Fri.Feb 04, 2022

article thumbnail

The UK’s new International Data Transfer Agreement Released

Data Matters

On 28 January 2022, the UK Government Department for Digital, Culture, Media & Sport ( DCMS ) laid before the UK Parliament its International Data Transfer Agreement ( IDTA ) and International Data Transfer Addendum ( UK Addendum ) to the European Commission’s Standard Contractual Clauses ( EU SCCs ). If no objections are raised by the UK Parliament, the IDTA and the UK Addendum will come into force on 21 March 2022.

GDPR 120
article thumbnail

The EARN IT Act Is Back

Schneier on Security

Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition.

IT 123
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Want to Be an Ethical Hacker? Here's Where to Begin

Dark Reading

By utilizing these resources, beginner hackers can find their specific passions within the cybersecurity space and eventually make their own mark in the ethical hacking profession.

article thumbnail

How to Prepare for an Evacuation

Record Nations

As wildfires, floods, and natural disasters continue to creep into the suburbs, having an evacuation plan is essential. It’s not often that we write about personal experiences. However, it’s one of these experiences that led to the writing of this article. On December 30th, 2021, the historic Marshall fire ripped through the Colorado suburbs of […].

97
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Ransomware attack hit Swissport International causing delays in flights

Security Affairs

Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an aviation services company providing airport ground,lounge hospitality and cargo handling services owned by an international group of investors. The company handles around 282 million passengers and 4.8 million tonnes of cargo annually, on behalf of some 850 client-companies in the aviation sector.

More Trending

article thumbnail

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. The IT giant added has blocked more than 25.6 billion Azure AD brute force authentication attacks and detected 35.7 billion phishing emails with Microsoft Defender for Office 365 in 2021.

article thumbnail

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Threatpost

The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software.

article thumbnail

Retail giant Target open sources Merry Maker e-skimmer detection tool

Security Affairs

Retail giant Target is going to open-source an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Retail giant Target announced the release in open-source of an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Merry Maker is a tool designed by Target security developers Eric Brandel and Caleb Walch (@ebrandel and @cawalch) to detect the presence of e-skimmer on e-store.

Retail 90
article thumbnail

The 3 Most Common Causes of Data Breaches in 2021

Dark Reading

Phishing, smishing, and business email compromise continue to do their dirty work.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Over 500,000 people were impacted by a ransomware attack that hit Morley

Security Affairs

Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact centers and back office processing; meetings and incentives management; and exhibits and displays production.

article thumbnail

‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet

Threatpost

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what's next.

article thumbnail

A nation-state actor hacked media and publishing giant News Corp

Security Affairs

American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor. American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor that took place in January. The attackers compromised one of the systems of the company and had access to emails and documents of some employees.

article thumbnail

2022 CIGO Assn Announces IG Best Practice Awards

IG Guru

February 1, 2022 CIGO Association is pleased to announce that submissions are invited for the 2022 1st Annual CIGO IG Best Practice Awards. Submission Deadline is Monday, February 28, 2022. Only one nomination per organization. More information is here. Submissions must be made in PowerPoint, no more than 10 slides. An additional1-page written summary is optional and recommended. […].

71
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor

Security Affairs

An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An alleged Chinese threat actor, tracked as TEMP_Heretic , is actively attempting to exploit a zero-day XSS vulnerability in the Zimbra open-source email platform. The zero-day vulnerability impacts almost any Zimbra install running version 8.8.15.

article thumbnail

Expert Insights: Training the Data Elephant in the AI Room

Dark Reading

Be aware of the risk of inadvertent data exposure in machine learning systems.

Risk 97
article thumbnail

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically.

article thumbnail

China-Linked Group Attacked Taiwanese Financial Firms for 18 Months

Dark Reading

The Antlion group, also known as Pirate Panda and Tropic Trooper, has shifted to targeting mainly Taiwan, using custom backdoors against financial organizations.

84
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Adding to our Team

The Texas Record

The records management assistance team at the Texas State Library and Archives Commission welcomes a new analyst this month. Read more about Katherine Hoffman , who is now the point of contact for local governments in the East-South region of Texas. The East-South region is comprised of the following counties: Aransas Austin Bexar Brazoria Calhoun Colorado Comal.

article thumbnail

Consultus, LLC v. CPC Commodities (W.D. Mo. 2022)

eDiscovery Law

Key Insight: Plaintiffs argue that defendants’ claims of privilege should be overruled due to the crime-fraud exception. Defendants withheld emails claiming work product and attorney-client privilege. Plaintiffs have not argued that the emails are not covered by either the work product doctrine or the attorney-client privilege. The purpose of the crime-fraud exception is to assure […].

40
article thumbnail

Best Internet Security Suites & Software for 2022

eSecurity Planet

Malware is one of the biggest threats businesses face, and with nearly a third of all malware coming through the internet and email, businesses and consumers alike need ways to protect themselves. The best internet security software comes in several different forms, giving businesses all of the protection they need to identify and stop malware before it causes bigger problems.

Security 122
article thumbnail

If data is the new oil, ISO 20022 is the new gasoline

IBM Big Data Hub

The phrase ‘data is the new oil’ has been widely used in the last number of years, but in an unrefined state, it has limited use. ISO 20022 is refined and provides the necessary structure to efficiently drive multiple engines in a bank. Background on ISO 20022. ISO 20022 was first introduced in 2004 to provide more standardization and deliver richer information for Financial Services transactions.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Tips for API Security Testing

ForAllSecure

API security testing is a process that should be done regularly in order to ensure the safety of your application's data and users. In this post, we'll cover some tips to remember when testing your APIs as well as some free tools you can use to get started. First, let's start with a few key things to keep in mind when performing API security testing: Know what you're looking for.

article thumbnail

Friday Squid Blogging: Are Squid from Another Planet?

Schneier on Security

An actually serious scientific journal has published a paper speculating that octopus and squid could be of extraterrestrial origin. News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Paper 90