Mon.Mar 01, 2021

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Data Breach Today

Prolific Ransomware Can 'Spread Automatically' Inside Networks, CERT-FR Warns Prolific Ryuk ransomware has a new trick up its sleeve. "A

National Security Risks of Late-Stage Capitalism

Schneier on Security

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds.

Risk 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Rockwell Controllers Vulnerable

Data Breach Today

Flaw Could Enable Access to Secret Encryption Key A critical authentication bypass vulnerability could enable hackers to remotely compromise programmable logic controllers made by industrial automation giant Rockwell Automation, according to the cybersecurity company Claroty.

Cybercrime 'Help Wanted': Job Hunting on the Dark Web

Dark Reading

How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now

108
108

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

Indian Vaccine Makers, Oxford Lab Reportedly Hacked

Data Breach Today

Incidents Spotlight Growing COVID-19-Related Cyberthreats Two Indian vaccine makers and an Oxford University lab are reportedly among the latest targets of hackers apparently seeking to steal COVID-19 research data

232
232

More Trending

Why This Facebook Privacy Settlement Is Unusual

Data Breach Today

$650 Million Settlement Reached Under Illinois' Groundbreaking Biometrics Privacy Law Ending six years of litigation, a federal judge has signed off on a $650 million settlement of a class-action lawsuit against Facebook for violating Illinois' groundbreaking privacy law that restricts collecting biometrics data. Here's why this case is so unusual.

List of data breaches and cyber attacks in February 2021 – 2.3 billion records breached

IT Governance

The cyber security industry was rocked in February after a ransomware attack against the Cloud service provider Accellion. Dozens of organisations that used the software reported incidents in one of the worst months we’ve ever recorded.

Cryptomining Botnet Uses Bitcoin Wallet to Avoid Detection

Data Breach Today

Akamai Describes How This Approach Works A cryptomining botnet campaign is using bitcoin blockchain transactions to hide command-and-control server addresses and stay under the radar, defeating takedown attempts, according to security firm Akamai

New Jailbreak Tool Works on Most iPhones

Dark Reading

The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack

97

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains

Data Breach Today

‘Supply Chain Security Is Broken, and It’s Time for a Change’ Jamil Farshchi has been there. As CISO of Equifax, he knows what it’s like to be a victim of a high-profile cyberattack.

IT 178

Building a Next-Generation SOC Starts With Holistic Operations

Dark Reading

The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view

93

Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says

Security Affairs

Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack.

MSP Provider Builds Red Team as Attackers Target Industry

Dark Reading

NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs

88

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

How low-code is transforming software development

DXC

An emerging way to program, known as low-code application development, is transforming the way we create software. With this new approach, we’re creating applications faster and more flexibly than ever before.

Cloud 83

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge.

Passwords, Private Posts Exposed in Hack of Gab Social Network

Threatpost

The Distributed Denial of Secrets group claim they have received more than 70 gigabytes of data exfiltrated from social media platform Gab. Hacks Web Security

NSA embraces the Zero Trust Security Model

Security Affairs

The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process.

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack

Dark Reading

Earnings report points to diversion of care during incident for financial loss

Gootkit delivery platform Gootloader used to deliver additional payloads

Security Affairs

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan.

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Threatpost

A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks. Malware Mobile Security Vulnerabilities

What Life Is Like Under Myanmar's Internet Shutdown

WIRED Threat Level

One couple living in Yangon explain the impact of the military coup's terrifying censorship measures. Security Security / National Security

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Firewall Vendor Patches Critical Auth Bypass Flaw

Threatpost

Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users. Vulnerabilities Web Security

ARMA International Education Foundation (AIEF) Call Nominations for Trustee Positions

IG Guru

(Palmyra, NJ – February 22, 2022) – The Foundation is a leading organization that enhances the practical and scholarly knowledge of information management by funding and promoting research, scholarship, and educational opportunities for information management professionals.

Malware Loader Abuses Google SEO to Expand Payload Delivery

Threatpost

Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction. Malware

IT 84

Popular WordPress Plugin accepts Cryptocurrencies as a new annual payment option

IG Guru

It is possible to upgrade to a WPSec Premium Account with over 70 different cryptocurrencies (crypto, coins). We support Bitcoin, Bitcoin Cash, Zcash, Dogecoin, Litecoin, Ether, Dash and Monero to mention a few.At the moment you can only pay annually using cryptocurrencies.

IT 59

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Data Beyond Borders: The Schrems II Aftermath

Thales Cloud Protection & Licensing

Data Beyond Borders: The Schrems II Aftermath. divya. Tue, 03/02/2021 - 07:06. On July 16, 2020 the Court of Justice of the European Union issued the Schrems II decision in the case Data Protection Commission v. Facebook Ireland.

GDPR 78

App Security is Abysmal. Some Are Riskier Than Others

Adam Levin

Gab was breached February 28, with 70 gigabytes of user data leaked by a group of “hacktivists.” A popular audio chatroom app for iOS devices called Clubhouse was breached seven days before that.

CCC Days at RoleModel Software: Part 2

Role Model Software

“A little learning is a dangerous thing.” - Alexander Pope If you stop learning, you stop growing; you stop getting better. At RoleModel Software, we’re learning every day.