eSecurity Planet

DECEMBER 17, 2021

Some companies use cloud-based security information and event management (SIEM) , and others use SIEM that has been installed in a local data center. These on-premises SIEMs can be run on Windows Servers, Linux Servers, and within virtual machines (VMs) or containers. While the security vulnerabilities for each of these instances will be unique and highly dependent upon setup, you can still verify your security using the same checklist, which we’ll give the acronym VIDA DUCA for the steps

Security 132

Security Access Artificial Intelligence Cloud 132

Security Affairs

DECEMBER 17, 2021

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected.

Ransomware 127

Ransomware Energy and Utilities IT Libraries 127

Troy Hunt

DECEMBER 17, 2021

As I start out by saying this week's video, it's very summer here and not a day goes by without multiple pool visits. Next week's video is going to be from somewhere epically amazing out of this world that I've wanted to go to for a long time now so stay tuned for that one as I go mobile again. Somehow, today's video stretched out beyond an hour with what felt like a list of pretty minor discussion points, but plenty of good questions and commentary along the way.

IT 116

IT Security 116

Security Affairs

DECEMBER 17, 2021

VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed a critical server-side request forgery (SSRF) vulnerability, tracked as CVE-2021-22054 , in the Workspace ONE UEM console. An attacker with network access to UEM could exploit the vulnerability to access sensitive data in the management console.

Access 107

Access Authentication Cloud Security 107

Advertisement

It’s no surprise that Apache Cassandra has emerged as a popular choice for organizations of all sizes seeking a powerful solution to manage their data at a scale—but with great power comes great responsibility. Due to the inherent complexity of distributed databases, this white paper will uncover the 10 rules you’ll want to know when managing Apache Cassandra.

Paper

Dark Reading

DECEMBER 17, 2021

Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really?

Security 127

Security IT 127

Hunton Privacy

DECEMBER 17, 2021

Last month, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted a response to the UK Department for Digital, Culture, Media & Sport (“DCMS”) on its Consultation on Reforms to the Data Protection Regime (the “Response”). The Response also reflects views gathered from CIPL members during two industry roundtables organized in collaboration with DCMS to obtain feedback on the reform proposals.

GDPR 98

GDPR B2B Risk Government 98

Threatpost

DECEMBER 17, 2021

Meta, Facebook’s parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets’ phones.

IT 103

IT Government Security 103

Dark Reading

DECEMBER 17, 2021

CISOs are increasingly drawn to the zero trust security model, but implementing a frictionless experience is still a challenge.

Security 114

Security 114

Security Affairs

DECEMBER 17, 2021

Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half a million dollars. Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns , crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past.

Blockchain 92

Blockchain IT Sales Ransomware 92

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

Artificial Intelligence

Threatpost

DECEMBER 17, 2021

The discovery, which affects services running as localhost that aren't exposed to any network or the internet, vastly widens the scope of attack possibilities.

Security 91

Security 91

Jamf

DECEMBER 17, 2021

After viewing the JNUC 2021 session Simplifying application management: using custom schemas in Jamf Pro , Elliot Jordan created a project to convert all the manifests created for ProfileCreator to Jamf manifests and has posted them as their own repository on the Jamf-Custom-Profile-Schemas community GitHub page.

83

83

Threatpost

DECEMBER 17, 2021

Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges.

Security 107

Security 107

Adam Levin

DECEMBER 17, 2021

The entire technology industry received a sizable lump of coal in their collective stocking earlier this week in the form of two major security vulnerabilities in a widely-used software tool. Here’s a quick breakdown of what it means for internet users. What is Log4J? Log4J is an open-source software tool used to log activity on internet-based services and software.

Systems administration 83

Systems administration Cybersecurity Manufacturing Libraries 83

Advertisement

Without proper guidance, it’s easy to miss out on Kafka’s full capabilities. While not the easiest technology to optimize, Kafka rewards those willing to explore its depths. Under the hood, it is an elegant system for stream processing, event sourcing, and data integration. Download this white paper to learn the 10 critical rules that will help you optimize your Kafka system and unlock its full potential.

Paper

Dark Reading

DECEMBER 17, 2021

One leader alone can't protect an organization from cyber threats, C-suite leaders agree.

Cybersecurity 114

Cybersecurity 114

Threatpost

DECEMBER 17, 2021

The incident occurred last weekend at the popular chain of restaurants, hotels and breweries, which is still facing disruptions.

Ransomware 84

Ransomware Security 84

Dark Reading

DECEMBER 17, 2021

If you cannot track, access, or audit data at every stage of the process, then you can't claim your data is secure.

Security 98

Security Access 98

IG Guru

DECEMBER 17, 2021

Check out the article here. The post Personal details of up to 80,000 SA government employees accessed in cyber attack via ABC appeared first on IG GURU.

Government 74

Government Access Records Management Information governance 74

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

Dark Reading

DECEMBER 17, 2021

The Cybersecurity Infrastructure and Security Agency orders federal agencies to take actions to mitigate vulnerabilities to the Apache Log4j flaw and attacks exploiting it.

Cybersecurity 81

Cybersecurity Security IT 81

Threatpost

DECEMBER 17, 2021

Attackers are using the excitement over the new Spider-Man movie to steal bank information and spread malware. .

Security 88

Security 88

Dark Reading

DECEMBER 17, 2021

The "PseudoManuscrypt" operation infected some 35,000 computers with cyber-espionage malware and targeted computers in both government and private industry.

Government 97

Government 97

OpenText Information Management

DECEMBER 17, 2021

OpenText™ Documentum™ for Quality & Manufacturing (Q&M) solutions are widely used in Life Sciences companies to create, maintain, and revise quality and manufacturing documents. These quality and manufacturing documents are GxP documents that consist of Standard Operating Procedures (SOPs) and other controlled documents. In order to ensure compliance, it is vital that users are trained … The post Learning Management Systems and Life Sciences Quality & Manufacturing solutions &

Manufacturing 62

Manufacturing Compliance IT 62

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Threatpost

DECEMBER 17, 2021

Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments.

Cloud 76

Cloud Ransomware Security 76

Dark Reading

DECEMBER 17, 2021

EXPERT INSIGHT: How to assess your exposure to the vulnerability with a combination of asset inventory, testing, solid information sources, and software bills of materials (SBOMs).

65

65

ForAllSecure

DECEMBER 17, 2021

Fuzzing makes it possible to locate vulnerabilities even in “safe” environments like Erlang, a language designed for high availability and robust services. Jonathan Knudsen from Synopsys joins The Hacker Mind to discuss his presentation at SecTor 2021 on fuzzing message brokers such as RabbitMQ and VerneMQ, both written in Erlang, demonstrating that any type of software in any environment can still be vulnerable.

Computer and Electronics 52

Computer and Electronics IT Security Libraries 52

Dark Reading

DECEMBER 17, 2021

The parent company of Facebook and Instagram has warned some 50,000 account holders they are targets of surveillance.

73

73

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

eDiscovery Law

DECEMBER 17, 2021

Key Insight: Recorded phone call between party and copyright agent regarding image timing confidential at prelitigation phase Nature of Case: copyright dispute Electronic Data Involved: phone call recording Keywords: protective order, confidential phone call, work-product Identified State Rule(s): FRBC Rule 4-4.1, 4-1.2 Identified Federal Rule(s): 26(b)(3), 37(a)(5) View Case Opinion.

40

40

Managing Your Information

DECEMBER 17, 2021

Have you ever dimmed the lights using your smart phone or turned your home heating up from the airport? Some of the modern day technology at our disposal in homes and businesses makes life much easier. We can feed our pets (and even talk to them) from the office, we can check in with CCTV systems from a beach holiday and we can direct the Amazon delivery driver on where to leave the parcel from the supermarket car park!

Personal data 36

Personal data GDPR Data breaches Information governance 36

eDiscovery Law

DECEMBER 17, 2021

Key Insight: Whether compelling the defendant to enter his cell phone password would violate his privilege against self incrimination under 5th Amendment and art. 12 of Mass Declaration of Rights Nature of Case: Trafficking a person for sexual servitude Electronic Data Involved: data held on cell phone Keywords: Cell phone password, 5th Amendment Identified State […].

Passwords 40

Passwords Data Privacy Privacy 40