Wed.Mar 25, 2020

article thumbnail

US Government Sites Give Bad Security Advice

Krebs on Security

Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now.

article thumbnail

FBI Shutters Alleged Russian Cybercriminal Forum

Data Breach Today

Deer.io Enabled Fraudsters to Buy and Sell Stolen Data, Federal Prosecutors Say The FBI this week seized the domain of Deer.io, which federal authorities describe as a clearinghouse for stolen data and cybercriminal services operating from Russia. The alleged administrator of the now-shuttered site has been arrested and charged.

261
261
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

MY TAKE: Deploying ‘machine learning’ at router level helps companies prepare for rise of 5G

The Last Watchdog

Machine learning (ML) and digital transformation (DX) go hand in glove. We’ve mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated. Related: Defending networks with no perimeter Machine learning already is deeply embedded in the online shopping, banking, entertainment and social media systems we’ve come to rely on.

article thumbnail

More Ransomware Gangs Join Data-Leaking Cult

Data Breach Today

Report: Nefilim, CLOP, Sekhmet Follow in Maze Gang's Footsteps More bad ransomware news: Following in the footsteps of Maze, now even more cybercrime gangs are threatening to not only crypto-lock systems but also leak stolen data. Such moves come following a banner year for ransomware operators, who are continuing to bring more advanced tactics to bear.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. The campaign was uncovered by FireEye , threat actor targeted many organizations worldwide the world by exploiting vulnerabilities in Citrix, Cisco and Zoho ManageEngine products.

More Trending

article thumbnail

Tupperware website has been compromised with a payment card skimmer

Security Affairs

The Tupperware website, the popular manufactured of plastic food container products was infected with a payment card skimmer. Hackers have compromised the website of the popular vendor of plastic food container products Tupperware implanting a payment card skimmer used to steal customers’ payment card details. The official website has approximately 1 million monthly visits on average.

CMS 109
article thumbnail

Managing Supply Chain Challenges During the COVID-19 Crisis

Data Breach Today

While responding to the COVID-19 crisis, supply chain risks can be better managed if an organization continues to rely on its longtime vendors, says Daniel Bowden, CISO at Sentara Healthcare, who offers insights on third-party security risk management in the current environment.

Risk 175
article thumbnail

Security tips to support remote work due to the coronavirus

DXC Technology

In response to the coronavirus (COVID-19) and related social distancing rules and guidelines, an ever-increasing number of companies are closing their offices and implementing work from home policies. For some workers and companies, remote work is already routine. For others though, this is uncharted territory. Many workers who previously worked exclusively from an office suddenly […].

Security 102
article thumbnail

Mobile Malware Bypasses Banks' 2-Factor Authentication: Report

Data Breach Today

IBM Researchers Describe How 'TrickMo,' a TrickBot Variant, Works A variant of the TrickBot Trojan bypasses two-factor authentication for mobile banking, for example, by intercepting one-time codes sent over SMS, according to IBM X-Force.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Creating trusted COVID-19 data for communities

IBM Big Data Hub

In these rapidly changing times, we all need to get the best information available to make better informed decisions. Between news reports, adjusting to social distancing practices, and other daily adjustments, many of us face a deluge of incoming information. IBM is making it easier for people around the world to stay up to date on COVID-19 in their vicinity as demand for the latest news and statistics surges week-to-week.

IT 101
article thumbnail

Microsoft Alert: Fresh Zero-Day Flaws Found in Windows

Data Breach Today

'Limited Targeted Attacks' Already Being Tracked by Technology Giant Microsoft is warning that attackers are exploiting a pair of critical, zero-day flaws in Windows that allow for remote code execution, which could enable a threat actor to take over an infected device. Although a patch for the flaws is not expected until April, the company described workarounds.

136
136
article thumbnail

Facial Recognition for People Wearing Masks

Schneier on Security

The Chinese facial recognition company Hanwang claims it can recognize people wearing masks : The company now says its masked facial recognition program has reached 95 percent accuracy in lab tests, and even claims that it is more accurate in real life, where its cameras take multiple photos of a person if the first attempt to identify them fails. [.].

IT 92
article thumbnail

COVID-19 and the CISO: Jim Routh on Leadership

Data Breach Today

MassMutual CISO on the Challenge of Securing Remote Workforce, Supply Chain At its core, cybersecurity is about applying scarce resources to the highest risk. And nothing quite puts that tenet to the test like the COVID-19 pandemic. Jim Routh, CISO of MassMutual, discusses the challenges of managing a remote workforce and third-party relationships during this crisis.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

European Data Protection Board Releases Statement on Personal Data and COVID-19

Data Matters

On 20 March 2020, the European Data Protection Board (“ EDPB ”) released a statement on the protection of personal data in connection with measures that public authorities and business organizations (including employers) are taking to address the Coronavirus (COVID-19) pandemic. This statement is an extension of the statement released by the EDPB chair on 16 March 2020, (which can be accessed here ).

article thumbnail

How to facilitate remote learning: Part 5 — Apps and games

Jamf

To best keep students and educators safe — schools are re-evaluating their teaching practices and learning environments to accommodate an at-home, remote learning experience. In the conclusion of our five-part blog series, we show you how to leverage apps and games to enhance remote learning.

article thumbnail

The Postal Service's Surprising Role in Surviving Doomsday

WIRED Threat Level

The little-known Postal Plan, which dates back to the Clinton era, charges mail carriers with delivering critical supplies—like vaccines—as a last resort.

article thumbnail

Dutch DPA Publishes Recommendations Regarding COVID-19 and Privacy in the Workplace

Hunton Privacy

The Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) recently published materials regarding the COVID-19 crisis, including recommendations and FAQs for employers and recommendations for employees. In the materials, the Dutch DPA emphasizes that, while fighting the virus and saving lives is the top priority, privacy must not be overlooked and the crisis should not become a prelude to a “Big Brother” society.

Privacy 74
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Will The Coronavirus Save Big Tech?

John Battelle's Searchblog

Who’s Really Behind That “Death of the Techlash” Narrative? One of my least favorite kinds of journalism is the easy win. It’s the kind of story that just lands in your lap. It feels immediately counter intuitive and of the moment, and it simply writes itself. It’s the kind of editorial sin most often committed by columnists facing immutable deadlines, and a perfect example can be found in the Wall St.

Privacy 79
article thumbnail

Secure together: Managing your WordPress access during coronavirus

IT Governance

If a week is a long time in politics, then it’s a veritable aeon when it comes to economy-collapsing, pub-closing, sports-halting pandemics. In the space of a few days, we’ve gone from mild concern as we looked at statistics, to frustration as pubs and restaurants closed, to cautiously stocking up on supplies, and eventually to a numbing acceptance that we’re all going to be stuck inside for the foreseeable future.

Access 76
article thumbnail

Philippines Joins the APEC CBPR System

Hunton Privacy

On March 9, 2020, the APEC Cross-Border Privacy Rules (“CBPR”) system Joint Oversight Panel approved the Philippines’ application to join the APEC CBPR system. The Philippines becomes the ninth APEC economy to join the CBPR system, joining the United States, Mexico, Canada, Japan, South Korea, Singapore, Chinese Taipei and Australia. As we previously reported , the Philippines National Privacy Commission will now have to identify an accountability agent, which, once approved, will be able to ind

Privacy 76
article thumbnail

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Threatpost

Researchers say that APT41's exploits are part of one of the broadest espionage campaigns they've seen from a Chinese-linked actor "in recent years.".

Cloud 83
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Hunton Privacy

The Spanish Data Protection Authority (the “AEPD”) recently published a report on data processing activities carried out by data controllers in the private and public sectors as a result of the spread of the COVID-19 virus (the “Report”). The Report first notes that the EU General Data Protection Regulation (“GDPR”) contains necessary safeguards and rules with respect to personal data processing in a general health emergency.

article thumbnail

Missing Patches, Misconfiguration Top Technical Breach Causes

Dark Reading

Less than half of businesses surveyed can patch critical vulnerabilities within 72 hours. Why does the process take so long?

118
118
article thumbnail

7 Maintenance Questions Every IT Pro Should Ask

Daymark

In today’s multi-vendor, multi-cloud world, managing IT maintenance contracts can easily spiral out of control. Not having a full grasp of where they all stand can be costly in terms of both budget and vulnerabilities from out of support equipment and software.

IT 69
article thumbnail

Do DevOps Teams Need a Company Attorney on Speed Dial?

Dark Reading

In today's regulatory and legislative environment, companies and individuals are exposed to lawsuits over security breaches, resulting in significant fines and ending careers.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Exploring technology innovation at SITE Centers

OpenText Information Management

We are currently seeing a shift in enterprises looking to innovation not just to disrupt, but to solve real business problems as well. As a publicly-traded Real Estate Investment Trust with over 500 value-oriented shopping centers representing 130 million square feet in 41 states, SITE Centers is no stranger to these challenges—or to the potential … The post Exploring technology innovation at SITE Centers appeared first on OpenText Blogs.

article thumbnail

What Should I Do If Someone Is Impersonating My Company in a Phishing Campaign?

Dark Reading

Two security awareness advocates from KnowBe4 provide some solid suggestions.

article thumbnail

Agility delivers the world’s goods using greener routes

OpenText Information Management

For leading logistic company Agility, having access to their data through an integrated information platform can provide the insights needed to streamline operations and reduce carbon emissions throughout the supply chain. For decades, Agility ran operations as had been done for centuries: rife with paper trails. Even as email and fax sped delivery, lack of … The post Agility delivers the world’s goods using greener routes appeared first on OpenText Blogs.

Paper 62