Fri.Oct 04, 2019

article thumbnail

Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners

Data Breach Today

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks. But cybercrime attackers are increasingly running targeted campaigns, security researchers warn.

Mining 226
article thumbnail

MY TAKE: The case for assessing, quantifying risks as the first step to defending network breaches

The Last Watchdog

It’s clear that managed security services providers (MSSPs) have a ripe opportunity to step into the gap and help small- to medium-sized businesses (SMBs) and small- to medium-sized enterprises (SMEs) meet the daunting challenge of preserving the privacy and security of sensitive data. Related: The case for automated threat feeds analysis Dallas-based Critical Start is making some hay in this space — by striving to extend the roles traditionally played by MSSPs.

Risk 120
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Analysis: Huawei's US Trust Problem

Data Breach Today

The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack.

article thumbnail

Iran Caught Targeting US Presidential Campaign Accounts

Dark Reading

Microsoft detected the so-called Phosphorus nation-state gang attacking 241 user accounts associated with a US presidential campaign, current and former US government officials, journalists, others.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

URGENT/11 Vulnerabilities: Taking Action

Data Breach Today

Healthcare organizations can take steps to start mitigating risks while awaiting vendor software patches to address URGENT/11 IPnet vulnerabilities in their medical devices, says researcher Ben Seri of security firm Armis, which identified the flaws.

Risk 160

More Trending

article thumbnail

Preparing for Security in Cloud 3.0

Data Breach Today

Attorney Lisa Lifshitz on Addressing Legal, Regulatory Concerns She wrote the book on Cloud 3.0, and now attorney Lisa Lifshitz shares insights on key considerations for choosing cloud providers, as well as how to ensure compliance with emerging regulations.

Cloud 160
article thumbnail

8 Ways Businesses Unknowingly Help Hackers

Dark Reading

From lengthy email signatures to employees' social media posts, we look at the many ways organizations make it easier for attackers to break in.

IT 87
article thumbnail

Facebook Pressured Over Encrypted Messaging Plans

Data Breach Today

US, UK and Australia Push for Law Enforcement Access Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., U.K. and Australia are asking Facebook to ensure law enforcement can access messages.

article thumbnail

Top 10 Cybersecurity Writing Mistakes

Lenny Zeltser

Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I’ve encountered when working as a cybersecurity professional. The mistakes you’ll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: Structure Look Words Tone Information.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Wearing Two Hats: CISO and DPO

Data Breach Today

What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.

Sales 155
article thumbnail

More Cryptanalysis of Solitaire

Schneier on Security

In 1999, I invented the Solitaire encryption algorithm , designed to manually encrypt data using a deck of cards. It was written into the plot of Neal Stephenson's novel Cryptonomicon , and I even wrote an afterward to the book describing the cipher. I don't talk about it much, mostly because I made a dumb mistake that resulted in the algorithm not being reversible.

article thumbnail

Nigerian Man Charged in Phishing Scam Targeting US Agencies

Data Breach Today

Enters Not Guilty Plea in Alleged $1 Million Scheme A Nigerian man charged with helping to run a $1 million phishing scheme that targeted the Government Services Administration and other agencies has been extradited to the U.S., where he has pleaded not guilty to a wire fraud charge, according to the Justice Department.

Phishing 149
article thumbnail

Tracking by Smart TVs

Schneier on Security

Long Twitter thread about the tracking embedded in modern digital televisions. The thread references three academic papers.

Paper 84
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Canada's 2020 Privacy Outlook

Data Breach Today

Former Regulator Robin Gould-Soil on Convergence of Privacy, Security Former regulator Robin Gould-Soil has a unique perspective, with experience in both the public and private sectors. She weighs in on the convergence of privacy legislation and cybersecurity.

Privacy 134
article thumbnail

Rethinking Cybersecurity Hiring: Dumping Resumes & Other 'Garbage'

Dark Reading

In a market that favors the job seeker, what are some alternatives to resume-sifting that will identify the talent you need?

article thumbnail

Just How Widespread Is Ransomware Epidemic?

Data Breach Today

article thumbnail

Complex Environments Cause Schools to Struggle for Passing Security Grade

Dark Reading

As ransomware attacks surge against school systems, an analysis of 1,200 K-12 institutions in North America shows complex environments and conflicting security controls.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

AG Barr, Officials to Facebook: Don’t Encrypt Messaging

Threatpost

Officials say they are concerned about their ability to fight crime and protect citizens, while privacy advocates remain critical of government interference.

article thumbnail

Cybercrime: AI's Growing Threat

Dark Reading

Cyberecurity incidents expected to rise by nearly 70% and cost $5 trillion annually by 2024.

88
article thumbnail

Iranian Hackers Targeted a US Presidential Candidate

WIRED Threat Level

A revelation from Microsoft offers a chilling reminder that Russia is not the only country interested in swaying the 2020 election.

article thumbnail

Android 0-Day Seen Exploited in the Wild

Dark Reading

The local privilege escalation vulnerability affects Pixel, Samsung, Huawei, Xiaomi, and other devices.

82
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Google Warns of Android Zero-Day Bug Under Active Attack

Threatpost

Flaw impacts 18 Android models including Google’s flagship Pixel handset as well as phones made by Samsung, Huawei and Xiaomi.

article thumbnail

FBI Investigates Mobile Voting Intrusion

Dark Reading

A group tried to access West Virginia's mobile voting app in 2018; now, the FBI is looking into what actually happened.

Access 76
article thumbnail

Virus Bulletin 2019: VoIP Espionage Campaign Hits U.S. Utilities Supplier

Threatpost

An attacker whose motives are unclear compromised an Asterisk server in a highly targeted campaign.

78
article thumbnail

Behind this AI is the woman shaping its future: Meet Kelly Combs, KPMG

IBM Big Data Hub

Learn how Kelly Combs, a recognized woman leader in AI, steers responsible AI in KPMG with IBM Watson OpenScale.

IT 68
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Facial recognition row: police gave King's Cross owner images of seven people

The Guardian Data Protection

Met has apologised after Camden police passed on images to surveillance scheme Images of seven people were passed on by local police for use in a facial recognition system at King’s Cross in London in an agreement that was struck in secret, the details of which were made public for the first time today. A police report , published by the deputy London mayor Sophie Linden on Friday, showed that the scheme ran for two years from 2016 without any apparent central oversight from either the Metropoli

Privacy 49
article thumbnail

How Scanning and Storage Come Together to Save You Money

Record Nations

Choosing between scanning and digitally storing your documents or just using a hard copy filing system can be difficult. On one hand, digital storage makes it easier to find what you’re looking for as well as saving space. On the other hand, scanning your files costs money while using your existing system is free. Fortunately, […]. The post How Scanning and Storage Come Together to Save You Money appeared first on Record Nations.

IT 47
article thumbnail

Supporting the environmental intelligence mission at NOAA

RFID Global Solution, Inc.

RFID Global announced it has received a contract pursuant to an award issued by the U.S. Department of Commerce for the National Oceanic and Atmospheric Association (NOAA). NOAA is America’s environmental intelligence agency. From daily weather forecasts, severe storm warnings and climate monitoring to fisheries management, coastal restoration and supporting marine commerce, NOAA’s products and services enrich … Supporting the environmental intelligence mission at NOAA Read More ».

IT 45