Data Breach Today
DECEMBER 1, 2020
Includes New Breach Notification Requirements, Fines and Greater Regulatory Powers New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Krebs on Security
DECEMBER 1, 2020
A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S. and United Kingdom, running a service that launched distributed denial-of-service (DDoS) attacks, and for possessing sexually explicit images of minors. Timothy Dalton Vaughn from Winston-Salem, N.C. was a key member of the Apophis Squad , a gang of young ne’er-do-wells who made bomb threats to more than 2,400 schools and launched DDoS attacks a
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 1, 2020
Largest Breach of Its Kind So Far This Year A recent data breach at a Colorado-based mental health clinic that exposed data on nearly 300,000 individuals is the latest of several in the mental health sector this year.
IT Governance
DECEMBER 1, 2020
We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below. Here is our complete list of November’s cyber attacks and data breaches. As usual, incidents affecting UK organisations are in bold.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 1, 2020
IoT Chipmaker Threated With Additional Data Leaks The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 1, 2020
Researchers: Malware Uses Multistage Payloads, Anti-Detection Techniques Trend Micro researchers have uncovered a macOS backdoor variant - designed to bypass security tools - that's linked to an advanced persistent threat group operating from Vietnam.
Schneier on Security
DECEMBER 1, 2020
Many systems are vulnerable : Researchers at the time said that they were able to launch inaudible commands by shining lasers — from as far as 360 feet — at the microphones on various popular voice assistants, including Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant. […]. They broadened their research to show how light can be used to manipulate a wider range of digital assistants — including Amazon Echo 3 — but also sensing systems found in medical
Data Breach Today
DECEMBER 1, 2020
Researchers: Campaign Targets Victims in Germany A hacking campaign in Germany is using compromised websites and social engineering tactics to deliver the Gootkit banking Trojan or REvil ransomware, according to Malwarebytes.
Threatpost
DECEMBER 1, 2020
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 1, 2020
Check Point: New Strains Active Around the World Check Point Research has identified new variants of the long-dormant Bandook spyware that are being used for espionage campaigns across the world targeting government, financial, energy, food industry, healthcare, education, IT and legal organizations.
Dark Reading
DECEMBER 1, 2020
Wide area networking and network security services unite to provide secure, cloud-based connectivity for enterprises' remote employees -- and these days that means billions of workers.
Threatpost
DECEMBER 1, 2020
The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account.
Security Affairs
DECEMBER 1, 2020
The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. The CVE-2020-14882 can be exploited by unauthenticated attackers to take over the system by sending a simple HTTP GET request.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Daymark
DECEMBER 1, 2020
Azure Sentinel is a cloud native Security Information Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) solution from Microsoft. It was the topic of discussion at one of our recent Daymark Cloud Clinics where our technical cloud consultants offer complimentary technical training and tips on a wide range of Azure and Office 365 features.
Security Affairs
DECEMBER 1, 2020
npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js developers who imported and installed the jdb.js and db-json.js packages.
OpenText Information Management
DECEMBER 1, 2020
For law firms, corporate legal departments, and other organizations producing, managing and collaborating on high-touch, high-value work product, capturing and working with data at the source is vital to increasing efficiency and maintaining productivity. With new integrations to Microsoft Teams™ and OneDrive™ cloud applications, OpenText™ eDOCS CE 20.4 delivers a secure, work-anywhere, information center where … The post What’s new in OpenText eDOCS CE 20.4 appeared first on OpenText Blog
Security Affairs
DECEMBER 1, 2020
Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns. New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Hunton Privacy
DECEMBER 1, 2020
On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. Background.
Security Affairs
DECEMBER 1, 2020
Talos experts found flaws in the WebKit browser engine that can be also exploited for remote code execution via specially crafted websites. Cisco’s Talos team discovered security flaws in the WebKit browser engine, including flaws that can be exploited by a remote attacker to gain code execution by tricking the user into visiting a malicious website.
OneHub
DECEMBER 1, 2020
What exactly is burnout? Work burnout is a state of chronic emotional distress caused by work-related stress. Gallup, a globally recognized analytics company, released a report on employee burnout. It found that 76% of employees experience burnout at least sometimes, and 28% experience it “very often” or “always.”. This report was released in 2019, well before “pandemic” became a household word.
Security Affairs
DECEMBER 1, 2020
The CyberNews investigation team discovered French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data. Original post @ [link]. The CyberNews investigation team discovered an unsecured, publicly accessible Kibana dashboard of an ElasticSearch database containing confidential data belonging to Apodis Pharma , a software company based in France.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
DECEMBER 1, 2020
A dynamic analysis of the publicly available images on Docker Hub found that 51% had critical vulnerabilities and about 6,500 of the 4 million latest images could be considered malicious.
Threatpost
DECEMBER 1, 2020
New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data.
Security Affairs
DECEMBER 1, 2020
Baltimore County Schools were hit by a ransomware attack that forced them to close leaving more than 100,000 students out. Baltimore County Schools are still closed following a ransomware attack and unfortunately, at the time of this writing, it is impossible to predict when school will resume. School officials notified state and federal law enforcement agencies, that launched an investigation into the incident.
Threatpost
DECEMBER 1, 2020
The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
DECEMBER 1, 2020
The attorney general has long been one of the president’s chief apologists. Not this time.
Threatpost
DECEMBER 1, 2020
The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.
Dark Reading
DECEMBER 1, 2020
Grab some wrapping paper: These STEM toys and games are sure to spark creativity and hone coding and logic skills among a future generation of cybersecurity pros.
Expert insights. Personalized for you.
292 
Let's personalize your content