Fri.Jan 22, 2021

article thumbnail

Texas Medical Center Breach Affects 640,000

Data Breach Today

Apparent Ransomware Attack Exposed Patient Information An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals.

article thumbnail

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

A universe of devices and technology has fallen into our laps at a speed that organizations struggle to manage effectively. And that boom in devices shows no signs of stopping. In 2019, there were an estimated 9.9 billion Internet of Things (IoT) devices. By 2025, we expect 21.5 billion. As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point.

IoT 140
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

President Biden Orders SolarWinds Intelligence Assessment

Data Breach Today

New Administration Signals Importance of Cybersecurity to National Security Agenda The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack. The moves signal the importance of cybersecurity to President Biden's national security agenda.

article thumbnail

Abusing Windows RDP servers to amplify DDoS attacks

Security Affairs

Threat actors are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. Attackers are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. The Microsoft Remote Desktop Protocol (RDP) is a built-in service in Microsoft Windows operating systems that provides authenticated remote virtual desktop infrastructure (VDI) access to Windows-based workstations and servers.

Access 139
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Biden's COVID-19 Plan Calls for Assessment of Cyberthreats

Data Breach Today

National Intelligence Director to Lead Effort to Protect Vaccines President Joe Biden's COVID-19 response strategy calls for an assessment of "ongoing cyberthreats and foreign interference campaigns targeting COVID-19 vaccines and related public health efforts.

259
259

More Trending

article thumbnail

DreamBus Botnet Targets Linux Systems

Data Breach Today

Researchers Say It Hijacks Powerful Computer Systems to Mine Monero Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.

Mining 268
article thumbnail

KindleDrip exploit – Hacking a Kindle device with a simple email

Security Affairs

KindleDrip : Amazon addressed a number of flaws affecting the Kindle e-reader that could have allowed an attacker to take control of victims’ devices. Security experts at Realmode Labs discovered multiple vulnerabilities in the Kindle e-reader that could have allowed an attacker to take over victims’ devices. The researchers noticed that the “Send to Kindle” feature allows Kindle users to send e-books to their devices as email attachments, a behavior that could be potentially explo

article thumbnail

Researchers Identify SAP Flaw Exploit

Data Breach Today

Unpatched Authentication Vulnerability in SAP Solution Manager Can Make Apps Vulnerable An exploit that takes advantage of an authentication vulnerability in SAP Solution Manager can lead to a compromise of other connected SAP applications, according to Onapsis Research Labs.

article thumbnail

FSB warns Russian businesses of cyber attacks as retaliation for SolarWinds hack

Security Affairs

Russian authorities are alerting Russian organizations of potential cyberattacks launched by the United States in response to SolarWinds attack. The Russian intelligence agency FSB has issued a security alert this week warning Russian organizations of potential cyberattacks launched by the United States in response to the SolarWinds supply chain attack.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Hackers Leave Stolen Email Credentials Exposed

Data Breach Today

Stolen Credentials Stored on Accessible Database Hackers waging a phishing campaign stole more than 1,000 corporate email credentials and then stored the stolen data in a database accessible via a simple Google search, Check Point Research says.

Phishing 262
article thumbnail

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library. The PEAR Archive_Tar class provides handling of tar files in PHP. It supports creating, listing, extracting, and adding to tar files.

Libraries 114
article thumbnail

Analysis: How Will Biden Address Cybersecurity Challenges?

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the cybersecurity challenges the Biden administration must address. Also featured: payments security advice from Verizon; the outlook for the lifting of restrictions tied to the COVID-19 pandemic.

article thumbnail

Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks

Threatpost

Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.

115
115
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

How Cybersecurity Newbs Can Start Out on the Right Foot

Dark Reading

Cybersecurity experts share their savvy tips and useful resources for infosec hopefuls.

article thumbnail

ADT Tech Hacks Home-Security Cameras to Spy on Women

Threatpost

A former ADT employee pleads guilty of accessing customers’ cameras so he could spy on them.

Security 136
article thumbnail

CIA releases UFO ‘Black Vault’ documents early: How to see them online via Fox News

IG Guru

Check out the article here. The post CIA releases UFO ‘Black Vault’ documents early: How to see them online via Fox News appeared first on IG GURU.

article thumbnail

Microsoft Edge, Google Chrome Roll Out Password Protection Tools

Threatpost

The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords.

Passwords 117
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

We need to talk about content

OpenText Information Management

Let’s start with a question: In the current focus on digital initiatives, are energy companies overlooking the importance of content? And, what does that mean? The potential of digital transformation The wave of sweeping themes, like the 4th Industrial Revolution, Industry/Manufacturing 4.0, and the Industrial Internet of Things (IIoT), has become a stimulus for many … The post We need to talk about content appeared first on OpenText Blogs.

article thumbnail

Ransomware Attackers Publish 4K Private Scottish Gov Agency Files

Threatpost

Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve.

article thumbnail

Why North Korea Excels in Cybercrime

Dark Reading

North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.

IT 138
article thumbnail

Discord-Stealing Malware Invades npm Packages

Threatpost

The CursedGrabber malware has infiltrated the open-source software code repository.

Security 118
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Weekly Update 227

Troy Hunt

I'm back into a normal home routine and it's business as usual again. You know, stuff like data breaches, new tech toys and having your genitalia locked in an vulnerable IoT device and held for ransom. Just normal stuff like that ?? References Turing Tumble is a really neat game for kids (it's a "marble powered computer") I bought a LaMetric display (I'll probably plug that into an API to track HIBP subscriber signups) Imagine an IoT chastity belt. with a security vulnerability. that locks your

IoT 72
article thumbnail

Amazon Kindle RCE Attack Starts with an Email

Threatpost

The "KindleDrip" attack would have allowed attackers to siphon money from unsuspecting victims.

IoT 106
article thumbnail

What’s in a name?

OpenText Information Management

With the new roadmap and new set of integrations, OpenText™ would like to re-introduce you to ApplicationXtender. It is now OpenText™ Application Content Management (ACM). Why? The most recent release brought a new roadmap to the product, including: The replacement of the Reports Manager module with a connector to OpenText™ Output Transformation Server.

article thumbnail

Speed of Digital Transformation May Lead to Greater App Vulnerabilities

Dark Reading

The fastest-moving industries are struggling to produce secure code, according to AppSec experts.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos

The Security Ledger

In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also: we talk with Avesta Hojjati of the firm Digicert about the challenge of managing a growing population of digital certificates and how automation may be an answer. The. Read the whole entry. » Related Stories Episode 195: Cyber Monday Super Deals Carry Cyber Risk Episode 198: Must Hear Interviews from 2020 DHS Loo

Risk 52
article thumbnail

Intel Confirms Unauthorized Access of Earnings-Related Data

Dark Reading

News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.

Access 116
article thumbnail

What is the state of European fintech?

Information Matters

Tech.eu in association with Finstar has released a new report, The State of Fintech in Europe. Tech-eu will also be running an event on 10 February to discuss updated findings Read more. The post What is the state of European fintech? appeared first on Information Matters.

52