Thu.Sep 21, 2023

article thumbnail

Forecasts of SIEM Death Premature - Just Ask Cisco, Splunk

Data Breach Today

Cisco's Planned $28B Purchase of Splunk Shows XDR and SIEM Can Run Side by Side It turns out SIEM isn't on life support after all. Cisco is providing 28 billion reasons to believe enterprises aren't scrapping the security operations center staple anytime soon, even though rivals with other types of security technology have attempted to write SIEM's obituary for years.

Security 298
article thumbnail

GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals

The Last Watchdog

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals. Related: How Putin has weaponized ransomware In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Breach Roundup: Effects of ISP Ransomware Attack in Colombia

Data Breach Today

Also, Clorox Product Shortages; California Passes Data Broker Restrictions This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passed restrictions for data brokers and Finland seized a dark web marketplace.

article thumbnail

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

Chicago, Ill., Sept. 21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Organizations gathered to discuss courses and programs to address the critical cybersecurity workforce needs in the United States.

article thumbnail

10 Rules for Managing Apache Cassandra

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

article thumbnail

Feds Warn About Snatch Ransomware

Data Breach Today

US Agency Advisory Sheds Light on the Group's Activities The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U.S. authorities. The group operates on a ransomware-as-a-service model.

More Trending

article thumbnail

Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks

Data Breach Today

How in the World Did Self-Proclaimed Hacktivists Hit System Tied to Border Control? A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite. Experts say these groups' impact largely remains minimal, which begs the question of how they disrupted arrival kiosks across Canadian airports.

282
282
article thumbnail

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware

KnowBe4

WIRED just published an article that made me both disappointed and surprised at the same time. Security researchers found USB-based Sogu espionage malware spreading within African operations of European and US firms.

Security 108
article thumbnail

Ohio Community College Data Theft Breach Affects Nearly 300K

Data Breach Today

Researchers Say Breach Illustrates Why Schools Are Major Targets for Cybercriminals An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal and health information. Security researchers say small schools such as this are now favored targets. Some 80% of schools have reported hacking incidents in the past year.

article thumbnail

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Exail, a French high-tech industrial group, left exposed a publicly accessible environment (.env) file with database credentials, the Cybernews research team has discovered. The company, formed in 2022 after ECA Group and iXblue merged, specializes in robotics, maritime, navigation, aerospace, and photonics technologies, ma

Access 98
article thumbnail

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

article thumbnail

Cryptohack Roundup: Private Key Compromise Led to CoinEx Hit

Data Breach Today

Also: Mark Cuban Hot Wallet Hack; Crypto Regulation This week, hackers stole $70 million from CoinEx, FTX resumed online claims, Balancer suffered a breach, Celsius creditors are targets of phishing, nearly $900,000 was stolen from Mark Cuban's hot wallet, Malta prepares for crypto regulation and Hong Kong cracked down on illicit crypto exchanges.

Phishing 276
article thumbnail

IBM TechXchange underscores the importance of AI skilling and partner innovation

IBM Big Data Hub

Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange , IBM’s premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, reseller

Cloud 106
article thumbnail

Journey to the Cloud: Navigating the Transformation - Part 3

Data Breach Today

Nikko Asset Management's Marcus Rameke on SaaS or PaaS vs. IaaS or On-Premises HCI In Part 3 of this three-part blog post, Nikko Asset Management's Marcus Rameke discusses why opting for SaaS or PaaS over IaaS is a sensible decision for most businesses, why cloud solutions are preferable to on-premises HCI, and how to achieve environmental sustainability.

Cloud 270
article thumbnail

BBTok Banking Trojan Impersonates 40+ Banks to Hijack Victim Accounts

Dark Reading

Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware.

110
110
article thumbnail

10 Rules for Managing Apache Kafka

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

article thumbnail

Dutch Police Warns Users of Credentials Leak Site

Data Breach Today

400 Potential WeLeakInfo Patrons Warned of Legal Costs of Criminal Wrongdoing Hundreds of Dutch patrons of a now-defunct credential marketplace received warnings from national police in an attempt to prevent potential crimes using illicitly obtained personal identifiable information. Dutch national police Politie said it had contacted 400 "possible customers" of WeLeakInfo.

IT 269
article thumbnail

Ukrainian hackers are behind the Free Download Manager supply chain attack

Security Affairs

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. Recently, researchers from Kaspersky reported the discovery of a free download manager site that has been compromised to serve Linux malware.

article thumbnail

Cisco to Bring XDR, SIEM Together With $28B Splunk Purchase

Data Breach Today

Cisco-Splunk Deal Will Fuel Move From Detection, Response to Prediction, Prevention Cisco's proposed $28 billion buy of Splunk allows businesses to move from threat detection and response to threat prediction and prevention by combining XDR and SIEM. The deal brings together Cisco's newly released XDR platform with Splunk's long-standing SIEM technology.

265
265
article thumbnail

New Revelations from the Snowden Documents

Schneier on Security

Jake Appelbaum’s PhD thesis contains several new revelations from the classified NSA documents provided to journalists by Edward Snowden. Nothing major, but a few more tidbits. Kind of amazing that that all happened ten years ago. At this point, those documents are more historical than anything else. And it’s unclear who has those archives anymore.

Archiving 103
article thumbnail

Navigating the Future: Generative AI, Application Analytics, and Data

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

article thumbnail

Cisco Moves into SIEM with $28B Deal to Acquire Splunk

Dark Reading

Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.

Marketing 113
article thumbnail

Cisco to Acquire Splunk for $28 Billion

eSecurity Planet

In a blockbuster deal that could shake up the cybersecurity market, Cisco announced this morning that it will acquire Splunk for $28 billion. If the deal clears regulatory hurdles, it would give Cisco a big position in the market for centralized cybersecurity management solutions like security information and event management (SIEM) and security orchestration, automation and response (SOAR) in addition to Cisco’s already sizable presence in network and endpoint security — and position the

article thumbnail

Hikvision Intercoms Allow Snooping on Neighbors

Dark Reading

The intercoms are used in thousands of apartments and offices across the world, and they can be used to spy on targets through the other devices they connect to.

105
105
article thumbnail

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

KnowBe4

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.

article thumbnail

Get Better Network Graphs & Save Analysts Time

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

article thumbnail

Understanding the Differences Between On-Premises and Cloud Cybersecurity

Dark Reading

The nature of cloud environments means security and technical teams need a different mindset to understand and manage their new attack surface.

Cloud 112
article thumbnail

New SEC Rules Add Challenges in Uncertain Cyber Insurance Market

KnowBe4

[BUDGET AMMO] Jeremy King is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in response to new SEC reporting requirements for cybersecurity incidents and threats.

article thumbnail

'Gold Melody' Access Broker Plays on Unpatched Servers' Strings

Dark Reading

A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.

Access 99
article thumbnail

FTC and HHS Update Consumer Health Data Privacy and Security Guide

Hunton Privacy

On September 15, 2023, the Federal Trade Commission and the Department of Health and Human Services (“HHS”) published an updated version of the two agencies’ joint publication, entitled “Collecting, Using, or Sharing Consumer Health Information? Look to HIPAA, the FTC Act, and the Health Breach Notification Rule.” The publication aims to help businesses learn more about their legal obligations under some of the health privacy and security-related laws and rules enforced by the FTC and the HHS,

Privacy 74
article thumbnail

How Embedded Analytics Gets You to Market Faster with a SAAS Offering

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

article thumbnail

Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor

Dark Reading

The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.

IT 108
article thumbnail

BREAKING: UK-U.S. Data Bridge Finalized

Hunton Privacy

On September 21, 2023, UK Secretary of State for Science, Innovation and Technology Michelle Donelan laid regulations in the UK Parliament, giving effect to a UK-U.S. Data Bridge. The regulations are supported by several documents , including a fact sheet and an “explainer.” The regulations are due to take effect on October 12, 2023. U.S. companies approved to join the “UK Extension to the EU-US Data Privacy Framework” will be able to receive UK personal data under the new Data Bridge.

article thumbnail

Growing Chinese Tech Influence in Africa Spurs 'Soft Power' Concerns

Dark Reading

A working group is rolling out in developing parts of the world, in response to concerns about the amount of technology being rolled out and across Africa by Chinese companies.

83