Data Matters

FEBRUARY 4, 2022

On 28 January 2022, the UK Government Department for Digital, Culture, Media & Sport ( DCMS ) laid before the UK Parliament its International Data Transfer Agreement ( IDTA ) and International Data Transfer Addendum ( UK Addendum ) to the European Commission’s Standard Contractual Clauses ( EU SCCs ). If no objections are raised by the UK Parliament, the IDTA and the UK Addendum will come into force on 21 March 2022.

GDPR 119

GDPR Personal data IT Compliance 119

Schneier on Security

FEBRUARY 4, 2022

Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition.

IT 130

IT Privacy Cloud Security 130

Security Affairs

FEBRUARY 4, 2022

Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an aviation services company providing airport ground,lounge hospitality and cargo handling services owned by an international group of investors. The company handles around 282 million passengers and 4.8 million tonnes of cargo annually, on behalf of some 850 client-companies in the aviation sector.

Ransomware 103

Ransomware Data breaches IT Security 103

Dark Reading

FEBRUARY 4, 2022

By utilizing these resources, beginner hackers can find their specific passions within the cybersecurity space and eventually make their own mark in the ethical hacking profession.

Cybersecurity 96

Cybersecurity 96

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. The IT giant added has blocked more than 25.6 billion Azure AD brute force authentication attacks and detected 35.7 billion phishing emails with Microsoft Defender for Office 365 in 2021.

Phishing 102

Phishing Authentication Education Cloud 102

Security Affairs

FEBRUARY 4, 2022

Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact centers and back office processing; meetings and incentives management; and exhibits and displays production.

Ransomware 111

Ransomware Business Services Data breaches Insurance 111

Threatpost

FEBRUARY 4, 2022

The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another.

Cloud 86

Cloud Security 86

Security Affairs

FEBRUARY 4, 2022

Retail giant Target is going to open-source an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Retail giant Target announced the release in open-source of an internal tool, dubbed Merry Maker , designed to detect e-skimming attacks. Merry Maker is a tool designed by Target security developers Eric Brandel and Caleb Walch (@ebrandel and @cawalch) to detect the presence of e-skimmer on e-store.

Retail 104

Retail Cybersecurity Security IT 104

Threatpost

FEBRUARY 4, 2022

The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software.

Phishing 85

Phishing Privacy Security 85

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

FEBRUARY 4, 2022

American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor. American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor that took place in January. The attackers compromised one of the systems of the company and had access to emails and documents of some employees.

Cybersecurity 100

Cybersecurity Government IT Security 100

Dark Reading

FEBRUARY 4, 2022

Phishing, smishing, and business email compromise continue to do their dirty work.

Data breaches 112

Data breaches Phishing 112

Security Affairs

FEBRUARY 4, 2022

An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An alleged Chinese threat actor, tracked as TEMP_Heretic , is actively attempting to exploit a zero-day XSS vulnerability in the Zimbra open-source email platform. The zero-day vulnerability impacts almost any Zimbra install running version 8.8.15.

Phishing 99

Phishing Cybersecurity Access Security 99

IG Guru

FEBRUARY 4, 2022

February 1, 2022 CIGO Association is pleased to announce that submissions are invited for the 2022 1st Annual CIGO IG Best Practice Awards. Submission Deadline is Monday, February 28, 2022. Only one nomination per organization. More information is here. Submissions must be made in PowerPoint, no more than 10 slides. An additional1-page written summary is optional and recommended. […].

72

72

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Christophe Louvion, Chief Product & Technology Officer of NRC Health, is here to take us through how he guided his company's recent experience of getting from concept to launch and sales of products within 90 days. In this exclusive webinar, Christophe will cover key aspects of his journey, including: LLM Development & Quick Wins 🤖 Understand how LLMs differ from traditional software, identifying opportunities for rapid development and deployment.

Sales

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically.

Government 98

Government Military Phishing Information Security 98

Threatpost

FEBRUARY 4, 2022

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what's next.

Security 87

Security 87

Dark Reading

FEBRUARY 4, 2022

Be aware of the risk of inadvertent data exposure in machine learning systems.

Risk 97

Risk 97

The Texas Record

FEBRUARY 4, 2022

The records management assistance team at the Texas State Library and Archives Commission welcomes a new analyst this month. Read more about Katherine Hoffman , who is now the point of contact for local governments in the East-South region of Texas. The East-South region is comprised of the following counties: Aransas Austin Bexar Brazoria Calhoun Colorado Comal.

Records Management 52

Records Management Libraries Archiving Government 52

Advertisement

There’s no getting around it: selecting the right foundational data-layer components is crucial for long-term application success. That’s why we developed this white paper to give you insights into four key open-source technologies – Apache Cassandra®, Apache Kafka®, Apache Spark™, and OpenSearch® – and how to leverage them for lasting success. Discover everything you’ll want to know about scalable, data-layer technologies: Learn when to choose these technologies and when to avoid them Explore h

Paper

Dark Reading

FEBRUARY 4, 2022

The Antlion group, also known as Pirate Panda and Tropic Trooper, has shifted to targeting mainly Taiwan, using custom backdoors against financial organizations.

84

84

eDiscovery Law

FEBRUARY 4, 2022

Key Insight: Plaintiffs argue that defendants’ claims of privilege should be overruled due to the crime-fraud exception. Defendants withheld emails claiming work product and attorney-client privilege. Plaintiffs have not argued that the emails are not covered by either the work product doctrine or the attorney-client privilege. The purpose of the crime-fraud exception is to assure […].

40

40

eSecurity Planet

FEBRUARY 4, 2022

Malware is one of the biggest threats businesses face, and with nearly a third of all malware coming through the internet and email, businesses and consumers alike need ways to protect themselves. The best internet security software comes in several different forms, giving businesses all of the protection they need to identify and stop malware before it causes bigger problems.

Security 142

Security Passwords Encryption Phishing 142

IBM Big Data Hub

FEBRUARY 4, 2022

The phrase ‘data is the new oil’ has been widely used in the last number of years, but in an unrefined state, it has limited use. ISO 20022 is refined and provides the necessary structure to efficiently drive multiple engines in a bank. Background on ISO 20022. ISO 20022 was first introduced in 2004 to provide more standardization and deliver richer information for Financial Services transactions.

Artificial Intelligence 119

Artificial Intelligence Financial Services Analytics Marketing 119

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

IT

ForAllSecure

FEBRUARY 4, 2022

API security testing is a process that should be done regularly in order to ensure the safety of your application's data and users. In this post, we'll cover some tips to remember when testing your APIs as well as some free tools you can use to get started. First, let's start with a few key things to keep in mind when performing API security testing: Know what you're looking for.

Security 40

Security Data breaches IT 40

Schneier on Security

FEBRUARY 4, 2022

An actually serious scientific journal has published a paper speculating that octopus and squid could be of extraterrestrial origin. News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Paper 98

Paper Security 98