Data Breach Today
APRIL 21, 2021
$50 Million Extortion Demand Issued to Apple and Taiwanese Manufacturer Quanta The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff. The extortion threat - with a reported $50 million opening demand - was unveiled hours before Apple made a series of major new product announcements.
The Last Watchdog
APRIL 21, 2021
Google was absolutely right to initiate a big public push a couple of years ago to make HTTPS Transport Layer Security (TLS) a de facto standard. Related: Malicious activity plagues the cloud services. At the time, in the spring of 2018, only 25 percent of commercial websites used HTTPS; today adoption is at 98 percent and rising. Far beyond just protecting websites, TLS has proven to be a linchpin of network-level communications across the board.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 21, 2021
Group Used Fresh Tactic to Target South Korea Malwarebytes researchers report the North Korean APT group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document.
The Last Watchdog
APRIL 21, 2021
How do you bring a $9 billion-a-year, digitally-agile corporation to a grinding halt? Related: Why it’s vital to secure IoT. Ask Spotify. When the popular streaming audio service went offline globally, last August, we saw a glimpse of just how tenuous digital transformation sometimes can be. Someone reportedly forgot to renew Spotify’s TLS certificate.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
APRIL 21, 2021
Agency Says Exploits Pose 'Unacceptable Risk' The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 21, 2021
Prosecutors Say Trade Secrets Sold to China A second former medical researcher has been sentenced to serve time in federal prison for his part in a conspiracy to steal trade secrets from an Ohio children’s hospital and sell them to China. Meanwhile, the hospital has filed suit, alleging violations of employment provisions involving data security.
Schneier on Security
APRIL 21, 2021
Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the company warned.
Data Breach Today
APRIL 21, 2021
“Work from anywhere” is a game-changer, and it has significant impacts on certificate lifecycle management. Patrick Nohe of GlobalSign discusses the new, strategic approach security leaders need to take for CLM.
Threatpost
APRIL 21, 2021
CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 21, 2021
Stuart McKenzie of FireEye on the Importance of Testing Defenses Ransomware attacks now routinely feature multifaceted extortion efforts, and defenses need to evolve, says Stuart McKenzie of FireEye, who offers an analysis of the findings of the FireEye M-Trends 2021 report.
Security Affairs
APRIL 21, 2021
The REvil ransomware operators are attempting to blackmail Apple after they has allegedly stolen product blueprints of the IT giant from its business partner. REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer.
Data Breach Today
APRIL 21, 2021
FireEye: Vulnerabilities Could Be Used to Access Email, Pivot Further Into Systems SonicWall has patched three zero-day vulnerabilities in the hosted and on-premises versions of its Email Security product after attackers began exploiting them last month. Attackers can exploit the flaws to access email and pivot deeper into organizations' systems, FireEye Mandiant reports.
Security Affairs
APRIL 21, 2021
Security vendor SonicWall has addressed three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. SonicWall is warning its customers to update their hosted and on-premises email security products to address three zero-day vulnerabilities that are being actively exploited in the wild. The three vulnerabilities addressed by the security vendor are: CVE-2021-20021 : Email Security Pre-Authentication Administrative Account Creation: A vulnerability in the Soni
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Threatpost
APRIL 21, 2021
Attacks dubbed ‘Fajan’ by researchers are specifically targeted and appear to be testing various threat techniques to find ones with the greatest impact.
Hunton Privacy
APRIL 21, 2021
On April 20, 2021, Apple announced that its AppTracking Transparency Framework (“ATT Framework”) will go into effect starting April 26, 2021, along with the upcoming public release of iOS 14.5, iPadOS 14.5 and tvOS 14.5. The announcement specifies that when submitting an app to Apple for review, app developers must (1) declare in the app’s App Store Privacy Information section any form of “tracking” the app will engage in ( i.e. , by Identifier for Advertisers or any other identifier, e.g. , nam
Security Affairs
APRIL 21, 2021
During an undercover interview, a CyberNews researcher tricked ransomware operators affiliated with Ragnar Locker into revealing their ransom payout structure, cash out schemes, and target acquisition strategies. From a relatively rare threat just a few years ago to one of the biggest moneymakers for cybercriminals today – the meteoric rise of ransomware has cast a shadow of anxiety across businesses of all sizes.
Threatpost
APRIL 21, 2021
Usage is way up, but so are cyberattacks: Mobile phishing, malware, banking heists and more can come from just one wrong scan.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
APRIL 21, 2021
Three zero-day vulnerabilities helped an attacker install a backdoor, access files and emails, and move laterally into a target network.
Threatpost
APRIL 21, 2021
A vendor develops the series logically so that the tools do not just cover individual needs, but complement each other. For example, the concept of SearchInform is to ensure control of threats at all levels of the information network: from hardware and software to file systems and databases, from user actions on a PC to their activity on the Internet.
Dark Reading
APRIL 21, 2021
Ransomware gets the headlines, but business paid out $1.8 billion last year to resolve BEC issues, according to an FBI report.
Threatpost
APRIL 21, 2021
David “moose” Wolpoff, co-founder and CTO at Randori, talks lesser-known hacking paths, including unresolved "fixme" flags in developer support groups.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
APRIL 21, 2021
The vulnerabilities opened the door to “ghosts” hiding in and disrupting rooms, where moderators would be unable to mute them.
IG Guru
APRIL 21, 2021
ARMA Greater Columbus Spring Seminar is virtual this year!Due to the pandemic, and the various guidelines surrounding it and the restrictions in travel, ARMA Greater Columbus has gone virtual! We will return to in person meetings when circumstances permit, and we will keep you informed. The Spring Seminar will be held on Thursday, May 20, […].
WIRED Threat Level
APRIL 21, 2021
The groups used social engineering techniques on Facebook to direct targets to a wide range of malware, including custom tools.
OpenText Information Management
APRIL 21, 2021
Twelve months ago, we made the difficult – but vital – decision to move OpenText™ World from a physical event to a virtual event in your office, dining room or kitchen! One year on, and we would have loved to get together in person in the Asia Pacific region to update you on the latest innovations from OpenText, … The post Top 4 reasons to attend OpenText World Asia Pacific appeared first on OpenText Blogs.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
APRIL 21, 2021
The company plans to use Velociraptor's technology and insights to build out its own incident response capabilities.
OpenText Information Management
APRIL 21, 2021
Getting timely, accurate information into the hands of workers continues to be a critical challenge facing organizations in this new world of work. Efficiently accessing and using relevant information is vital to collaborative functions, decision making and customer service. With the new release of OpenText™ Documentum™ CE 21.2, we’ve made improvements across the Documentum platform … The post What’s new in OpenText Documentum CE 21.2 appeared first on OpenText Blogs.
Dark Reading
APRIL 21, 2021
Social engineering pen testing is just one step in preventing employees from falling victim to cybercriminals.
Expert insights. Personalized for you.
318 
Let's personalize your content