Dark Reading

AUGUST 30, 2022

A people-first approach reduces fatigue and burnout, and it empowers employees to seek out development opportunities, which helps retention.

IT 101

IT 101

Krebs on Security

AUGUST 30, 2022

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their

Phishing 276

Phishing Authentication Passwords Access 276

Data Breach Today

AUGUST 30, 2022

Chief of Staff Explains Heavy Focus on Protecting Energy and Financial Sectors The U.S. Cybersecurity and Infrastructure Security Agency has worked closely with the energy and financial sectors in recent months to prevent cyber fallout from the Russia-Ukraine war. CISA Chief of Staff Kiersten Todt says information sharing is crucial for the critical infrastructure industries.

Cybersecurity 246

Cybersecurity Security 246

AIIM

AUGUST 30, 2022

The digital world has changed the way we live our lives. It has also changed the way organizations do business. With so much information being generated, it becomes more difficult for organizations to manage it all and ensure compliance with regulations like GDPR and HIPAA. Information governance helps organizations maintain control of their information while complying with these regulations.

Information governance 125

Information governance Government Compliance Digital transformation 125

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Breach Today

AUGUST 30, 2022

Getting a Grip on Third-Party Access They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Compliance 246

Compliance Risk Access 246

Data Breach Today

AUGUST 30, 2022

Defense Expert: Why International Law Doesn't Effectively Deter Cyberattacks in War Applying international laws used for armed conflicts to the cyber domain remains elusive because of a lack of precedent and poor visibility in cyberspace. This uncertainty and a failure to establish rules means cyber law hasn't grown as other legal fields have, a defense expert says.

Government 242

Government 242

Hunton Privacy

AUGUST 30, 2022

On August 16, 2022, California Assembly Member Cooley introduced amendments to Assembly Bill 1102 that would extend the California Consumer Privacy Act’s (“CCPA’s”) temporary exemptions for HR and B2B data for an additional two years – until January 1, 2025. Under the CCPA, these exemptions are set to expire on January 1, 2023, when the amendments to the CCPA made by the California Privacy Rights Act (“CPRA”) become operative.

B2B 108

B2B Privacy IT 108

Data Breach Today

AUGUST 30, 2022

HHS HC3: Russian Cybercrime Gang Has History, Powerful Malware, Ties to Other Gangs The Russian cybercrime syndicate Evil Corp constitutes a significant threat to the healthcare sector due to the gang's powerful malware and ransomware and its deep ties to various hacking groups, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center warns.

Ransomware 240

Ransomware Cybersecurity IT 240

Data Matters

AUGUST 30, 2022

**This article originally appeared on Lawfare. As nation-state actors increase their malicious cyber capabilities toward companies, U.S. regulators such as the SEC have understandably increased their regulatory focus on cybersecurity. The SEC is of course a well-intended member of Team Cyber, and investors in public companies might benefit from some aspects of the SEC’s proposal: Increased knowledge of a company’s cybersecurity risks, experience, governance, and resiliency could be important to

Cybersecurity 88

Cybersecurity Risk Government Privacy 88

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

AUGUST 30, 2022

President of CREST Shares Plans to Rejuvenate the Testing Accreditation Group Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken time to "pause and reflect" and "define a new vision and mission" for CREST.

Cybersecurity 237

Cybersecurity 237

Security Affairs

AUGUST 30, 2022

Baker & Taylor, one of the world’s largest distributors of books, revealed that it was hit by a ransomware attack. Baker & Taylor, one of the world’s largest distributors of books worldwide, suffered a ransomware attack on August 23. The incident impacted the company’s phone systems, offices, and service centers. pic.twitter.com/QcFEEaALlL — Baker and Taylor (@BakerandTaylor) August 23, 2022.

Ransomware 97

Ransomware IT Security Information Security 97

Data Breach Today

AUGUST 30, 2022

Campaign Uses ScanBox Framework and RTF Template Injection Chinese intelligence is conducting cyberespionage campaigns targeting corporations involved with energy extraction in the South China Sea, researchers say. Proofpoint and PwC conclude with moderate confidence the campaign is the work of the threat actor known as TA423 or Red Ladon.

Phishing 237

Phishing 237

Hanzo Learning Center

AUGUST 30, 2022

Remember the early days of email when there was such a thing as a clean and organized inbox? I remember I would even create separate folders and organize my messages according to themes. And then at some point, that effort stopped, because the number of messages to manage was just too overwhelming.

Compliance 97

Compliance 97

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

AUGUST 30, 2022

Kurtz Says Close to 80% of Cyberattacks Leverage Identity CrowdStrike CEO George Kurtz says the size of the untapped opportunity around identity protection mirrors where the endpoint detection and response market was many years ago. The company saw over the last quarter a doubling in the number of customers subscribing to its identity protection module.

Marketing 234

Marketing IT 234

KnowBe4

AUGUST 30, 2022

Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering , although only 54% have heard of the term “social engineering.” 85% percent of the respondents said they were aware of the term “phishing,” and 36% said they had fallen victim to a phishing email.

Phishing 97

Phishing 97

Data Breach Today

AUGUST 30, 2022

44 Million Users Possibly Affected; Data Appears on Underground Forums The Russian digital streaming platform Start acknowledged a data breach but downplayed its severity and said the vulnerability has been fixed. A Russian-language Telegram channel that monitors the dark web says it has published information on nearly 44 million customers.

Data breaches 233

Data breaches IT 233

KnowBe4

AUGUST 30, 2022

[The following article is at it appears at Krebs on Security here.]. Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The abilit

Security 94

Security Phishing Access IT 94

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

AUGUST 30, 2022

The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.

Phishing 94

Phishing Government 94

WIRED Threat Level

AUGUST 30, 2022

In the last two weeks of the war, an ad hoc team armed with group chats, QR codes, and satellite maps launched a mad dash to save imperiled Afghan allies.

Security 99

Security 99

Dark Reading

AUGUST 30, 2022

The first-of-its-kind campaign threatens to remove code packages if developers don’t submit their code to a "validation" process.

Phishing 109

Phishing IT 109

Schneier on Security

AUGUST 30, 2022

This is good news: The Federal Trade Commission (FTC) has sued Kochava, a large location data provider, for allegedly selling data that the FTC says can track people at reproductive health clinics and places of worship, according to an announcement from the agency. “Defendant’s violations are in connection with acquiring consumers’ precise geolocation data and selling the data in a format that allows entities to track the consumers’ movements to and from sensitive locatio

Risk 87

Risk 87

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

AUGUST 30, 2022

Nearly half of respondents say their company relies on outdated backup and recovery infrastructure — in some cases dating back to the 1990s, before today's sophisticated cyberattacks.

Ransomware 88

Ransomware 88

Threatpost

AUGUST 30, 2022

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

74

74

Dark Reading

AUGUST 30, 2022

Analysts find five cookie-stuffing extensions, including one that's Netflix-themed, that track victim browsing and insert rogue IDs into e-commerce sites to rack up fake affiliate payments.

84

84

Data Protection Report

AUGUST 30, 2022

It appears Snap has become the most recent company to pay a settlement for alleged violations of Illinois Biometric Information Privacy Act (“BIPA”). The law, which gives consumers a private right of action, has become a popular class action and source of significant penalties. Indeed, Snap joins a string of other companies that have already settled for eye popping amounts ( Google for $100 million, Facebook for $650 million and TikTok for $92 million).

Privacy 52

Privacy Data collection GDPR IT 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

AUGUST 30, 2022

The search engine giant's Vulnerability Rewards Program now covers any Google open source software projects — with a focus on critical software such as Go and Angular.

IT 107

IT 107

KnowBe4

AUGUST 30, 2022

109

109

Dark Reading

AUGUST 30, 2022

The relationship between information technology and operational technology will need top-down support if a holistic security culture is to truly thrive.

Security 79

Security 79