Data Breach Today
DECEMBER 23, 2020
Ret. Gen. Keith Alexander on How Public and Private Sectors Must Respond He has commanded armed forces and directed the NSA. Now, he's president of vendor IronNet Cybersecurity. From this unique perspective, retired General Keith Alexander says the SolarWinds breach is "a call for action.
Threatpost
DECEMBER 23, 2020
Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 23, 2020
Researchers: Fraudsters Offer Lure of $600 Payment for Pandemic Relief A recently uncovered phishing campaign is spoofing messages from the New York State Department of Labor, claiming to offer $600 as part of a COVID-19 relief program, according to Abnormal Security. The goal is to harvest personally identifiable information.
Schneier on Security
DECEMBER 23, 2020
Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian GRU back in August. The details display some impressive traffic analysis. Navalny got a confession out of one of the poisoners, displaying some masterful social engineering. Lots of interesting opsec details in all of this.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
DECEMBER 23, 2020
Fraudsters Attempt to Steal Money, Personal Information The FBI is warning that fraudsters are exploiting the recent news surrounding the availability of COVID-19 vaccines to launch schemes designed to steal personal information and money.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 23, 2020
Researchers: Malware Revamped to Better Avoid Network Defenses After a nearly two-month hiatus, the Emotet botnet recently sprung back to life with a fresh spamming and phishing campaign designed to spread other malware as secondary payloads, according to security researchers. The botnet has also been revamped to better avoid network defenses.
Adam Levin
DECEMBER 23, 2020
Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. In a press release issued December 22, U.S. Attorney Matthew Schneider announced the action, called “Operation Nova,” which disrupted the activities of a so-called “bulletproof hosting service” in coordination with Europol and law enforcement agencies from Germany, France, Switzerland, and the Netherlands.
Data Breach Today
DECEMBER 23, 2020
Group Uses JavaScript Sniffer to Steal Payment Card Data A cybercriminal gang known as "UltraRank" has launched a new campaign, targeting at least a dozen e-commerce sites to steal payment card data using a JavaScript sniffer, says security firm Group-IB.
IT Governance
DECEMBER 23, 2020
Welcome to the second part of our cyber security review of 2020, in which we look back at the biggest stories from July to December. You can read the first part here >>. July. With COVID-19 under control, the UK government announced that lockdown measures would be eased from 4 July, with pubs, cafés, cinemas and museums allowed to reopen. Unfortunately, there was a hitch, with the government forced to scrap its original track and trace app, pushing the launch date back by months.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
DECEMBER 23, 2020
SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.
eSecurity Planet
DECEMBER 23, 2020
The COVID-19 pandemic of 2020 has forced enterprises of all sizes and industries to adopt new work approaches that keep employees safe at home while ensuring productivity and security. Not only have videoconferencing applications such as Zoom, Skype, and Cisco Webex gone through the roof in usage, but new and more sophisticated networking and security products are also in high demand.
Data Breach Today
DECEMBER 23, 2020
Nuance Communications' Simon Marchand Offers Strategic Insights Data collected through customer identity and access management can play an important role in fraud investigations, says Simon Marchand, chief fraud prevention officer at Nuance Communications.
Threatpost
DECEMBER 23, 2020
The nation-state actor is looking to speed up vaccine development efforts in North Korea.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
DECEMBER 23, 2020
A group including Goldman Sachs Merchant Banking Division, ClearSky Security, and NightDragon has purchased the human verification technology company.
Threatpost
DECEMBER 23, 2020
Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot.
Dark Reading
DECEMBER 23, 2020
Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process.
Hunton Privacy
DECEMBER 23, 2020
On December 18, 2020, federal financial regulatory agencies, including the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency (collectively, the “Agencies”) announced a proposed rule (the “Proposed Rule”) that would require “banking organizations” to notify their primary federal regulator within 36 hours following any “computer-security incident” that rises to the level of a “notification incident.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
DECEMBER 23, 2020
Researchers attribute attacks targeting a pharmaceutical company and a government ministry related to COVID-19 response.
Threatpost
DECEMBER 23, 2020
Jason Kent, hacker-in-residence at Cequence, walks through online-retail card fraud and what to do about it.
Dark Reading
DECEMBER 23, 2020
Industry group wants to get a framework in the hands of the new administration's cybersecurity officials by early spring 2021.
IG Guru
DECEMBER 23, 2020
December 17, 2020 The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic […].
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Information Matters
DECEMBER 23, 2020
Our interviews with leaders of some of the most innovative, data-driven companies in the UK continues with this conversation with Rael Cline, Co-Founder and CEO of Nozzle. For obvious reasons, ecommerce has taken a huge leap forward over the last 9 months. Amazon has been a major beneficiary of this with the company’s global headcount Read more. The post Nozzle – building an AI-powered business on the Amazon platform appeared first on Information Matters - Data-Driven Innovation in the UK.
Adam Shostack
DECEMBER 23, 2020
Congratulations to the Chinese for the success of their Chang’e 5 lunar sample return mission! The complexity of landing a robot on the moon and returning it safely to Earth is enormous. In contrast to the Apollo series of missions, which launched and returned inside of a week, Chang’e took a week to get to the moon, and two weeks to return.
Data Matters
DECEMBER 23, 2020
On December 15, 2020, the U.S. Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR). 1 The NPR is a joint proposal by the Office of the Comptroller (OCC), the Board of Governors of the Federal Reserve System (Board), and the FDIC.
WIRED Threat Level
DECEMBER 23, 2020
Trump's White House has long been AWOL on cybersecurity. That lack of oversight almost seemed to be working—until the SolarWinds hack.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
John Battelle's Searchblog
DECEMBER 23, 2020
From the Department of Didn’t See THAT Coming… Yes, it’s true: Last year, I did not predict a global pandemic in 2020. COVID is a gravitational force that warps everything it touches, so I approach this annual ritual of self-grading with trepidation. As I start, I honestly don’t remember what I predicted twelve months ago…but regardless, I’m expecting a train wreck.
eSecurity Planet
DECEMBER 23, 2020
Just when it seemed that 2020 couldn’t get any weirder, news broke that Russian state-sponsored hackers had spent much of the year exploiting vulnerabilities in SolarWinds ‘ widely used Orion IT management software to hack into major federal agencies and corporations. Suddenly the year wasn’t about the massive shift toward remote work caused by the COVID-19 pandemic, so in a way the incident had a feeling of normalcy by returning the focus to timeless IT security issues – with
Expert insights. Personalized for you.
246 
Let's personalize your content