Dark Reading

OCTOBER 29, 2020

According to the Wisconsin Republican Party, thieves used altered invoices to make off with $2.3 million in election funds.

121

121

Troy Hunt

OCTOBER 29, 2020

Almost a decade ago now, I wrote what would become one of my most career-defining blog posts: The Only Secure Password is the One You Can't Remember. I had come to the realisation that I simply had too many accounts across too many systems to ever have any chance of creating decent unique passwords I could remember. So, I set out to find a password manager and 10 Christmas holidays ago now, I spent the best 50 bucks ever: I choose 1Password way back then and without a shadow of a doubt, it has b

Passwords 138

Passwords Security IT 138

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia.

Ransomware 142

Ransomware IoT Sales Communications 142

Data Breach Today

OCTOBER 29, 2020

Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.

Security 284

Security Phishing Government 284

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Matters

OCTOBER 29, 2020

New privacy developments continue to come from California, with a new proposed modifications to CCPA regulations, continuing CCPA litigation, and voting beginning on Proposition 24, an initiative to overhaul the CCPA. We provide insight into each below. Proposed Third Modified CCPA Regulations. In mid-October 2020, just a few months after the “finalization” of the regulations, the California Office of Attorney General proposed a handful of proposed modifications to regulations implementing the

Privacy 111

Privacy Sales Compliance Paper 111

Threatpost

OCTOBER 29, 2020

Amid an uptick in attacks on healthcare orgs, malware families, Kegtap, Singlemalt and Winekey are being used to deliver the Ryuk ransomware to already strained systems.

Ransomware 114

Ransomware Phishing 114

Data Breach Today

OCTOBER 29, 2020

Finnish Mental Health Provider's Clients Threated With Data Exposure Hackers are threatening patients of a Finnish mental health provider with the public release of their sensitive data exposed in a 2018 data breach if they do not pay a ransom. The case highlights how data breaches can open the door to additional cybercrimes over an extended period.

Data breaches 274

Data breaches 274

Security Affairs

OCTOBER 29, 2020

US Cyber Command published technical details on malware implants used by Russia-linked APTs on multiple parliaments, embassies. US Cyber Command shared technical details about malware implants employed by Russian hacking groups in attacks against multiple ministries of foreign affairs, national parliaments, and embassies. Experts from the US Cyber Command’s Cyber National Mission Force (CNMF) unit and the Cybersecurity and Infrastructure Security Agency (CISA) uploaded the samples on the V

Cybersecurity 105

Cybersecurity Government Security IT 105

Data Breach Today

OCTOBER 29, 2020

Warning From CISA nd FBI Follows Reports of Several Hospitals Hit With Malware The FBI and CISA warn U.S. hospitals about a fresh wave of Ryuk ransomware attacks that have recently targeted healthcare facilities across the country. Over the past week, several hospitals have publicly reported attacks, which appear to be financially motivated.

Ransomware 225

Ransomware 225

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Hunton Privacy

OCTOBER 29, 2020

On October 29, 2020, the non-governmental organization co-founded by privacy activist Max Schrems, None of Your Business (“NOYB”), announced it can now file representative actions and claim damages on behalf of consumers for violations of various laws regarding consumer protection (including data protection law) in Belgium. Specifically, in a decision published in the Official Gazette on September 30, 2020, the Belgian Minister of Employment, Economy and Consumer Affairs approved NOYB as a quali

Privacy 98

Privacy IT 98

Data Breach Today

OCTOBER 29, 2020

'Turla' Recently Targeted a European Government Agency for Espionage Turla, a hacking group based in Russia, is deploying a revamped set of customized tools to target potential victims, including a European government agency, for its espionage campaigns, according to Accenture.

Government 210

Government IT 210

Threatpost

OCTOBER 29, 2020

Attackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF.

Phishing 107

Phishing Security 107

Data Breach Today

OCTOBER 29, 2020

Pandemic Expert Regina Phelps on What to Expect Headed Into Flu Season COVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.

134

134

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Schneier on Security

OCTOBER 29, 2020

A security researcher discovered a wulnerability in Waze that breaks the anonymity of users: I found out that I can visit Waze from any web browser at waze.com/livemap so I decided to check how are those driver icons implemented. What I found is that I can ask Waze API for data on a location by sending my latitude and longitude coordinates. Except the essential traffic information, Waze also sends me coordinates of other drivers who are nearby.

Security 101

Security 101

Dark Reading

OCTOBER 29, 2020

New additions are built to help organizations better respond to threats and protect applications and data in the cloud.

Cloud 114

Cloud Security 114

WIRED Threat Level

OCTOBER 29, 2020

As Covid-19 infections spike in many parts of the US, malware gangs are wreaking havoc on the health care system.

Ransomware 113

Ransomware Security 113

Dark Reading

OCTOBER 29, 2020

Heightened vulnerability comes at a time when the sector has been focusing on setting up a remote workforce and online learning amid the pandemic.

Education 108

Education 108

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization. The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizat

Government 92

Government Encryption Communications IT 92

Dark Reading

OCTOBER 29, 2020

The days of healthcare organizations relying solely on endpoint security software to stop attacks are over. Here are six ways that healthcare providers can fight the ever-present threat.

Ransomware 96

Ransomware Security 96

WIRED Threat Level

OCTOBER 29, 2020

From changing privacy settings to putting limits on those infuriating notifications, here’s how to take control of Slack.

IT 111

IT Privacy Security 111

Dark Reading

OCTOBER 29, 2020

The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card.

Insurance 96

Insurance Military Ransomware 96

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

OpenText Information Management

OCTOBER 29, 2020

In a recent podcast, Matthew Cornelius, Executive Director of the Alliance for Digital Innovation (ADI), told me that Covid-19 had driven IT modernization in government as far in a few months as achieved in the previous 15 years. For him, the agencies able to better respond to the pandemic were those that had committed to … The post Is cloud the silver lining for government?

Government 83

Government Cloud IT 83

Dark Reading

OCTOBER 29, 2020

Darktrace director of strategic threat Marcus Fowlers explains what to expect from nation-state attackers in the months to come -- and why kindergarten classes are a good model for solid cybersecurity.

Cybersecurity 92

Cybersecurity 92

Threatpost

OCTOBER 29, 2020

NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn't be patched until early 2021.

IT 94

IT 94

Dark Reading

OCTOBER 29, 2020

Answers to these five questions will help security teams defend against attackers in the post-quantum computing era.

Encryption 102

Encryption Security 102

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Hunton Privacy

OCTOBER 29, 2020

On October 27, 2020, the UK Information Commissioner’s Office (“ICO”) published its enforcement notice against credit reference agency Experian Limited (“Experian”) under Section 149 of the Data Protection Act 2018 (“DPA”) (the “notice”). The notice requires Experian to make fundamental changes to its offline direct marketing practices, and was issued after the ICO undertook a two-year investigation into the use of personal data by data broking businesses Experian, Equifax and TransUnion.

Personal data 81

Personal data Marketing GDPR Compliance 81

Dark Reading

OCTOBER 29, 2020

A joint advisory from the CISA, FBI, and HHS warns of an "increased and imminent" threat to US hospitals and healthcare providers.

Ransomware 125

Ransomware 125

Security Affairs

OCTOBER 29, 2020

Threat actors have started exploiting a critical vulnerability in Oracle WebLogin, tracked as CVE-2020-14882, in attacks in the wild. Threat actors have started scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the attempt of exploiting the a critical flaw tracked as CVE-2020-14882. The CVE-2020-14882 can be exploited by unauthenticated attackers to take over the system by sending a simple HTTP GET request.

Honeypots 80

Honeypots Security IT Information Security 80