Krebs on Security
DECEMBER 10, 2020
Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.
Data Breach Today
DECEMBER 10, 2020
Hunters Could Become the Hunted After Theft of Cybersecurity Firm's Hacking Tools Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's penetration testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
erwin
DECEMBER 10, 2020
Learn. Transform. Advance. That was the theme of the global conference we produced in October, but I’d venture to say it’s the mantra global organizations need to adopt as we continue to deal with the most disruptive event of our lifetime: COVID-19. Learn. When I look back, I should not be surprised that 2020 has been incredibly busy for us here at erwin.
Data Breach Today
DECEMBER 10, 2020
Attack Took Down Amazon, PayPal, Spotify, Twitter and Others One of those responsible for the massive Mirai-based DDoS attack launched in October 2016 that targeted domain name resolver Dyn and knocked Amazon, PayPal, Spotify, Twitter and others offline has pleaded guilty to federal charges.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Schneier on Security
DECEMBER 10, 2020
The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they started extorting money from the patients : Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 10, 2020
Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages. Users are redirected to fraudulent domains where they are tricked into installing tainted software.
Data Breach Today
DECEMBER 10, 2020
Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
Threatpost
DECEMBER 10, 2020
Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life.
Data Breach Today
DECEMBER 10, 2020
Officials: Hackers Used Brute-Force Methods to Hack Email Accounts The Norwegian parliament's investigation into the hacking of email accounts of some elected officials and government employees in August has found that the Russian-linked APT28, also known as Fancy Bear, is likely responsible.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
DECEMBER 10, 2020
Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations
Data Breach Today
DECEMBER 10, 2020
Researchers: 'Molerats' Group Continues to Target Victims in Middle East "Molerats," an Arabic-speaking advanced persistent threat group that has been targeting victims for several years, is now abusing Facebook accounts, as well as other cloud-based platforms, to deploy previously undocumented malware as part of an ongoing espionage campaign, according to Cybereason.
OpenText Information Management
DECEMBER 10, 2020
In our previous blog, we discussed the reasons that companies are moving to cloud-based content management solutions . In this blog, we’ll cover the features and capabilities that you should look for when selecting a cloud content management platform. Let’s start with a little fresh perspective on the question “what is cloud content management?”. With the … The post How to choose the best cloud content management solutions appeared first on OpenText Blogs.
Data Breach Today
DECEMBER 10, 2020
Watch this webinar with renowned cybersecurity innovator and former CISO of Citi, JP Morgan, and Deutsche Bank, Charles Blauner to lean about the biggest challenges facing security teams today.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
DECEMBER 10, 2020
The proof-of-concept exploit code for the Kerberos Bronze Bit attack was published online, it allows intruders to bypass authentication and access sensitive network services. The proof-of-concept exploit code for the Kerberos Bronze Bit attack, tracked as CVE-2020-17049 , was published online this week. The hacking technique could be exploited by attackers to bypass the Kerberos authentication protocol in Windows environments and access sensitive network-connected services.
Data Breach Today
DECEMBER 10, 2020
Prosecutors Say Sudhish Ramesh Caused $1.4 Million in Damages A former Cisco engineer has been sentenced to serve two years in federal prison after pleading guilty to charges that he hacked his former company, causing $1.4 million in damages.
Dark Reading
DECEMBER 10, 2020
Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.
Data Breach Today
DECEMBER 10, 2020
Information Exposed Includes Payment Card Numbers A Florida-based company that provides support services to hundreds of dental practices in 20 states says it's been hacked, exposing information - including payment card numbers - on more than 1 million patients.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
DECEMBER 10, 2020
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
Information Matters
DECEMBER 10, 2020
Our interviews with founders and leaders of data-driven start-ups continue with this fascinating insight into the work and ambitions of mobile and location-based marketing company, Bubbl. Jo Eckersley, Bubbl’s founder and CEO, shares her experiences of growing a young company in the midst of the COVID-19 epidemic and adapting to a rapidly-changing environment.
Threatpost
DECEMBER 10, 2020
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors.
DLA Piper Privacy Matters
DECEMBER 10, 2020
On December 7 2020, the French Supervisory Authority (CNIL) sanctioned Google LLC (60 million EUR) and Google Ireland (40 million EUR) for installing advertising cookies on users devices without their prior consent and with proper information. In addition, the CNIL issued an injunction to inform properly the users of google.fr in compliance with Article 82 of the French Data Protection Act within three (3) months from the notification of this decision with a late payment penalty of 100.000 EUR p
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
OpenText Information Management
DECEMBER 10, 2020
In previous blogs we’ve covered what constitutes cloud content management and the benefits a cloud-based content management system can bring to your organization. In the final part of our blog series, we’ll take a brief look at the different types of cloud content services available and why hybrid cloud is becoming the preferred adoption model … The post What are the different types of cloud content services?
Security Affairs
DECEMBER 10, 2020
The attack that hit the University of Vermont Medical Center at the end of October is costing the hospital about $1.5 million a day. In October, ransomware operators hit the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The ransomware attack took place on October 28 and disrupted services at the UVM Medical Center and affiliated facilities.
Privacy and Cybersecurity Law
DECEMBER 10, 2020
Chantal Bernier, National Practice Leader, Privacy and Cybersecurity, Dentons Canada LLP Former Interim Privacy Commissioner of Canada. C-11, An Act to enact the Consumer Privacy Protection Act (CPPA) and the Personal Information and Data Protection Tribunal Act, is arguably so balanced and pragmatic that it is reasonable to expect it will become law, essentially as is, before the end of 2021 – barring an election.
Security Affairs
DECEMBER 10, 2020
Cisco addressed a new critical RCE vulnerability that affects several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco has released security updates to address a critical remote code execution (RCE) flaw affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco Jabber is an instant messaging and web conferencing desktop app that delivers messages between users using the Extensible Messaging and Presence Protocol (XMPP).
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
DECEMBER 10, 2020
Ransomware attacks targeting hospitals have exacted a human cost as well as financial.
OpenText Information Management
DECEMBER 10, 2020
As organizations increasingly move mission-critical workloads to the cloud, it’s important to recognize some of the common pitfalls and how best to mitigate their impact. Selecting the correct level of service It is crucial that organizations select the right cloud partners to operate their systems.
Dark Reading
DECEMBER 10, 2020
Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it.
Expert insights. Personalized for you.
322 
Let's personalize your content