Krebs on Security
AUGUST 7, 2019
Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists.
Data Breach Today
AUGUST 7, 2019
Scheme Involved Unlocking 2 Million Smartphones to Enable Fraud The Justice Department has indicted two men on charges of paying more than $1 million in bribes to AT&T employees who helped plant malware on the carrier's network and access the company's internal systems. The complicated scheme involved unlocking 2 million smartphones from AT&T's network, prosecutors say.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
AUGUST 7, 2019
When I was a kid in grade school, I always hated homework because it often stood in the way of going outside to play with my friends. I can remember joking around with them and saying that we needed to build a robot to do our homework for us. That way, we could spend our after school time riding bikes and playing together. At the time, we were just kids being kids - we didn't think that we could actually build something like that.
Data Breach Today
AUGUST 7, 2019
$2 Billion From Cryptocurrency and Bank Heists Funneled to Weapons A confidential, leaked UN report warns that North Korea has funneled an estimated $2 billion - stolen via online bank and cryptocurrency exchange heists as well as generated via cryptocurrency mining - into its nuclear and missile-development programs.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Elie
AUGUST 7, 2019
In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Elie
AUGUST 7, 2019
With over 1.4 billion active users and million of companies entrusting it to handle their email, Gmail has a unique vantage point on how phishing groups operate. In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets. Then, leveraging insights from the cognitive and neuro-science fields on user's susceptibility and decision-making, we discuss why different types of users fall for phishing and how those insights can be used
Data Breach Today
AUGUST 7, 2019
Massive Data Breach Continues to Get Messier It's been more than two months since lab companies began revealing they had patient data exposed in a data breach at American Medical Collection Agency. But new victim organizations are continuing to emerge, bringing the total to about 18.
Security Affairs
AUGUST 7, 2019
Experts discovered a new variant of the Spectre vulnerability (SWAPGS Attack) that affects modern Intel CPUs which leverage speculative-execution , and also some AMD processors. Experts discovered a new Spectre speculative execution flaw (SWAPGS attack), tracked as CVE-2019-1125, that affects all Modern Intel CPUs and some AMD processors. The flaw could be exploited by unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory ( i.e. pass
Data Breach Today
AUGUST 7, 2019
The SANS Institute's Cyber Workforce Academy is helping to address the shortage of cybersecurity pros by recruiting individuals from other fields and matching graduates with local employers, says Max Shuftan, who leads the institute's cyber talent division. The approach could serve as a model, he says.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
erwin
AUGUST 7, 2019
A data catalog benefits organizations in a myriad of ways. With the right data catalog tool, organizations can automate enterprise metadata management – including data cataloging, data mapping, data quality and code generation for faster time to value and greater accuracy for data movement and/or deployment projects. Data cataloging helps curate internal and external datasets for a range of content authors.
Data Breach Today
AUGUST 7, 2019
Protecting your enterprise from breaches and account takeovers has never been a bigger challenge. New tools make it possible for even unsophisticated actors to perform advanced, widespread attacks that put your organization at risk. According to the 2019 Verizon Breach Report, stolen credentials are the leading attack vector - yet in a recent study by Symantec, only 7% of respondents rated account takeover as a top threat to their cloud infrastructure.
Security Affairs
AUGUST 7, 2019
The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. The insurance firm is notifying the impacted customers, but it did not disclose the number of affected users.
Schneier on Security
AUGUST 7, 2019
I know there's a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly by actors much less sophisticated than rival governments. Brazil's federal police arrested four people for allegedly hacking 1,000 cellphones belonging to various government officials, including that of President Jair Bolsonaro.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Threatpost
AUGUST 7, 2019
From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?
Security Affairs
AUGUST 7, 2019
The operators behind the recently discovered Echobot botnet added tens of new exploits to infect a broad range of systems worldwide. In June, experts at PaloAlto Networks uncovered a new botnet , dubbed Echobot that is based on the dreaded Mirai botnet. At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits.
Threatpost
AUGUST 7, 2019
Several serious privacy flaws in a kid's tablet were disclosed this year at Black Hat, which could allow a bad actor to track or send messages to children.
Security Affairs
AUGUST 7, 2019
Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today I’d like to share a comparative analysis of OilRig techniques mutation over time. In particular I will refer to great analyses made by Paloalto UNIT 4 2 plus my own ones ( HERE , HERE , HERE , etc.) and more personal thoughts.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
AUGUST 7, 2019
Unlike many nations, North Korea often engages in cyber operations to generate much-needed cash for the country's coffers. In that respect, its hackers have been extremely successful.
Security Affairs
AUGUST 7, 2019
Cisco has released security updates to address several vulnerabilities in Cisco Small Business 220 Series Smart Switches. Cisco released security updates to address several vulnerabilities in Cisco Small Business 220 Series Smart Switches, including two critical issues. The most important flaw, tracked as CVE-2019-1913, could be exploited by an unauthenticated, remote attacker to execute arbitrary code with root privileges.
WIRED Threat Level
AUGUST 7, 2019
One researcher's discovery suggests troubling oversights in Boeing's cybersecurity.
Threatpost
AUGUST 7, 2019
At Black Hat USA 2019, researchers showed how a previously-disclosed flaw on Windows systems that could allow arbitrary code execution could also impact Hyper-V.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
AUGUST 7, 2019
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
DXC Technology
AUGUST 7, 2019
Digital transformation requires organizations to be agile, adaptable, flexible, and scalable. It requires a strategic vision and a collective mindset that is focused on innovation, teamwork, and problem-solving. But without strong trust among employees in an organization’s leaders, the elements that drive digital transformation can become corroded and ineffective.
Dark Reading
AUGUST 7, 2019
Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor.
WIRED Threat Level
AUGUST 7, 2019
You don't even have to click anything.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
AUGUST 7, 2019
Deception technology is evolving rapidly, making it easier for organizations to turn the tables on their attackers. Here's how.
Collibra
AUGUST 7, 2019
There’s an old story about a group of people who have to guess what an object is just by touch. Each one makes a different guess, which leads to disagreement and distrust. It turns out everyone is wrong—the object is an elephant, but one was holding the trunk, one had a tusk, and so on. Nobody got it because no one had the full story. That’s how it is inside data-heavy organizations.
Dark Reading
AUGUST 7, 2019
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
Expert insights. Personalized for you.
255 
Let's personalize your content