Tue.Jul 20, 2021

Data Analytics: 3 Critical Questions

Data Breach Today

EY's Maryam Hussain on Launching a Successful Project Launching a successful data analytics project requires asking three critical questions, says Maryam Hussain, partner, forensic and integrity services at Ernst & Young in the U.K.

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

Peter Levashov, appearing via Zoom at his sentencing hearing today.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Can the US Curb China's Cyber Ambitions?

Data Breach Today

Security Experts Weigh the Impact of White House's Latest Cyber Moves Many security experts and analysts are applauding the U.S. for calling out China's cyber behavior, especially after the White House had focused so much attention on Russia's cyber activities. But some are calling for bolder actio

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists.

Build Your Open Data Lakehouse on Apache Iceberg

Speaker: Veena Vasudevan and Jason Hughes

In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!

TSA Issues Cybersecurity Requirements for Pipelines

Data Breach Today

Agency Cites 'Ongoing Cybersecurity Threat' The U.S. Transportation Security Administration issued a directive Tuesday requiring owners and operators of oil and natural gas pipelines to implement several cybersecurity controls.

More Trending

Researchers Found Flaws in Telegram's Cryptographic Protocol

Data Breach Today

MTProto Has Since Been Patched Security researchers identified flaws in messaging app Telegram's cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched

A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide

Security Affairs

Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems.

Elekta Health Data Breach Victim Count Grows

Data Breach Today

Swedish Vendor's Recent Cyber Incident Leads to More Notifications The number of U.S. healthcare entities affected by a recent cyber incident targeting a Sweden-based provider of oncology radiation systems and related services is growing.

A New Approach to Finding Cybersecurity Talent: A Conversation with Alan Paller

eSecurity Planet

A group of technology luminaries have launched an effort to find and train a new generation of cybersecurity talent, an effort that will gain steam tomorrow with The Cyber Talent CIO Forum.

The Ultimate Guide to Hardening Windows Servers

IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!

Case Study: A REvil Ransom Negotiation

Data Breach Today

Security Firm Elliptic Illustrates How Group Was Willing to Reduce Its Demands The blockchain analysis firm Elliptic offers a step-by-step case study, based on its research, of how one victim of the REvil ransomware gang negotiated a lower ransom payment.

Kelihos botmaster Peter Levashov gets time served

Security Affairs

A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release for his role in operating the Kelihos botnet.

Leak of Alleged Pegasus Target List Restokes Spyware Debate

Data Breach Today

Sales 164

A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root

Security Affairs

Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary code as root.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

How To Estimate Your Document Automation Potential

AIIM

Understanding the Key Factors that Affect How Much Document Automation You Can Achieve. When the word “automation” is brought up in a conversation, most people think of something that is completely handed over to machines.

Paper 83

Microsoft secured court order to take down domains used in BEC campaign

Security Affairs

Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users. Microsoft’s Digital Crimes Unit (DCU) has seized 17 domains that were used by scammers in a business email compromise (BEC) campaign aimed at its customers.

PRESS RELEASE: 2021 LA ARMA NOSTRA CERTIFICATION REIMBURSEMENT GRANT PROGRAM

IG Guru

Palmyra, NJ (July 15, 2021) – The ARMA International Educational Foundation (Foundation) is pleased to announce it will administer La ARMA Nostra’s 2021 Reimbursement Grant Program.

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

Threatpost

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Vulnerabilities

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Thales Cloud Protection & Licensing

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year. madhav. Tue, 07/20/2021 - 09:40. 2020 was a challenging year for the world.

Cloud 105

Law Firm to the Fortune 500 Breached with Ransomware

Threatpost

Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM. Breach Malware Web Security

Announcing OpenText Content Cloud CE 21.3

OpenText Information Management

Succeeding in a modern work landscape of remote resources, dispersed processes and ever-increasing volumes of digital content requires a new generation of content management tools.

Cloud 63

Researchers: NSO Group’s Pegasus Spyware Should Spark Bans, Apple Accountability

Threatpost

Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. Malware Mobile Security Vulnerabilities

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

Announcing OpenText AI and Analytics CE 21.3

OpenText Information Management

The amount of content and data available to organizations is ever-increasing. It’s reached a point where 95% of businesses consider managing unstructured data a problem.

A New Security Paradigm: External Attack Surface Management

Threatpost

Advanced EASM solutions are crucial to automating the discovery of the downstream third-party (or fourth-party, or fifth-party, etc.) IT infrastructures that your organization is exposed to, and may be vulnerable to attack, posing a critical risk for your organization. Sponsored Web Security

Risk 101

Announcing OpenText Security & Protection Cloud CE 21.3

OpenText Information Management

Headline-making events like SolarWinds, Colonial Pipeline, and JBS have exposed a major vulnerability for security teams – a lack of resources to effectively detect and respond to security threats before they become serious breaches.

Cloud 60

MosaicLoader Malware Delivers Facebook Stealers, RATs

Threatpost

The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. Malware Web Security

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

Announcing OpenText CE 21.3 for Digital Process Automation

OpenText Information Management

Digital process automation continues to drive digital transformation projects, maximizing the value of information and ensuring governance by automating business processes, enabling better decision-making, and improving customer, partner and employee experiences.

Why Your Business Needs a Long-Term Remote Security Strategy

Threatpost

Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches. Breach Cloud Security InfoSec Insider Malware Mobile Security Web Security

Announcing OpenText Developer Cloud CE 21.3

OpenText Information Management

The new OpenText™ Developer Cloud continues to be updated with our new commercial North American availability zone. Now an OpenText Developer subscriber can deploy their apps for their North American customers in the same high availability area as our Core brand of SaaS products are deployed.

Cloud 56