Thu.Apr 15, 2021

US Sanctions Russia Over SolarWinds Attack, Election Meddling

Data Breach Today

Biden Administration Attributes SolarWinds Attack to Russia's Foreign Intelligence Service The Biden administration has formally sanctioned Russia over the cyber operation that targeted SolarWinds and its customers as well as the disinformation campaign against the 2020 U.S. elections.

IT 198

Software Developer Arrested in Computer Sabotage Case

Dark Reading

Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer

101
101
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Lazarus E-Commerce Attackers Also Targeted Cryptocurrency

Data Breach Today

Magecart-Style Attacks Included Bitcoin-Grabbing Functionality, Group-IB Reports Hackers with apparent ties to North Korea who hit e-commerce shops via Magecart-style attacks to steal payment card data also tested malicious tools for stealing cryptocurrency, reports cybersecurity firm Group-IB.

US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

Security Affairs

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K.

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Bank Groups Object to Proposed Breach Notification Regulation

Data Breach Today

ABA, Others Call Requirements Too Burdensome The American Bankers Association and three other banking groups have voiced objections to provisions in a proposed federal cyber incident notification regulation.

More Trending

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Security Affairs

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016 , were moved on Wednesday to new accounts.

Google Brings 37 Security Fixes to Chrome 90

Dark Reading

The latest version of Google Chrome also introduces HTTPS as the browser's default protocol

Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto

Security Affairs

Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses.

Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4

Dark Reading

There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows

90

Insights on Choosing an Identity Verification Solution Provider

Sort through today’s crowded identity verification solutions landscape with our guide, designed to help you choose the right provider based on your unique needs.

Five Steps to Win the Battle Against Information Chaos in 2021

AIIM

We surveyed members of the AIIM Community as a part of our yearly look at the state of the industry. The numbers are in— 46% of respondents graded their organizations as poor or needs improvement when it comes to dealing with the rising tide of information chaos.

How to Create an Incident Response Plan From the Ground, Up

Dark Reading

Security 101: In the wake of an incident, it's important to cover all your bases -- and treat your IR plan as a constantly evolving work in progress

US Sanctions on Russia Rewrite Cyberespionage's Rules

WIRED Threat Level

The US has sent a loud message to Moscow—though what it's saying isn’t exactly clear. Security Security / National Security

IT 81

Nation-State Attacks Force a New Paradigm: Patching as Incident Response

Dark Reading

IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out

IT 86

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

April 2021 Security Patch Day fixes a critical flaw in SAP Commerce

Security Affairs

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce.

Test-DEU-169665

Dark Reading

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director

83

DNI’s Annual Threat Assessment

Schneier on Security

The office of the Director of National Intelligence released its “ Annual Threat Assessment of the U.S. Intelligence Community.” ” Cybersecurity is covered on pages 20-21. Nothing surprising: Cyber threats from nation states and their surrogates will remain acute.

Pandemic Pushes Bot Operators to Redirect Efforts

Dark Reading

As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

EDPB Gives the Green Light to the Commission’s Draft UK Adequacy Decisions

Data Matters

On 13 April 2021, the European Data Protection Board ( EDPB ) adopted two Opinions on the draft UK adequacy decisions: (i) Opinion 14/2021 for transfers of personal data under the EU General Data Protection Regulation ( EU GDPR ); and (ii) Opinion 15/2021 for transfers of personal data under the Law Enforcement Directive ( LED ).

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Dark Reading

Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks

IT 76

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Threatpost

Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Hacks Malware Vulnerabilities

103
103

OpenText World Europe 2021—Grow with OpenText

OpenText Information Management

We have never worked this fast, and we will never work this slow again.

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Biden Races to Shore Up Power Grid Against Hacks

Threatpost

A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. Critical Infrastructure Government Hacks Malware

IG World to Conduct Global InfoGov Study, Release Results at InfoGovWorld Expo 2021

IG Guru

News Release April 6, 2021Contact: Robert Smallwoodrobert@infogovworld.com IG World to Conduct Global InfoGov Study, Release Results at InfoGovWorld Expo 2021 San Diego, CA, April 6, 2021 – Information Governance World magazine announced today that it will conduct a global study on Information Governance (IG).

IT 62

Gafgyt Botnet Lifts DDoS Tricks from Mirai

Threatpost

The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. IoT Malware Vulnerabilities Web Security

IoT 88

Information Governance: Navigating the Global Digital Economy

Information Governance Perspectives

Right now, we are experiencing a fantastic transformation of the business environment but particularly the evolution of technology and the global digital economy.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

If you see one thing at I-Sigma this year…

IG Guru

CSR brings in special guest Chuck Norris to promote CSR’s uRISQ [link]. The post If you see one thing at I-Sigma this year… appeared first on IG GURU. Business Compliance i-SIGMA IG News Privacy Risk News Shredding Sponsored CSR i-SIGMA 2021 Conference uRISQ

Risk 59

Case Law Summary: Are Hyperlinked Documents the Same as Attachments?

Hanzo Learning Center

Hyperlinked documents might be used like attachments, but this court isn’t ready to call them part of the family. ediscovery Case Law Summary Hanzo Hold Google Workspace Google Drive

52

Best WhatsApp alternatives that respect your privacy via ProtonMail Blog

IG Guru

Check out the article here. The post Best WhatsApp alternatives that respect your privacy via ProtonMail Blog appeared first on IG GURU. Facebook IG News information privacy Privacy E2EE Element Encryption Ephemeral Messaging Keybase Private Messaging Proton Mail Telegram Threema Wickr Me Wire