Security Affairs
DECEMBER 16, 2021
The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin privileges. Lenovo laptops, including ThinkPad and Yoga families, are affected by a privilege elevation issues that resides in the ImControllerService service allowing attackers to execute commands with admin privileges.
Krebs on Security
DECEMBER 16, 2021
A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
DECEMBER 16, 2021
In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. Related: The targeting of supply chains. While some of these efforts have been successful, and may prevent more damage from being done, it is important to realize that headline news is a lightning rod for more attacks.
Thales Cloud Protection & Licensing
DECEMBER 16, 2021
What Are the Cyber Security Trends Around the World? madhav. Thu, 12/16/2021 - 10:36. Technological and societal developments and a pandemic have utterly changed the business landscape as we knew it. Enterprises have massively adopted multiple cloud platforms, moving data, applications and services outside the traditional corporate perimeter. At the same time, the COVID-19 crisis illustrated how criminals actively take advantage of a vulnerable society.
Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage
Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, CTO of Betterworks, will explore a practical framework to transform Generative AI prototypes into
Security Affairs
DECEMBER 16, 2021
Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library. The CVE-2021-45046 received a CVSS score of 3.7 and affects Log4j versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 (which was released to fix CV
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
DECEMBER 16, 2021
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems.
Hunton Privacy
DECEMBER 16, 2021
On December 6, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP published a white paper on “ Bridging the DMA and the GDPR – Comments by the Centre for Information Policy Leadership on the Data Protection Implications of the Draft Digital Markets Act ” (the “White Paper”). The European Commission’s draft Digital Markets Act (“DMA”) is a proposal for a regulation on “contestable and fair markets” in the digital sector, setting forth obligations for digital
Security Affairs
DECEMBER 16, 2021
Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked Lazarus APT group in attacks aimed at the defense industry.
IT Governance
DECEMBER 16, 2021
You may have seen people talk this week about Log4Shell and the damage that it’s causing. The zero-day exploit has people worried, with some saying that it’s “ set the Internet on fire ” or that it “ will haunt [us] for years ”? But just how concerned should you be and is there anything you can do to protect yourself? What is Log4Shell? Log4Shell is a remote code execution exploit that’s found in versions of log4j, the popular open-source Java logging library.
Advertisement
Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?
Dark Reading
DECEMBER 16, 2021
A look at why this is such a tricky vulnerability and why the industry response has been good, but not great.
Data Matters
DECEMBER 16, 2021
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. Tune in here. The episode can also be found on various streaming platforms, including Apple Podcasts , Spotify , and Amazon Music.
Threatpost
DECEMBER 16, 2021
It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks.
The Security Ledger
DECEMBER 16, 2021
In this episode of the podcast (#232), Tomislav Peri?in of the firm ReversingLabs joins us to talk about Log4Shell, the vulnerability in the ubiquitous Log4j Apache library. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses. The post Episode 232: Log4j. Read the whole entry. » Click the icon below to listen.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Threatpost
DECEMBER 16, 2021
The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access.
Security Affairs
DECEMBER 16, 2021
Nation-state actors from China, Iran, North Korea, and Turkey are attempting to exploit the Log4Shell vulnerability to in attacks in the wild. Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Some of the groups exploiting the vulnerability are China-linked Hafnium and Iran-linked Phosphorus , the former group is using the flaw to attack virtualization infrast
Dark Reading
DECEMBER 16, 2021
As mandatory reporting bills work their way through the halls of Congress, what should businesses do to prepare for this pending legislation?
WIRED Threat Level
DECEMBER 16, 2021
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Advertisement
Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.
Rocket Software
DECEMBER 16, 2021
The Rocket team knows that true success with a solution requires more than just the right tools—it requires a network of support to leverage the full capabilities of those tools. To this end, Rocket has built in the value to never let a customer fail into all of our products and services. We strive to create a community that shares experience and knowledge to gain the most value from our solutions and ensure they are meeting customer needs.
Threatpost
DECEMBER 16, 2021
Analysts warn that the attack group, now known as 'Earth Centaur,' is honing its attacks to go after transportation and government agencies.
Dark Reading
DECEMBER 16, 2021
The new API and SDK from Pixalate helps mobile developers avoid getting their apps delisted from app stores by detecting and blocking fraudulent traffic.
eDiscovery Daily
DECEMBER 16, 2021
Now that most industries are going paperless, companies must create a comprehensive data retention policy. The purpose of a data retention policy is to establish procedures for labeling, storing, and deleting electronic (and physical) records. [1] Most companies acknowledge the need for a retention policy, but they don’t commit to creating one.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
DECEMBER 16, 2021
A new variant dubbed "Twizt" has hijacked 969 transactions and stolen the equivalent of nearly $500,000 USD.
WIRED Threat Level
DECEMBER 16, 2021
While NSO Group gets most of the attention, the takedowns underscore how insidious the industry has become.
IG Guru
DECEMBER 16, 2021
Check out the article here. The post Deadly Collapse at Amazon Warehouse Puts Spotlight on Phone Ban via Bloomberg appeared first on IG GURU.
Information Matters
DECEMBER 16, 2021
Zurich Insurance Group has announced it is to acquire AlphaChat, an Estonian provider of conversational AI. The technology will bolster Zurich’s customer service automation efforts and take the firm further Read more. The post Zurich doubles down on digital investments with purchase of AlphaChat appeared first on Information Matters - How Real Companies Are Using AI.
Advertisement
While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.
Record Nations
DECEMBER 16, 2021
As we continue on with our “Who We Are” video series, we’d like to take this opportunity to introduce you to Janet Randolph. Janet is one of the pillars of our business, as she is the director of two departments. She acts as both our head of accounting, as well as our head of human […]. The post Who We Are – Janet Randolph: Director of Accounting & HR appeared first on Record Nations.
Collibra
DECEMBER 16, 2021
For years, leaders in the tech industry have sought to diversify their companies. Diversity is the foundation of agile, dynamic and creative teams. But despite efforts, the tech industry is still lacking holistic diversity in the workplace. A recent study shows that in technology, ethnic communities — the Black and Latinx communities included — make up less than 5% of the workforce in technology.
Hanzo Learning Center
DECEMBER 16, 2021
This month I have the pleasure to interview Parker Morris. She's a fitness and nutrition enthusiast, a global traveler, and a master at seizing the fun. But don't underestimate this cheerful spirit; at her core, she's determined, kind, and relentless in her pursuit to bring value to the team and the enterprise clients she serves.
Expert insights. Personalized for you.
135 
Let's personalize your content