Data Breach Today
FEBRUARY 4, 2021
Researchers: 'Hildegard' Linked to TeamTNT Hacking Group A previously undocumented malware variant called "Hildegard" is targeting Kubernetes clusters, according to Palo Alto Networks' Unit 42. The malicious code is likely the work of the TeamTNT hacking group, which mines for monero cryptocurrency.
Krebs on Security
FEBRUARY 4, 2021
Facebook, Instagram , TikTok , and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrative resale of compromised, highly sought-after usernames.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 4, 2021
Researchers: Fraudsters Used Combination of Techniques Security researchers at Armorblox uncovered an unusual invoice-themed phishing campaign designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.
AIIM
FEBRUARY 4, 2021
Twenty years ago, the average consumer used two touchpoints when buying an item, and only 7% regularly used more than four. Today consumers use an average of almost six touchpoints, with nearly 50% regularly using more than four. ( Marketing Week ) And that’s not including the after purchase touchpoints including, invoicing, billing, shipping, service and support, and feedback.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 4, 2021
Report: Botnet Now Capable of Exfiltrating Additional Data From Networks The operators behind the Trickbot malware are deploying a new reconnaissance tool dubbed "Masrv" to exfiltrate additional data from targeted networks, according to a Kryptos Logic report. Other researchers have noticed increases in the botnet's activity over the last month.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 4, 2021
Supposed Rivals Said Maze Gang Had Moscow Backing - But Was That Just Sour Grapes? Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government. But is that just sour grapes, or even simply an attempted scam?
Threatpost
FEBRUARY 4, 2021
The company’s controversial practice of collecting and selling billions of faceprints was dealt a heavy blow by the Privacy Commissioner that could set a precedent in other legal challenges.
Data Breach Today
FEBRUARY 4, 2021
Prosecutors Say Insider Conspired to Sell Trade Secrets to China The sentencing this week of a medical researcher who pleaded guilty in a federal case involving conspiracy to steal trade secrets from a children’s hospital and sell them to China spotlights the growing risks to medical intellectual property posed by insiders.
Schneier on Security
FEBRUARY 4, 2021
At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using an already existing vulnerability in Orion to penetrate networks : Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
WIRED Threat Level
FEBRUARY 4, 2021
Security cameras. License plate readers. Smartphone trackers. Drones. We’re being watched 24/7. What happens when all those data streams fuse into one?
Troy Hunt
FEBRUARY 4, 2021
For about the last decade, a huge proportion of my interactions with people has been remote and across different cultures and time zones. Initially this was in my previous life at Pfizer due to the regional nature of my role and over the last six years, it's been as an independent either talking to people remotely or travelling to different places. Since I began dropping content into this post, pretty much everyone now finds themselves in the same position - conducting most of their meetings onl
Security Affairs
FEBRUARY 4, 2021
Google has addressed an actively exploited zero-day vulnerability, tracked as CVE-2021-21148, with the release of the Chrome 88.0.4324.150 version. Google released Chrome 88.0.4324.150 version that addressed an actively exploited zero-day security vulnerability. The vulnerability is a Heap buffer overflow that resides in the V8 , which is an open-source high-performance JavaScript and WebAssembly engine, written in C++.
Troy Hunt
FEBRUARY 4, 2021
This week's update comes to you amongst the noisy backdrop of the garden being literally chopped up by high pressure hose (which I think my beautiful Rhode Broadcaster mic successfully excluded). As I say in the intro, it appears the horticulture industry is a little like the software one where you get cowboys who in this case, put in plants that were way too big and whose roots now threaten to break through the tiles and the house itself, Little Shop of Horrors style.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Hunton Privacy
FEBRUARY 4, 2021
On February 4, 2021, the French Data Protection Authority (the “CNIL”) announced (in French) that it sent letters and emails to approximately 300 organizations, both private and public, to remind them of the new cookie law rules and the need to audit sites and apps to comply with those rules by March 31, 2021. Background. On October 1, 2020, the CNIL published a revised version of its guidelines on cookies and similar technologies (the “Guidelines”), its final recommendations on the practical mo
Security Affairs
FEBRUARY 4, 2021
The provider of network security products Stormshield discloses data breach, threat actors stole information on some of its clients. Stormshield is a major provider of network security products to the French government, some approved to be used on sensitive networks. Stormshield is a French publisher of software specialized in computer security, its products are certified and qualified by ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information).
Threatpost
FEBRUARY 4, 2021
A new DDoS botnet propagates via the Android Debug Bridge and uses Tor to hide its activity.
Security Affairs
FEBRUARY 4, 2021
SonicWall has released a security patch to address the zero-day flaw actively exploited in attacks against the SMA 100 series appliances. SonicWall this week released firmware updates (version 10.2.0.5-29sv) to address an actively exploited zero-day vulnerability in Secure Mobile Access (SMA) 100 series appliances. The vulnerability, tracked as CVE-2021-20016 , has been rated as critical and received a CVSS score of 9.8.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
FEBRUARY 4, 2021
As many as 100,000 of the music streaming service's customers could face account takeover.
Security Affairs
FEBRUARY 4, 2021
Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to execute arbitrary code as root on vulnerable devices.
Threatpost
FEBRUARY 4, 2021
The vulnerabilities exist in Cisco's RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses.
Dark Reading
FEBRUARY 4, 2021
With access to some training data, Microsoft's red team recreated a machine-learning system and found sequences of requests that resulted in a denial-of-service.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Threatpost
FEBRUARY 4, 2021
A savvy phishing campaign manages to evade native Microsoft security defenses, looking to steal O365 credentials.
Dark Reading
FEBRUARY 4, 2021
Over 660 researchers from 62 countries collected rewards for reporting bugs in Chrome, Android, and other Google technologies.
Micro Focus
FEBRUARY 4, 2021
How do we measure how strategic we are to our customers? Micro Focus uses double-blind competitive benchmarking in order to gauge how well we are doing against the competition. This strategy means we can understand how we are performing with a high degree of statistical accuracy using a highly repeatable and scientific method. There are a. View Article.
Dark Reading
FEBRUARY 4, 2021
The grants will be awarded to six school districts in the United States to help prepare for, and respond to, cyberattacks.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
OpenText Information Management
FEBRUARY 4, 2021
The Life Sciences supply chain continues to face significant challenges as we manufacture and distribute COVID-19 vaccines. The sheer scale and pace of COVID-19 vaccine distribution has never been seen before. For the transportation of drugs such as the Pfizer vaccine, where effective temperature control remains a vital concern, Life Sciences supply chains must enable granular visibility and management of shipments as they pass through each link in the chain.
WIRED Threat Level
FEBRUARY 4, 2021
Twitter, Instagram, and TikTok have all taken action against the hacker community in recent days.
DLA Piper Privacy Matters
FEBRUARY 4, 2021
Heidi Waem , Frederik Ringoot. Belgium: DPA imposes fine on provider “pink boxes” : free products vs. free consent and other interesting take-aways. On 27 January 2021, the Belgian Data Protection Authority (“BDPA”) imposed a EUR 50,000 fine and an obligation to change its data processing activity on the company “ Nationale Dienst Voor Promotie van Kinderartikelen NV ”/” Service National de Promotion des Marques Enfantines SA ” (“Family Service”, its tradename).
Expert insights. Personalized for you.
346 
Let's personalize your content