Meta Tries to Break the End-to-End Encryption Deadlock
WIRED Threat Level
APRIL 6, 2022
A new report Meta commissioned aims to redefine comprehensive encryption as essential to protecting human rights.
WIRED Threat Level
APRIL 6, 2022
A new report Meta commissioned aims to redefine comprehensive encryption as essential to protecting human rights.
Data Breach Today
APRIL 6, 2022
Regulators Examine 'Recognized' Security Practices and How to Divvy Up HIPAA Fines Federal regulators are seeking public input about how they should consider the "recognized" security practices of organizations when taking potential HIPAA enforcement actions - and how to distribute a percentage of HIPAA fines to individuals harmed by violations.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
APRIL 6, 2022
Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages.
Data Breach Today
APRIL 6, 2022
Seebeck Wants to Create a Prevention-Based Approach to Protecting Privileged Users New BeyondTrust CEO Janine Seebeck plans to help privileged users protect themselves by applying machine learning to detect patterns in the data generated across BeyondTrust's 20,000 customers. She starts as BeyondTrust's CEO July 1 and replaces Matt Dircks, who has led the company since 2014.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
eSecurity Planet
APRIL 6, 2022
Spring4Shell ( CVE-2022-22965 ) is a remote code execution (RCE) vulnerability that affects Spring Core, a comprehensive framework for Java-based enterprise applications. Spring4Shell gets its name from the Log4Shell vulnerability , one of the most critical zero-day threats ever, which affected a Java software component called Log4j and allowed hackers to take control of web servers and networks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
APRIL 6, 2022
Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure. Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems. The attack was uncovered on March 31 and the company immediately started its incident response procedure to contain the attack.
Data Breach Today
APRIL 6, 2022
Targets Include MSPs, Government Orgs, NGOs in Europe, Asia, North America Chinese state-backed threat actor Cicada, aka APT10, is attacking global organizations in what appears to be a monthslong espionage campaign. On its radar are government, legal, religious and nongovernmental organizations in Europe, Asia and North America, the Symantec Threat Hunter team says.
Security Affairs
APRIL 6, 2022
Block disclosed a data breach related to the Cash App investing app and is notifying 8.2 million current and former US customers. The data breach involved a former employee that downloaded some unspecified reports of its Cash App Investing app that contained some U.S. customer information. Cash App is an app that allows users to easily send money, spend money, save money, and buy cryptocurrency. “On April 4, 2022, Block, Inc.
Data Breach Today
APRIL 6, 2022
Javelin's John Buzzard on Findings of Fraud Impact Report Financial institutions must be aware of artificial intelligence being used by criminals against them, says John Buzzard, lead analyst, fraud and security, Javelin Strategy & Research. He discusses the findings of Javelin's latest identity fraud report.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Matters
APRIL 6, 2022
On March 30, 2022, the U.S. Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. 1 Consistent with its recent rulemaking activity, in its accompanying release, the SEC highlighted private funds; Environmental, Social and Governance (ESG) investing; retail; cyber; and digital assets as key examination priorities.
Data Breach Today
APRIL 6, 2022
Going Private May Help Accelerate Tufin's Pivot to Subscription-Based Revenue Getting bought by private equity firm Turn/River Capital is expected to help Tufin grow its subscription-based revenue, expand to new markets and reach new customer segments. The proposed acquisition comes just three years after Tufin went public.
Security Affairs
APRIL 6, 2022
The U.S. Treasury Department sanctioned the Hydra Market, the world’s largest and longest-running dark web marketplace. The U.S. Treasury Department sanctioned the darkweb marketplace Hydra Market, the same day Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), announced they have shut down the illegal platform. The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership wi
Jamf
APRIL 6, 2022
Beyond the benefits that Jamf solutions provide IT and management, they can help employees in many industries and job functions to work more efficiently and happily.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
APRIL 6, 2022
Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts. The Ukrainian CERT attributes the hacking campaign to threat actors tracked as UAC-0094.
Schneier on Security
APRIL 6, 2022
FinFisher has shut down operations. This is the spyware company whose products were used, among other things, to spy on Turkish and Bahraini political opposition.
Security Affairs
APRIL 6, 2022
Germany’s Federal Criminal Police Office shut down Hydra Market, the Russian-language darknet marketplace specialized in drug dealing. Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), announced they have shut down Hydra, one of the world’s largest dark web marketplace. The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. law enforcement author
Dark Reading
APRIL 6, 2022
Apple's emergency fixes last week for two actively exploited vulnerabilities neglected previous Big Sur and Catalina versions of macOS, security vendor says.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
APRIL 6, 2022
Stolen client data from Mailchimp put customers of the cryptocurrency hardware wallets on notice of potential social engineering attacks claiming to be Trezor.
Dark Reading
APRIL 6, 2022
Don't take the XDR hype at face value. Do security due diligence and add a connectivity level for data access across all silos for best response.
KnowBe4
APRIL 6, 2022
Scammers are impersonating Europol with fraudulent phone calls in an attempt to steal personal and financial information, according to Kristina Ohr at Avast. The German Federal Criminal Police Office (Bundeskriminalamt, BKA) recently warned of this campaign as well.
WIRED Threat Level
APRIL 6, 2022
Lawmakers advance proposals to let police forces across the EU link their photo databases—which include millions of pictures of people’s faces.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Security Affairs
APRIL 6, 2022
The U.S. government announced the disruption of the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group. The U.S. government announced that it had dismantled the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group. “The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security resear
Dark Reading
APRIL 6, 2022
Fast Identity Online (FIDO) technology leverages security keys and biometrics to provide secure authentication.
IG Guru
APRIL 6, 2022
Check out the article here. The post IT asset disposal is a security risk CISOs need to take seriously via CSO Online appeared first on IG GURU.
Dark Reading
APRIL 6, 2022
To prevent Linux exploits, organizations should establish an integrated security approach that extends to the network edge.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Privacy and Cybersecurity Law
APRIL 6, 2022
On March 25, 2022, the United States and European Commission announced by joint statement an agreement in principle on a […].
Dark Reading
APRIL 6, 2022
Record-setting ransomware attacks, a shortage of skilled personnel, and low security awareness across the workforce cause headaches for IT security teams.
HID Global
APRIL 6, 2022
The Future of SAFE for Aviation. mlewis. Wed, 04/06/2022 - 14:08.
Let's personalize your content