Fri.Jul 31, 2020

article thumbnail

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

article thumbnail

Authorities Arrest Alleged 17-Year-Old ‘Mastermind’ Behind Twitter Hack

Threatpost

Three have been charged in alleged connection with the recent high-profile Twitter hack - including a 17-year-old teen from Florida who is the reported "mastermind" behind the attack.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Twitter Hackers Targeted Employees With Phone Phishing

Data Breach Today

Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says.

Phishing 342
article thumbnail

Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision

Hunton Privacy

The U.S. Department of Commerce has issued two new sets of FAQs in light of the Court of Justice of the European Union’s (“CJEU’s”) recent decision to invalidate the EU-U.S. Privacy Shield in Schrems II. We previously reported on the Schrems II ruling and its implication for businesses that transfer personal data to the U.S. The new FAQs from the Department of Commerce address the impact of the decision on the EU-U.S.

Privacy 103
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Boot-Loading Flaw Affects Linux, Windows Devices

Data Breach Today

Operating System Vendors Rushing Out Patches A vulnerability that can impede the boot-loading process of an operating system could potentially affect billions of Linux and Windows machines, according to Eclypsium. The flaw, called "BootHole," could enable an attacker to gain near total control of an infected device.

309
309

More Trending

article thumbnail

3 Charged in Twitter Hack

Data Breach Today

Florida Teen, 2 Others Charged in Connection With Compromising 130 Accounts A Florida teenager was arrested and two others were charged in connection with hacking 130 high-profile Twitter accounts to pull off a cryptocurrency scam, prosecutors say.

309
309
article thumbnail

Content Filtering with CleanBrowsing

PerezBox

Content filtering is one of the most under utilized tools in creating safe browsing experiences. A few years back, while on one of our many walks around the office, Daniel. Read More. The post Content Filtering with CleanBrowsing appeared first on PerezBox.

article thumbnail

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Data Breach Today

Attacks Target Government Agencies and a Variety of Others The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.

Phishing 260
article thumbnail

How the Alleged Twitter Hackers Got Caught

WIRED Threat Level

Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks.

Security 133
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Blackbaud's Bizarre Ransomware Attack Notification

Data Breach Today

Software Vendor 'Normalizes Hacking,' Fails to Account for Notification Delay How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud? Over the course of three paragraphs, Blackbaud normalizes hacking, congratulates its amazing cybersecurity team, and says it cares so much for its customers that it paid a ransom to attackers.

article thumbnail

FCC Partnership to Fight Robocalls

Hunton Privacy

On July 27, 2020, the Enforcement Bureau of the Federal Communications Commission (the “FCC”) designated the Industry Traceback Group (“ITG”) as the FCC’s official consortium for coordinating efforts to trace illegal robocalls. The ITG is a collaboration of wireline, wireless, VoIP and cable industry companies, led by USTelecom, with the mission of tracing and identifying the source of illegal robocalls.

article thumbnail

Analysis: The Hacking of Mobile Banking App Dave

Data Breach Today

The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.

GDPR 227
article thumbnail

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

For the first-ever time, the EU has imposed economical sanctions on Russia, China, and North Korea following cyber-attacks aimed at the EU and its member states. The Council of the European Union announced sanctions imposed on a Russia-linked military espionage unit, as well as companies operating for Chinese and North Korean threat actors that launched cyber-attacks against the EU and its member states.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Twitter: Employees Compromised in Phone Spear-Phishing Attack

Dark Reading

The attack earlier this month started with a spear-phishing attack targeting Twitter employees, the company says in a new update.

Phishing 106
article thumbnail

Updates provided by Red Hat for BootHole cause systems to hang

Security Affairs

Red Hat is warning customers to not install the package updates released to address the BootHole vulnerability due to possible problems reported by the users. This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware.

article thumbnail

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

Threatpost

Threatpost editors break down the top themes, speakers and sessions to look out for this year at Black Hat 2020 - from election security to remote work and the pandemic.

article thumbnail

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Security Affairs

Cisco addressed critical and high-severity vulnerabilities affecting its Data Center Network Manager (DCNM) network management platform. Cisco addressed this week some critical and high-severity vulnerabilities impacting its Data Center Network Manager (DCNM) network management platform. One of the most security issues is a critical authentication bypass vulnerability, tracked as CVE-2020-3382.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Twitter: Epic Account Hack Caused by Mobile Spearphishing

Threatpost

Hackers "mislead certain employees" to gain access to internal tools to take over high-profile accounts and push out a Bitcoin scam.

Access 96
article thumbnail

'Hidden Property Abusing' Allows Attacks on Node.js Applications

Dark Reading

A team of researchers from Georgia Tech find a new attack technique that targets properties in Node.js and plan to publicly release a tool that has already identified 13 new vulnerabilities.

112
112
article thumbnail

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

Threatpost

Researchers uncovered a disinformation campaign aiming to discredit NATO via fake news content on compromised news websites.

CMS 93
article thumbnail

New Initiative Links Cybersecurity Pros to Election Officials

Dark Reading

A University of Chicago Harris School of Public Policy initiative will build a database of cybersecurity volunteers.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Data and Goliath Book Placement

Schneier on Security

Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King. This demonstrates the importance of a vibrant color and a large font.

84
article thumbnail

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

Threatpost

The corporate-travel leader has confirmed an attack that knocked systems offline.

article thumbnail

3 Arrested for Massive Twitter Breach

Dark Reading

Three individuals aged 17, 19, and 22 have been charged for their alleged roles in the massive July 15 Twitter attack.

96
article thumbnail

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

Threatpost

The flaws have been confirmed by Grandstream, but no firmware update has yet been issued.

Security 101
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

A Case Study - Db2 for z/OS High-Performance DBATs

Robert's Db2

Over the years, I have posted several entries to this blog that have covered various aspects of Db2 for z/OS high-performance DBATs (examples are entries posted in 2016 and 2013 ). Over the past couple of weeks, I have been working with a Db2 for z/OS administrator who is engaged in implementing high-performance DBAT functionality for the first time at his site.

Access 62
article thumbnail

3 Ways Social Distancing Can Strengthen your Network

Dark Reading

Security teams can learn a lot from the current pandemic to make modern hybrid business networks stronger and more resilient. Here's how.

article thumbnail

Weekly Update 202

Troy Hunt

Unfortunately, our run of good luck here down in Aus has taken a bit of a turn COVID wise. Not so much in my home state, but the southern states have been copping it so this week, I pulled the pin on snowboarding. For folks overseas, that might sound like it would have been a risky proposition anyway, but only two and a half weeks ago the entire state of New South Wales had 5 active cases out of 8.1M people.