Mon.Dec 21, 2020

article thumbnail

FireEye: SolarWinds Hack 'Genuinely Impacted' 50 Victims

Data Breach Today

Suspected Cyber Espionage Prioritized Biggest Targets, Says FireEye CEO Kevin Mandia Hackers who infiltrated government and business networks via a stealthy backdoor added to SolarWinds' Orion software appear to have focused on only the most high-value of targets, leading to about 50 organizations being "genuinely impacted," says FireEye CEO Kevin Mandia.

article thumbnail

SUPERNOVA, a Backdoor Found While Investigating SolarWinds Hack

Security Affairs

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor.

Libraries 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

DOJ Seizes Fake Domains Impersonating Moderna, Regeneron

Data Breach Today

Prosecutors: Websites Spoofed Pharmaceutical Firms for ID Theft Federal investigators have seized two domains impersonating the pharmaceutical firms Moderna, which has begun shipping a COVID-19 vaccine, and Regeneron, which developed a treatment, according to the U.S. Justice Department. Fraudsters were using the websites for identity theft.

article thumbnail

VMware and Cisco also impacted by the SolarWinds hack

Security Affairs

The IT giants VMware and Cisco revealed they were impacted by the recently disclosed SolarWinds supply chain attack. VMware and Cisco confirmed to have been both impacted by the recent SolarWinds hack. A recent advisory published by the NSA is warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their targets.

Access 143
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

5 Key Steps to Building a Resilient Digital Infrastructure

Data Breach Today

In light of the SolarWinds supply chain breach and other security incidents, the United States has substantial work to do in building a resilient digital infrastructure, says David Forscey of the Aspen Cyber Group, who outlines a five-step roadmap.

Security 246

More Trending

article thumbnail

SolarWinds Hack: Is NSA Doing the Same to Russia?

Data Breach Today

Espionage Operations Demand a Different Policy Response to Damaging Cyberattacks In light of calls from some for the U.S. to launch online attacks in reprisal for the SolarWinds supply chain campaign - allegedly carried out by Russia's foreign intelligence service - it's time to pause and remember: Spies are going to spy.

IT 239
article thumbnail

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. Researchers from Citizen Lab reported that at least 36 Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Gr

article thumbnail

European Union Implements Changes to Export Control Rules

Data Matters

The EU Dual-Use Regulation regulates exports outside the EU, transfers inside the EU, transit through the EU and the brokering of certain sensitive goods, services, software and technology (referred to as “items”) that are considered “dual-use.” Dual-use items have both military and civil applications. The EU has updated its export control rules for dual-use items to (1) take account of Brexit, (2) ensure consistency with recent developments in international non-proliferation regimes and expor

article thumbnail

Cellebrite Can Break Signal

Schneier on Security

Cellebrite announced that it can break Signal. (Note that the company has heavily edited its blog post, but the original — with lots of technical details — was saved by the Wayback Machine.). News article. Slashdot post. The whole story is puzzling. Cellebrite’s details will make it easier for the Signal developers to patch the vulnerability.

IT 130
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Dell Wyse ThinOS flaws allow hacking think clients

Security Affairs

Multiple Dell Wyse thin client models are affected by critical vulnerabilities that could be exploited by a remote attacker to take over the devices. Critical vulnerabilities tracked as CVE-2020-29492 and CVE-2020-29491 affect several Dell Wyse thin client models that could be exploited by a remote attacker to execute malicious code and gain access to arbitrary files.

Access 102
article thumbnail

Liko-School—a digital learning leader with Jamf School

Jamf

With the help of Jamf School, Liko-School has brought Apple's education offering to a new level in an interactive and distance-learning environment to become a digital learning leader in Europe by maximizing the value of Apple technology in their educational environment. Here's how.

article thumbnail

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Security Affairs

Flavor and fragrance producer Symrise is the last victim of the Clop ransomware gang that claims to have stolen 500 GB of unencrypted files. Symrise AG, a major producer of flavours and fragrances, was hit by Clop ransomware operators. The threat actors claim to have stolen 500 GB of unencrypted files. The attack was reported last week by Handelsblatt , the website databreaches.net also reported the news after @Chum1ng0 alerted them. .

article thumbnail

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

Threatpost

Investigation reveals device sector is problem plagued when it comes to security bugs.

Security 136
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

New Google Retention Policy for Inactive Accounts goes effective June 2021

IG Guru

In a notice to Google users this week, inactive accounts for 2 years may have their photos, email, and drive contents deleted. Check out the notice below: Dear Google User, We are writing to let you know that we recently announced new storage policies for Google Accounts using Gmail, Google Drive (including Google Docs, Sheets, Slides, Drawings, Forms, and Jamboard files) and/or Google Photos that bring […].

article thumbnail

NSA, CISA Warn of Attacks on Federated Authentication

Dark Reading

While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well.

article thumbnail

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Threatpost

Underground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.

Access 109
article thumbnail

EDPB Publishes Its 2021-2023 Strategy

Hunton Privacy

On December 21, 2020, the European Data Protection Board (the “EDPB”) released its 2021-2023 Strategy (the “Strategy”). The Strategy aims at setting out the four main pillars of the EDPB strategic objectives through 2023 and key actions to help achieve those objectives: First Pillar: Advancing Harmonization and Facilitating Compliance. The EDPB will continue to provide practical guidance on key notions of EU data protection law.

IT 85
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Cisco, Intel, Deloitte Among Victims of SolarWinds Breach: Report

Dark Reading

The Wall Street Journal identified 24 businesses so far that have downloaded the SolarWinds software infected with malicious code.

139
139
article thumbnail

Hacker Dumps Crypto Wallet Customer Data; Active Attacks Follow

Threatpost

Customer data from a June attack against cryptocurrency wallet firm Ledger is now public and actively being used in attacks.

Privacy 104
article thumbnail

7 Infamous Moments in Adobe Flash's Security History

Dark Reading

End-of-life is here: Adobe's support for Flash is gone as of Jan. 1. Here's what we won't miss about the multimedia software platform.

Security 130
article thumbnail

Simplifying Proactive Defense With Threat Playbooks

Threatpost

FortiGuard Labs’ Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Senate Commerce Committee Holds Hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows

Hunton Privacy

On December 9, 2020, the Senate Committee on Commerce, Science and Transportation held a hearing on the Invalidation of the EU-U.S. Privacy Shield and the Future of Transatlantic Data Flows. The hearing explored the policy issues that led to the Court of Justice of the European Union’s (“CJEU”) invalidation of the Privacy Shield framework in the Schrems II ruling.

Privacy 64
article thumbnail

Defending Against State and State-Sponsored Threat Actors

Threatpost

Saryu Nayyar of Gurucul discusses state and state-sponsored threat actors, the apex predators of the cybersecurity world.

article thumbnail

The 5 Cloud Storage Features Remote Teams Need

OneHub

Cloud storage services have evolved to become more than simple depositories for digital files. They now offer a variety of features that make communication and collaboration simpler for workers. This is especially true for remote teams. Remote workers face unique challenges that can hinder productivity. Cloud storage allows distributed teams to share data securely, easily access files from anywhere, and seamlessly collaborate with colleagues no matter the physical distance between them.

Cloud 52
article thumbnail

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Threatpost

The phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE.

97
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Tracking SSH logins via process activity

Jamf

Because major macOS intrusions often use the SSH service, here at Jamf Protect we’ve been researching the ways in which we can use the Jamf Protect agent to best detect malicious SSH logins and bring them to the attention of those who need to know.

52
article thumbnail

Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers

Threatpost

The bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation.

article thumbnail

Happy Hanzodays!

Hanzo Learning Center

It's that time again; the holidays are drawing near.

IT 52