Krebs on Security

JULY 1, 2020

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind couching these events as newsworthy is that the attacks involve publicly traded companies or recognizable brands, and that investors and th

Ransomware 297

Ransomware Encryption Communications Cybersecurity 297

Data Breach Today

JULY 1, 2020

Move Comes Despite Lack of Final Version of Sweeping Data Protection Law Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take.

IT 298

IT Compliance Privacy 298

Lenny Zeltser

JULY 1, 2020

Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I’m happy to share what I’ve learned over the years about writing effective threat reports in the following 36-minute video.

Phishing 145

Phishing Cybersecurity IT Information Security 145

Data Breach Today

JULY 1, 2020

Researchers: Attackers Use SMS Phishing Messages to Spread Info Stealer The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.

Phishing 274

Phishing 274

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

IT Governance

JULY 1, 2020

The first half of 2020 ended on a familiarly bad note, with 92 security incidents accounting for at least 7,021,195,399 breached records. That figure was boosted significantly by KeepNet Labs finally bowing to pressure and admitting that a third party did in fact briefly expose five billion records online. The only saving grace for the organisation – which didn’t do itself any favours by initially denying the story and threatening to sue people who reported on it – is that the leaked database co

Data breaches 140

Data breaches Ransomware Retail Personal data 140

Security Affairs

JULY 1, 2020

Netgear is addressing ten vulnerabilities affecting nearly 80 of its products, including issues discovered at the Pwn2Own hacking competition. Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI).

Authentication 133

Authentication Cybersecurity Security IT 133

Data Breach Today

JULY 1, 2020

In-depth overview of the new attack surface of the remote worker Join us for an in-depth overview of the new attack surface of the remote worker.

Security 246

Security 246

Security Affairs

JULY 1, 2020

Experts discovered a new ransomware dubbed EvilQuest designed to target macOS systems, it also installs a keylogger and a reverse shell to take over them. Security experts have uncovered a new piece of ransomware dubbed EvilQuest designed to encrypt macOS systems, it is also able to install additional payloads and potentially take over the infected machine.

Ransomware 121

Ransomware Libraries Encryption Communications 121

Data Breach Today

JULY 1, 2020

Open Identity Exchange CEO Nick Mothershaw on the Global Outlook Implementing trusted digital IDs will create benefits for end users as well as service providers, says Nick Mothershaw, chair and executive director at the Open Identity Exchange. But widespread international adoption of such IDs will take time to achieve, he acknowledges.

214

214

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

IBM Big Data Hub

JULY 1, 2020

Follow @IBMAnalytics. This story is part of Analytics Heroes, a series of profiles on leaders transforming the future of business analytics.

Analytics 134

Analytics 134

Data Breach Today

JULY 1, 2020

Modern Identity Customer Identity Zero Trust View this panel discussion about deployment strategies and real case studies surrounding identity modernization initiatives.

Customer Experience 176

Customer Experience Security 176

Lenny Zeltser

JULY 1, 2020

In June 2020, the Federal Trade Commission (FTC) warned that “imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims.” How do such scams look from the victim’s perspective, and what can you do if you’re affected? As a victim of this scheme, I’d like to share my experience.

Insurance 116

Insurance Data breaches Government IT 116

Data Breach Today

JULY 1, 2020

Best practices for getting your workplace back up and running with Progress Register and attend this session to discuss IT Best Practices for Balancing On-Premises and Remote Teams

IT 183

IT Security 183

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Hunton Privacy

JULY 1, 2020

On July 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) became enforceable by the California Attorney General. Under the statute, businesses are granted 30 days to cure any alleged violations of the law after being notified of alleged noncompliance. If a business fails to cure the alleged violation, it may be subject to an injunction and liable for a civil penalty of up to $2,500 for each violation or $7,500 for each intentional violation.

Privacy 111

Privacy IT 111

Data Breach Today

JULY 1, 2020

Telecoms Cannot Use Federal Funds to Buy Gear from Chinese Firms The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.

Security 144

Security Communications 144

Hunton Privacy

JULY 1, 2020

The Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) recently announced that it levied a €600,000 fine on banking institution UniCredit for several violations of the Italian Personal Data Protection Code, in its pre-General Data Protection Regulation (“GDPR”) form. The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.

Data breaches 111

Data breaches GDPR Personal data Education 111

DLA Piper Privacy Matters

JULY 1, 2020

By: Nick Valentine, Laura Scampion, Rachel Taylor. After a lengthy process (dating as far back as 1998, depending on how you measure it) the Privacy Bill, which amends the Privacy Act 1993, has finally made its way through Parliament, receiving Royal Assent on 30 June 2020. The amendments, which come into effect on 1 December 2020 , introduce some of the most significant changes to New Zealand’s privacy law since the enactment of the Privacy Act, including: mandatory data breach reporting

Privacy 105

Privacy Data breaches GDPR Compliance 105

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

JULY 1, 2020

Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities tracked as CVE-2020-1425 & CVE-2020-1457 that impact Windows 10 and Windows Server 2019 OSs. “A remoted code execution vulnerability

Libraries 104

Libraries Security IT Information Security 104

Threatpost

JULY 1, 2020

A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.

Security 115

Security 115

Security Affairs

JULY 1, 2020

Xerox Corporation is the last victim of the Maze ransomware operators, hackers have encrypted its files and threaten of releasing them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show that a Xerox domain has been encrypted.

Ransomware 100

Ransomware Encryption Military IT 100

Threatpost

JULY 1, 2020

Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.

Security 115

Security 115

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

WIRED Threat Level

JULY 1, 2020

The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers.

IT 113

IT Passwords Ransomware Security 113

Security Affairs

JULY 1, 2020

The U.S. Federal Communications Commission (FCC) announced that Chinese telecommunications giants Huawei and ZTE are considered as national security threats. Last week China accused the US government of “oppressing Chinese companies” after U.S. regulators declared Huawei and ZTE to be national security threats. The Federal Communications Commission blocked the Chinese companies from receiving subsidies from a government fund.

Communications 89

Communications Security Government Military 89

WIRED Threat Level

JULY 1, 2020

A lack of dedicated funding and resources made it hard to keep data secure—and that was before classes moved almost entirely online.

Cybersecurity 112

Cybersecurity Security IT 112

OpenText Information Management

JULY 1, 2020

This blog is co-authored by Andy Teichholz and Gino Vicari. July 1, 2020 marks the start of enforcement of the California Consumer Privacy Act (CCPA). COVID-19 did little to persuade the Attorney General of California to delay enforcement, instead, California residents (consumers) were reminded of their rights and even provided tips on how to stay … The post Responding to subject rights requests for the CCPA and beyond appeared first on OpenText Blogs.

Privacy 87

Privacy Access GDPR Data Privacy 87

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

JULY 1, 2020

Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.

Ransomware 118

Ransomware Cybersecurity Security 118

Schneier on Security

JULY 1, 2020

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company that's selling the stuff to consumers.

IoT 119

IoT Manufacturing Security Paper 119

Dark Reading

JULY 1, 2020

Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.

Ransomware 105

Ransomware 105