Fri.Oct 23, 2020

article thumbnail

How Police Can Crack Locked Phones—and Extract Information

WIRED Threat Level

A report finds 50,000 cases where law enforcement agencies turned to outside firms to bypass the encryption on a mobile device.

article thumbnail

Ransomware Knocks Out Voter Database in Georgia

Data Breach Today

Report: Hall County Continuing to Restore Systems An Oct. 7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. The DoppelPaymer gang has taken credit for the attack.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

COVID-19 Vaccine-Maker Hit with Cyberattack, Data Breach

Threatpost

Dr. Reddy's, the contractor for Russia’s “Sputinik V” COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers.

article thumbnail

EU Sanctions 2 Russians for German Parliament Hack

Data Breach Today

European Officials Say Suspected Hackers Worked for Russia's GRU Military Intelligence Unit The European Union has issued sanctions against two Russian nationals alleged to have hacked Germany's lower house of parliament, or Bundestag, in 2015. EU officials say both men work for the Russian military intelligence unit GRU.

Military 286
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

IoT Device Takeovers Surge 100 Percent in 2020

Threatpost

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.

IoT 132

More Trending

article thumbnail

Nvidia Warns Gamers of Severe GeForce Experience Flaws

Threatpost

Versions of Nvidia GeForce Experience for Windows prior to 3.20.5.70 are affected by a high-severity bug that could enable code execution, denial of service and more.

Security 116
article thumbnail

US Officials Blame Election Data Theft on Russian APT Group

Data Breach Today

'Berserk Bear' Hacking Team Known for 'Gaining Footholds in Critical Infrastructure' U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and stolen election-related data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.

article thumbnail

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data.

article thumbnail

Elite Russian Sandworm Hackers' Epic OPSEC Problem

Data Breach Today

US Indictment Airs Russian Military and Operators' Dirty Laundry An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?

Military 240
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

New Report on Police Decryption Capabilities

Schneier on Security

There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by law enforcement in the United States. Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia.

IT 113
article thumbnail

Massive U.S. Voter Database Offered for Sale

Data Breach Today

Trustwave: Data Comes From Public Sources, Leaks Voter information on as many as 186 million Americans was being offered for sale in an online forum, according to Trustwave. The information apparently came from public sources as well as data leaks.

Sales 201
article thumbnail

US Treasury Sanctions Russian Institution Linked to Triton Malware

Dark Reading

Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports.

129
129
article thumbnail

LockBit Ransomware Uses Automation Tools to Pick Targets

Data Breach Today

Sophos: Malware Excels at Evading Detection and Picking Specific Victims The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected. French IT outsourcer Sopra Steria has been hit by a ransomware attack, while the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware. “A cyber attack was detected on the Sopra Steria computer network on the evening of October 20.

article thumbnail

Analysis: The Significance of Russian Hackers' Indictment

Data Breach Today

The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.

Privacy 159
article thumbnail

A Pause to Address 'Ethical Debt' of Facial Recognition

Dark Reading

Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.

118
118
article thumbnail

Georgia Election Data Hit in Ransomware Attack

Threatpost

With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Cybercriminals Could be Coming After Your Coffee

Dark Reading

Researchers show no IoT device is too small to fall victim to ransomware techniques.

IoT 142
article thumbnail

Ransomware Takes Down Network of French IT Giant

Threatpost

Sopra Steria hit with cyber attack that reportedly encrypted parts of their network on Oct. 20 but has remained mostly mum on details.

article thumbnail

Guest blog: CDO Summer School – A look back

Collibra

What makes a learning experience useful, pivotal or even, to use an 80’s expression, paradigm-shifting? In other words, what makes learning groundbreaking enough to make you rethink how you do things? Join me for a look back at the 2020 class of #CDOSummerSchool. As I take my first train after 6 months in lockdown, it occurs to me that a great learning experience takes you on a journey – from where you are now to where you’re meant to be.

article thumbnail

Louisiana Calls Out National Guard to Fight Ransomware Surge

Threatpost

An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

China: New draft national, harmonised data protection law for Mainland China

DLA Piper Privacy Matters

By Carolyn Bigg , Venus Cheung , Fangfang Song. A first national level personal information protection law for Mainland China has been published, reinforcing and heightening existing data protection compliance obligations for organisations doing business in China. Compliance obligations previously considered recommended practice will now become binding law, and new compliance steps – including some registrations with the local authorities – must be taken.

article thumbnail

Flurry of Warnings Highlight Cyber Threats to US Elections

Dark Reading

FBI and intelligence officials issue fresh warnings about election interference attempts by Iranian and Russian threat actors.

133
133
article thumbnail

Election Security: Beyond Mail-In Voting

Threatpost

There are many areas of the election process that criminal hackers can target to influence election results.

article thumbnail

The US Sanctions Russians For Potentially ‘Fatal’ Malware

WIRED Threat Level

The message is meant to deter any similar attack against US infrastructure.

Security 101
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Microsegmentation: The Core of Zero Trust Security

eSecurity Planet

Microsegmentation is a core technology for achieving zero trust security, the idea that no one should be trusted or given more access than needed.

article thumbnail

UWB, Ultrasonic Mesh Provide Indoor or Outdoor Contract Tracing

RFID Global Solution, Inc.

Claire Swedberg, Senior Editor, RFID Journal Schools, construction firms, offices and manufacturers are among those testing a social-distancing and contact-tracing system from RFID Global that privately alerts workers or students regarding unsafe proximity to colleagues; employers or schools can use the data to manage safer operations. Oct 19, 2020 Office and factory personnel, construction workers, and … UWB, Ultrasonic Mesh Provide Indoor or Outdoor Contract Tracing Read More ».

article thumbnail

Cybercriminals Could be Coming After Your Coffee

Dark Reading

Researchers show no IoT device is too small to fall victim to ransomware techniques.

IoT 79