Data Breach Today
JUNE 30, 2022
How can CISOs put the cyberthreat intelligence data they receive into practice? Kunal Sehgal, former director of global cyber resilience at Standard Chartered Bank, discusses how different industries use cyberthreat intelligence and explains misconceptions about sharing information.
Jamf
JUNE 30, 2022
Apple’s WWDC 2022 announcements included news of a new framework built for identity providers in macOS Ventura, making it easier for users to access cloud services. While Apple continues development on the framework, it may prove to be the easiest way to authenticate to your Mac and organizational apps in the future By leveraging Jamf Connect to automate creating new, on-demand local user accounts based on the identity provider credentials, users can take full advantage of Single Sign-On (
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JUNE 30, 2022
No Bored Apes Were Harmed In Breach Affecting Millions of Users Emails shared with NFT marketplace OpenSea were disclosed to an unauthorized external party, the company is warning patrons. Anyone who shared an email address should be on guard for phishing attacks. The cause was a rogue employee at a third party email delivery vendor.
IT Governance
JUNE 30, 2022
Welcome to our June 2022 review of data breaches and cyber attacks. We identified 80 security incidents during the month, resulting in 34,908,053 compromised records. You can find the full list below, broken down into categories. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JUNE 30, 2022
The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JUNE 30, 2022
Issues New HIPAA Guidance and Pledges Enforcement Against Violators Federal regulators issued health privacy guidance for medical providers and patients and promised to make privacy violations a top HIPAA enforcement priority in the wake of the U.S. Supreme Court overturning Roe v. Wade, the five-decade precedent that guaranteed nationwide access to abortion.
IT Governance
JUNE 30, 2022
The UK’s largest ready-meal provider, Wiltshire Farm Foods, announced this week that its systems have been crippled by a cyber attack. In a statement , the Trowbridge-based organisation said it was “currently experiencing severe difficulties” with its IT network. The disruption has caused major problems for the delivery of Meals on Wheels, a service that brings food to the elderly and vulnerable.
Data Breach Today
JUNE 30, 2022
Hundreds of Phishing Sites Used to Steal Money Under Guise of EU Payments Ukrainian authorities arrested nine individuals for the theft of about $3.4 million from 5,000 Ukrainians via more than 400 phishing links. Cybercrime gang members allegedly obtained access to bank accounts under the guise of facilitating social safety net payments from the European Union.
OpenText Information Management
JUNE 30, 2022
June 2022: OpenText Identity and Access Management CE 22.2 OT IAM platform 22.2 will deliver primarily on the following themes: Leverages ServiceNow as the primary customer and partner support tool for cloud services related to OpenText Connect. A One-time Passcode (OTP) API enhancement enabling the customer to configure the number of wrong attempts prior to the … The post What’s new in OpenText Identity and Access Management appeared first on OpenText Blogs.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JUNE 30, 2022
Takeda's Head of Security Authentication Discusses the Process and Challenges Markus Kalka, head of security authentication services at Takeda, talks about the challenges of changing identity service providers and shares the experience of consolidating three services into one at his company, a Japanese multinational pharmaceutical.
KnowBe4
JUNE 30, 2022
Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they realize what happened, which is 65% higher than the average crypto scam theft from the previous year. The article’s source expects celebrity-endorsed crypto scams to increase another 87% next year based on current rising trends.
Data Breach Today
JUNE 30, 2022
Hack and Money Laundering Similar to Ronin Bridge Linked to Pyongyang Cryptocurrency experts are fingering North Korea as likely responsible for the cryptocurrency theft of $100 million from the Harmony Horizon bridge. North Korea fuels its nuclear weapons program with stolen cryptocurrency used to dodge international sanctions that prevent ready access to cash.
Hunton Privacy
JUNE 30, 2022
On June 23, 2022, Italy’s data protection authority (the “Garante”) determined that a website’s use of the audience measurement tool Google Analytics is not compliant with the EU General Data Protection Regulation (“GDPR”), as the tool transfers personal data to the United States, which does not offer an adequate level of data protection. In making this determination, the Garante joins other EU data protection authorities, including the French and Austrian regulators, that also have found use of
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
JUNE 30, 2022
Gunn Will Prepare Token's Wearable Authentication Ring for Large-Scale Production Token selected former OneSpan CRO John Gunn as CEO to scale the organization and prepare its wearable authentication ring for large-scale production. Gunn is tasked with sourcing the critical components needed to manufacture the ring and building a base of paying clients for the biometric tool.
Security Affairs
JUNE 30, 2022
Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4. “The Korea Internet & Security Agency (KISA) is distributing the Hive ransomware integrated recovery tool.This recovery tool can recover Hive ransomware version 1 to version 4.” reads the announcement p
Dark Reading
JUNE 30, 2022
It didn't have to be this way: So far 2022's tranche of zero-days shows too many variants of previously patched security bugs, according Google Project Zero.
eSecurity Planet
JUNE 30, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is recommending that government agencies and private organizations that use Microsoft’s Exchange cloud email platform migrate users and applications to Modern Auth before Basic Auth is deprecated in October. CISA noted that Basic authentication is simple and pretty convenient but unsecured by design.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
JUNE 30, 2022
An unauthenticated remote code execution vulnerability found in Zoho’s compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.
Security Affairs
JUNE 30, 2022
Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s National Security Authority (NSM) confirmed that some of the country’s most important websites and online services were taken down by a massive DDoS attack conducted by a pro-Russian group.
Dark Reading
JUNE 30, 2022
Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.
KnowBe4
JUNE 30, 2022
A new article in Bloomberg focused on new sky-high online fraud numbers, they are horrendous. Here is a short summary and I recommend you read the whole article.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Security Affairs
JUNE 30, 2022
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. .
Dark Reading
JUNE 30, 2022
A password link that didn't expire leads to the discovery of exposed personal information at a payments service.
Security Affairs
JUNE 30, 2022
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker. In March, the man was extradited to the United States to face charges for dozens of ransomware attacks resulting in the payment of tens of millions of dollars in ransoms.
WIRED Threat Level
JUNE 30, 2022
Researchers say the remote-access Trojan ZuoRAT is likely the work of a nation-state and has infected at least 80 different targets.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Schneier on Security
JUNE 30, 2022
Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets: So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek. Dubbed ZuoRAT, the remote access Trojan is part of a broader hacking campaign that has existed since at least the fourth quarter of 2020 and continues to operate.
Dark Reading
JUNE 30, 2022
Malicious ISS module exploitation is the latest trend among threat actors targeting Exchange servers, analysts say.
The Guardian Data Protection
JUNE 30, 2022
An investigation has been ordered into the exposure which affects those who were granted or denied a concealed carry permit The California department of justice admitted it had exposed the personal information of as many as hundreds of thousands of gun owners in the state, in a controversial data breach that appears of a far broader scale than the agency first reported.
Expert insights. Personalized for you.
305 
Let's personalize your content