Threatpost

SEPTEMBER 9, 2019

Wikipedia and World of Warcraft Classic users reported global outages over the weekend in targeted - and connected - DDoS attacks.

Security 75

Security 75

Krebs on Security

SEPTEMBER 9, 2019

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.

IT 230

IT Government Military Access 230

Data Breach Today

SEPTEMBER 9, 2019

Beyond 'Patch or Perish' - CISOs' Risk-Based Approach to Fixing Vulnerabilities Every week seems to bring a fresh installment of "patch or perish." But security experts warn that patch management, or the larger question of vulnerability management, must be part of a much bigger-picture approach to managing risk. And the challenge continues to get more complex.

Risk 218

Risk Security 218

Security Affairs

SEPTEMBER 9, 2019

Security expert discovered that busing a well-known feature of deleting messages it is possible to threate the users’ privacy. This is not a security vulnerability its a privacy issue. As I understand Telegram a messaging app focuses on privacy which has over 10,00,00,000+ downloads in Playstore. In this case, we are abusing a well-known feature of deleting messages, which allows users to delete messages sent by mistake or genuinely to any recipient.

Privacy 92

Privacy Security Risk IT 92

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

SEPTEMBER 9, 2019

Sites in Europe, Middle East Affected Over the Weekend Online encyclopedia Wikipedia is investigating a DDoS attack that temporarily blocked access to several of its European and Middle Eastern sites over the weekend.

Access 184

Access IT 184

Data Breach Today

SEPTEMBER 9, 2019

Brian Romansky of Owl Cyber Defense Discusses the Role of Data Diodes Data diodes provide a way to control data flows in IoT devices, says Brian Romansky of Owl Cyber Defense, who describes "unhackable" hardware.

IoT 181

IoT Security 181

Micro Focus

SEPTEMBER 9, 2019

Can you believe that in September 1959, the world first heard the technical acronym ‘COBOL’? The history of COBOL over the past 60 years is fascinating, and proof of COBOL’s durability. Recorded statements of the value and ubiquity of the language have been reported widely over the years. Check out these impressive statistics: · 70%. View Article.

86

86

Data Breach Today

SEPTEMBER 9, 2019

Google Says It Stands by the Research Apple is criticizing recent Google research that describes an expansive iPhone hacking campaign, accusing Google of "stoking fear" among users of its products. Google says it stands by its blog post, which focused on technical findings.

IT 161

IT 161

Dark Reading

SEPTEMBER 9, 2019

Research highlights how most criminals exploit human curiosity and trust to click, download, install, open, and send money or information.

98

98

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

SEPTEMBER 9, 2019

Metasploit: Release Intended to Call Attention to Urgent Need to Patch Vulnerability A new weaponized proof-of-concept exploit for the BlueKeep vulnerability in Windows has been released by researchers at Rapid7 and Metasploit in an effort to help create a sense of urgency to patch the flaw.

155

155

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. and 7 p.m., a cyber event disrupted energy grid operations in California, Wyoming, and Utah.

Energy and Utilities 81

Energy and Utilities Communications Manufacturing Risk 81

Hunton Privacy

SEPTEMBER 9, 2019

The Cayman Islands Data Protection Law, 2017 (“DPL”), which was published in June 2017, will go into force on September 30, 2019. The DPL includes requirements for the protection of personal data and is centered upon eight data protection principles. According to the newly minted Cayman Islands data protection authority, the DPL aligns the Cayman Islands with other major jurisdictions around the world.

Personal data 75

Personal data Data breaches IT 75

Security Affairs

SEPTEMBER 9, 2019

The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. In June 2018, Symantec observed the Thrip group for the first time, at the time the crew has breached the systems of satellite operators, telecommunications compan

Military 80

Military Communications Government Education 80

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

SEPTEMBER 9, 2019

Phishing works because people are, by nature, trusting -- but these evolving phishing techniques make it even tougher for security managers to stay on top.

Phishing 80

Phishing Security IT 80

Security Affairs

SEPTEMBER 9, 2019

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data. Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns.

Systems administration 79

Systems administration Encryption Communications Security 79

Micro Focus

SEPTEMBER 9, 2019

COBOL at 60: What’s next? My previous post reflected that COBOL has turned 60. This unique programming language has endured all the changes of the last 60 years, and I predict it will survive all the innovation and change of the next 60. But how will you keep up with change? How can COBOL meet. View Article.

IT 73

IT Government 73

Security Affairs

SEPTEMBER 9, 2019

The popular free online encyclopedia Wikipedia was not reachable following what it has described as a “malicious attack” Popular online reference website Wikipedia went down in several countries after the server of the Wikimedia Foundation that host it were hit by a “massive” Distributed Denial of Service (DDoS) attack. The news of intermittent outages was first disclosed by the organization in a tweet on Friday.

Access 78

Access IT Security Information Security 78

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

SEPTEMBER 9, 2019

Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices.

IoT 89

IoT Passwords 89

Dark Reading

SEPTEMBER 9, 2019

The ransomware campaign affected 22 local governments, none of which have paid the attackers' $2.5 million ransom demand.

Ransomware 84

Ransomware Government 84

WIRED Threat Level

SEPTEMBER 9, 2019

Security researchers say iOS's security woes stem in part from Apple putting too much trust in its own software's code.

Security 77

Security IT 77

Dark Reading

SEPTEMBER 9, 2019

Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.

79

79

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

WIRED Threat Level

SEPTEMBER 9, 2019

Opinion: There’s little data on the effectiveness of mental health reporting laws, and we’re being distracted from measures we know will save lives.

Security 67

Security 67

Dark Reading

SEPTEMBER 9, 2019

All organizations with Windows infrastructures should make sure their systems are patched to current versions, Rapid7 suggests.

67

67

Collaboration 2.0

SEPTEMBER 9, 2019

Our connected world is now in many ways more engaging than 'being there' and this is a huge problem for retail and event organizers as they attempt to justify travel and expense to attend live events and shopping expeditions

Retail 51

Retail 51

Dark Reading

SEPTEMBER 9, 2019

Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.

Military 59

Military 59

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Threatpost

SEPTEMBER 9, 2019

A critical vulnerability found in Exim servers could enable a remote, unauthenticated attacker to execute arbitrary code with root privileges.

Cloud 58

Cloud Security 58

WIRED Threat Level

SEPTEMBER 9, 2019

If you signed up for $125 payout in the Equifax settlement, you just hit another hurdle. But this isn't over.

Security 63

Security 63

Threatpost

SEPTEMBER 9, 2019

Apple said Google’s recent analysis of vulnerabilities found January in iOS painted a misleading picture of the scope of the attacks and the risk involved.

Risk 54

Risk Security 54