IG Guru

DECEMBER 29, 2021

Check out the study here. The post IAPP published Privacy Risk Study 2021 appeared first on IG GURU.

Risk 76

Risk Privacy 76

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. According to The T-Mo Report , which viewed T-Mobile internal documents, there was “unauthorized activity” on some customer accounts.

Data breaches 135

Data breaches Access Security Information Security 135

Threatpost

DECEMBER 29, 2021

Jason Kent, hacker-in-residence at Cequence Security, discusses sneaky shopping bot tactics (i.e., domain parking) seen in a mass campaign, and what retail security teams can do about them.

Retail 114

Retail Security 114

Security Affairs

DECEMBER 29, 2021

The Apache Software Foundation released Log4j 2.17.1 version to address recently discovered arbitrary code execution flaw tracked as CVE-2021-44832. The Apache Software Foundation released Log4j 2.17.1 version to address a recently discovered arbitrary code execution flaw, tracked as CVE-2021-44832, affecting Log4j 2.17.0. CVE-2021-44832 is the fifth vulnerability discovered in the popular library in the last weeks.

Libraries 128

Libraries Security IT Information Security 128

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

eSecurity Planet

DECEMBER 29, 2021

MITRE ATT&CK (“miter attack”) is an up-to-date and widely-used knowledge base that focuses on how attackers think and operate. It’s based on practical use cases, so companies can better evaluate security issues and get examples of common tactics and techniques used by threat actors. ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) documents adversary behaviors to be used by red teams (e.g., for pentesting ) but also by defenders who want to understand “the conte

Analytics 101

Analytics Risk Passwords Access 101

The Security Ledger

DECEMBER 29, 2021

In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source library. Mark talks about how the Internet community can come together ahead of the next vulnerability to make sure the. Read the whole entry. » Click the icon below to listen.

Libraries 98

Libraries Agriculture Risk Authentication 98

Security Affairs

DECEMBER 29, 2021

A cyber attack hit Norwegian media company Amedia on Tuesday and forced it to shut down multiple systems. Amedia , one of the largest media companies in Norway, was hit by a “serious” cyber attack and was forced to shut down its computer systems. The company is whole or partial owner of 50 local and regional newspaper with online newspapers and printing presses, and its own news agency, Avisenes Nyhetsbyrå.

Paper 112

Paper Passwords Ransomware IT 112

Dark Reading

DECEMBER 29, 2021

Don't think of zero trust as a product. Think of it as "how you actually practice security.

Security 134

Security IT 134

Threatpost

DECEMBER 29, 2021

Here’s what cybersecurity watchers want infosec pros to know heading into 2022. .

Cybersecurity 138

Cybersecurity IoT Cloud Government 138

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Dark Reading

DECEMBER 29, 2021

That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off.

Cybersecurity 105

Cybersecurity IT 105

Security Affairs

DECEMBER 29, 2021

China-linked APT group Aquatic Panda is exploiting the Log4Shell vulnerability to compromise a large academic institution. China-linked cyberespionage group Aquatic Panda was spotted exploiting the Log4Shell vulnerability ( CVE 2021-44228 ) in an attack aimed at a large academic institution. According to the Crowdstrike OverWatch team, the APT group is using a modified version of the Log4j exploit published on GitHub on December 13.

Libraries 97

Libraries Access Security IT 97

Threatpost

DECEMBER 29, 2021

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.

Mining 92

Mining Cloud Security 92

Krebs on Security

DECEMBER 29, 2021

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site’s birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone.

Ransomware 232

Ransomware Privacy Security IT 232

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Robert's Db2

DECEMBER 29, 2021

Recently I've encountered some situations in which organizations running Db2 for z/OS in data sharing mode had lock structures that were not sized for maximum benefit. In this blog entry, my aim is to shed some light on lock structure sizing, and to suggest actions that you might take to assess lock structure sizing in your environment and to make appropriate adjustments.

Access 62

Access Communications IT 62