KnowBe4

JUNE 7, 2022

What is a security tech stack? This is a bare-bones quick overview.

Security 100

Security IT 100

Krebs on Security

JUNE 7, 2022

Netflix has a new documentary series airing next week — “ Web of Make Believe: Death, Lies & the Internet ” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “ swatting ” — wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.

IT 267

IT 267

Data Breach Today

JUNE 7, 2022

A Chapter of the New Book 'Heuristic Risk Management' by Michael Lines Michael Lines is working with ISMG to promote awareness of the need for cyber risk management, and the CyberEdBoard is posting draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter - the last in the series - is titled "Building an Effective Defense.

Risk 262

Risk 262

The Last Watchdog

JUNE 7, 2022

Writing a code can be compared to writing a letter. Related: Political apps promote division. When we write a letter, we write it in the language we speak — and the one that the recipient understands. When writing a code, the developer does it in a language that the computer understands, that is, a programing language. With this language, the developer describes a program scenario that determines what the program is required to do, and under what circumstances.

Risk 197

Risk Passwords Compliance Security 197

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

JUNE 7, 2022

Shields Health Care Group Says PHI Was Stolen in March Incident A hacking incident involving data theft from a prominent provider of medical imaging services in Massachusetts has affected 2 million individuals, making it the largest health data breach reported to federal regulators so far this year. The company says the data was stolen in March.

Data breaches 246

Data breaches IT 246

Data Breach Today

JUNE 7, 2022

Attack Ongoing for at Least 5 Days; Affected Systems Shut Down, Isolated A cyberattack on the municipality of Palermo, which began on Thursday, reportedly continues to cripple the southern Italian city on Monday. The attack caused the municipality's systems and dependent services to be shut down and isolated, and local citizens and tourists alike have been affected.

243

243

Dark Reading

JUNE 7, 2022

By using artificial intelligence to predict how an attacker would carry out their attack, we can deploy defenses and preemptively shut down vulnerable entry points.

Artificial Intelligence 131

Artificial Intelligence 131

Data Breach Today

JUNE 7, 2022

New Firm Will Address Strengthening Safety Services, Cybersecurity Investments A new, as yet unnamed Airbus organization will address potential cyberthreats beginning July 1, amid the increasing digitalization and interconnectedness of the company's products and systems. The new firm will house all of Airbus' cybersecurity services and make key investments in the space.

Cybersecurity 241

Cybersecurity 241

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. The researchers also noticed that the group shares numerous overlaps with the cybercrime gang Evil Corp.

Ransomware 122

Ransomware Access Security Cybersecurity 122

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

JUNE 7, 2022

Unauthorized Access to TV Station CDN Servers Enabled Attackers to Reroute Traffic The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcaster. Traffic was rerouted to a Russian propaganda-based channel, the SSSCIP says.

Access 219

Access 219

KnowBe4

JUNE 7, 2022

A new phishing method uses a decades-old special URL format to take advantage of how security solutions and email clients interpret URLs, tricking victims into clicking.

Phishing 116

Phishing Security 116

Dark Reading

JUNE 7, 2022

The innovative ransomware targets NAS devices, has a multitiered payment and extortion scheme as well as a flexible configuration, and takes a heavily automated approach.

Ransomware 116

Ransomware 116

KnowBe4

JUNE 7, 2022

The world’s five leading cybersecurity authorities have again issued a joint report about an increase in malicious cyber activity targeting managed service providers they expect to continue.

Cybersecurity 110

Cybersecurity Security awareness Security 110

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

JUNE 7, 2022

A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans.

125

125

Hunton Privacy

JUNE 7, 2022

On May 26, 2022, California Attorney General Rob Bonta issued a press release reminding health app providers that California’s Confidentiality of Medical Information Act (“CMIA”) applies to mobile apps that are designed to store medical information, which includes health apps such as fertility trackers. The press release reminds health app providers that the CMIA requires businesses to preserve the confidentiality of medical information and prohibits the disclosure of medical information without

Privacy 102

Privacy Authentication Information Security Risk 102

WIRED Threat Level

JUNE 7, 2022

MongoDB claims its new “Queryable Encryption” lets users search their databases while sensitive data stays encrypted. Oh, and its cryptography is open source.

Encryption 105

Encryption IT Privacy Security 105

Hanzo Learning Center

JUNE 7, 2022

When it comes to making sure financial data is safe and meets compliance regulations, understanding the different regulatory bodies and how they affect your organization is a vital first step.

Compliance 98

Compliance Archiving IT 98

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

WIRED Threat Level

JUNE 7, 2022

MongoDB claims its new “Queryable Encryption” lets users search their databases while sensitive data stays encrypted. Oh, and its cryptography is open source.

Encryption 105

Encryption IT Privacy Security 105

KnowBe4

JUNE 7, 2022

The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were due to investment scams, in which people are tricked into buying cryptocurrency with the promise of a large return. Notably, younger people (aged 20 to 49) are more than three times as likely to fall for cryptocurrency scams than older people.

Phishing 96

Phishing 96

Dark Reading

JUNE 7, 2022

Panelists from an RSA Conference keynote agreed that organizations need to begin work on PQC migration, if they haven't already.

116

116

WIRED Threat Level

JUNE 7, 2022

Apps collect sensitive data that could be subpoenaed by law enforcement or sold by data brokers.

Risk 129

Risk Privacy Security 129

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

JUNE 7, 2022

As Mandiant CEO Kevin Mandia's company prepares to become part of Google, the incident response company continues to investigate many of the most critical cyber incidents.

95

95

WIRED Threat Level

JUNE 7, 2022

Apps collect sensitive data that could be subpoenaed by law enforcement or sold by data brokers.

Risk 129

Risk Privacy Security 129

KnowBe4

JUNE 7, 2022

New data from security vendor Sophos shows that while the presence of cyber insurance coverage has increased, it’s the experiencing of attacks that’s driving the need.

Insurance 95

Insurance Security Cybersecurity 95

Dark Reading

JUNE 7, 2022

Brands should be vigilant to ensure sites and listings promoting NFTs for sale are legitimate and not being used as an instrument by fraudsters to swindle customers.

Sales 96

Sales 96

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Jamf

JUNE 7, 2022

Jamf has expanded our program to offer Jamf Nation User Conference (JNUC) sponsorships to 10 people from underrepresented groups within the technology sector.

98

98

KnowBe4

JUNE 7, 2022

A new survey of executives sheds light on how well organizations fared with cyberattacks in the last 12 month as well as what attack vectors are going to increase future breaches.

Phishing 88

Phishing Security awareness Security 88

Threatpost

JUNE 7, 2022

Insider Risk Management requires a different approach than to those from external threats. IRM is unique from other domains of security in that the data sources which serve as inputs are as often people as they are tools. Shifting the analyst‘s mindset when handling risks presented by insiders requires us to move through the stages of inquiry, investigation, and determining outcomes.

Risk 85

Risk Security 85