others assert that RPA doesn’t take jobs away but makes those jobs easier to do.

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Security Affairs

JANUARY 16, 2020

Below the timeline for both vulnerabilities: 07-01-2020 – Reported the vulnerabilities to the developer of both plugins. 07-01-2020 – Released protection module to all WebARX customers. 08-01-2020 – Developer of the plugin released a new version for both plugins. 14-01-2020 – Security advisory publicly released.

CMS

CMS Passwords Authentication Security

Experts disclose security flaws in Oracle’s iPlanet Web Server

Security Affairs

MAY 11, 2020

Researchers discovered two security flaws impacting Oracle’s iPlanet Web Server, tracked as CVE-2020-9315 and CVE-2020-9314, that could cause sensitive data exposure and limited injection attacks. The CVE-2020-9314 issue resides in the “productNameSrc” parameter of the console.

Security

Security Phishing Encryption Authentication

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Security Affairs

JULY 18, 2020

Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Quick and dirty (sorry i did it during lunch time) PoC for SAP RECON vulnerability (CVE-2020-6287, CVE-2020-6286).

Archiving

Archiving Authentication Cybersecurity Security

Expert publicly discloses PoC code for critical RCE issues in Cisco Security Manager

Security Affairs

NOVEMBER 17, 2020

cisco #RCE #unauth — frycos (@frycos) November 11, 2020. “Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. According to a tweet published by the researcher, he reported the flaws to the vendor 120 days ago, on July 13.

Security

Security Access IT Information Security

Webinar on FAQ about Non-Compliant Permanent Digitized Records

National Archives Records Express

JANUARY 22, 2024

The discussion also covered questions about the upcoming deadlines in M-23-07 for NARA to stop accepting records in analog format.

Paper

Paper Archiving IT

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

“As of July 11th, 2020, our cybersecurity team has confirmed that an unauthorized third party accessed certain user data through a security breach at a LiveAuctioneers data processing partner that occurred on June 19, 2020.” ” reads the data breach notification published by the company. million LiveAuctioneers users.”

Sales

Sales Data breaches Passwords Encryption

Safe-T Has Partnered with Thales to Bring a New Remote Access Security Solution to the Table

Thales Cloud Protection & Licensing

APRIL 8, 2021

Thu, 04/08/2021 - 07:38. The global pandemic of 2020 has changed the world around us in drastic and likely permanent ways. Safe-T Has Partnered with Thales to Bring a New Remote Access Security Solution to the Table.

Access

Access Security Authentication Risk

Are you using a Sophos UTM appliance? Be sure it is up to date!

Security Affairs

AUGUST 23, 2021

A researcher disclosed technical details of a critical remote code execution vulnerability, tracked as CVE-2020-25223, patched last year. In September, Sophos addressed a remote code execution vulnerability (CVE-2020-25223) in the WebAdmin of SG UTM that was reported via the company bug bounty program. Host : 192.168.50.17

IT

IT Authentication Security Information Security

Emotet botnet surges back after months of absence

Security Affairs

JULY 18, 2020

The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. Emotet AAR for 2020/07/17- Well played Ivan, I dont usually do a Friday report but I did one just for you <3. link] — Joseph Roosen (@JRoosen) July 18, 2020.

Security

Security IT

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

MARCH 4, 2020

The organization confirmed the bug at 2020-02-29 03:08 UTC, and two minutes later halted issuance. According to Let’s Encrypt, the bug was likely introduced on 2019-07-25. link] says revocations may start from 2020-03-04 00:00:00 UTC. pic.twitter.com/gdcBdsd1y9 — Peanut Butter Guillotine (@xurizaemon) March 3, 2020.

Encryption

Encryption IT Security Information Security

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Thales Cloud Protection & Licensing

JULY 20, 2021

Tue, 07/20/2021 - 09:40. 2020 was a challenging year for the world. This was especially true across Europe where the consequences of hacked vulnerabilities had become all too clear as 2020 came to a close. Business as Usual During a Terrible, Horrible, No Good, Very Bad Year.

Encryption

Encryption Cloud Data breaches Compliance

Data Beyond Borders: The Schrems II Aftermath

Thales Cloud Protection & Licensing

MARCH 1, 2021

Tue, 03/02/2021 - 07:06. On July 16, 2020 the Court of Justice of the European Union issued the Schrems II decision in the case Data Protection Commission v. Data Beyond Borders: The Schrems II Aftermath. Facebook Ireland. That decision invalidates the European Commission’s adequacy decision for the EU-U.S.

GDPR

GDPR Compliance Privacy Cloud

Garmin allegedly paid for a decryptor for WastedLocker ransomware

Security Affairs

AUGUST 2, 2020

Bleepingcomputer reported that the script used by Garmin has a timestamp of 07/25/2020, a circumstance that suggests the company paid the ransom between July 24th and July 25th. .” Experts reported that upon executing the restoration package, it decrypts the files stored on the computer and then installs security software. .

Ransomware

Ransomware Encryption Cybersecurity IT

Why Data Visibility is Important for Security

Thales Cloud Protection & Licensing

MARCH 16, 2021

Tue, 03/16/2021 - 07:47. The shift to working from home over the past year, as reviewed in “ 451 Research’s Voice of the Enterprise: Digital Pulse ” published on October 2020, identifies the “information security as the priority respondents cited most often as having become greater”. Why Data Visibility is Important for Security.

Security

Security Data breaches Cloud Big data

Why agnostic access security is critical for compliance in the post Schrems II landscape

Thales Cloud Protection & Licensing

JULY 28, 2021

Wed, 07/28/2021 - 07:38. The Schrems II ruling was issued by the Court of Justice of the European Union (CJEU) in July 2020. Why agnostic access security is critical for compliance in the post Schrems II landscape. What is the Schrems II ruling and what are its implications?

Compliance

Compliance Access Security Cloud

Conti ransomware gang also breached Ireland Department of Health (DoH)

Security Affairs

MAY 19, 2021

At approx 07:00 hrs on 14th May the NCSC was made aware that a Conti ransomware attack that had severely disabled a number of systems, the IT staff shutdown the majority of other HSE systems. Since August 2020, the group has launched its leak site to threaten its victim to release the stolen data.

Ransomware

Ransomware Encryption File names IoT

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

The messages began at 2022-07-20 22:50 UTC. Twitter accelerated its plans to improve employee authentication following the July 2020 security incident , wherein several employees were phished and relieved of credentials for Twitter’s internal tools. Some messages were also sent to the employees family members.” ”

Phishing

Phishing Authentication Passwords Access

CGI Client Global Insights: A look at top capital market trends and priorities

CGI

APRIL 7, 2020

In this blog, I share key highlights as capital market firms execute their strategies and plans for 2020. Tue, 04/07/2020 - 23:42. We summarize the findings and insights from these discussions in the CGI Client Global Insights capital markets report. Protecting and leveraging data continue as most impactful trends.

Marketing

Marketing Analytics Digital transformation Compliance

OMB M-23-07 Released

Coronavirus-themed attacks April 05 – April 11, 2020

Webinars

Trending Sources

Crooks stole 800,000€ from ATMs in Italy with Black Box attack

Webinars

Coronavirus-themed attacks May 03 – May 09, 2020

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

CISA urges to fix actively exploited Firefox zero-days by March 21

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

How computer vision and AI can revolutionize supply chain and grid management for utilities

A solution for balancing customer payment burdens with business cash flow

Moving from automation to hyper-automation in challenging times

Examining the future of retail bank branches post pandemic

EDPB Adopts Three Sets of Guidelines in Final Form

EU launches bug bounty programs for 15 software

The Tokyo Cybersecurity Olympic Games

Five strategic actions manufacturers can take to rebound stronger from the crisis

TOP 5 ATT&CK techniques used by Threat Actors tied to Iran

North Korean Lazarus APT stole credit card data from US and EU stores

Examining the future of retail bank branches post pandemic

Examining the future of retail bank branches post pandemic

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

Helping insurers monitor horticulture assets from space to reduce risks and ensure business continuity

Five strategic actions manufacturers can take to rebound stronger from the crisis

Five strategic actions manufacturers can take to rebound stronger from the crisis

How automation can improve pandemic response in health care

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Moving from automation to hyper-automation in challenging times

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Experts disclose security flaws in Oracle’s iPlanet Web Server

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Expert publicly discloses PoC code for critical RCE issues in Cisco Security Manager

Webinar on FAQ about Non-Compliant Permanent Digitized Records

3.4 Million user records from LiveAuctioneers hack available for sale

Safe-T Has Partnered with Thales to Bring a New Remote Access Security Solution to the Table

Are you using a Sophos UTM appliance? Be sure it is up to date!

Emotet botnet surges back after months of absence

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Data Beyond Borders: The Schrems II Aftermath

Garmin allegedly paid for a decryptor for WastedLocker ransomware

Why Data Visibility is Important for Security

Why agnostic access security is critical for compliance in the post Schrems II landscape

Conti ransomware gang also breached Ireland Department of Health (DoH)

How 1-Time Passcodes Became a Corporate Liability

CGI Client Global Insights: A look at top capital market trends and priorities

Stay Connected