Security Affairs

OCTOBER 21, 2020

Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The Swedish Post and Telecom Authority announced this week that four wireless carriers bidding for frequencies in an upcoming spectrum auction for the new 5G networks (Hi3G Access, Net4Mobility, Telia Sverige and Teracom) cannot use network equipm

IT 116

IT Military Manufacturing Risk 116

Data Breach Today

OCTOBER 21, 2020

Researchers Find Pfizer Drug Customer Messages Accessible on Internet For the second time within a week, it's been revealed that sensitive voice messages containing patients' information have been exposed on the internet. The latest discovery involves unsecured voice transcripts of patient calls to drug giant Pfizer's automated customer support system.

Access 301

Access IT 301

AIIM

OCTOBER 21, 2020

In this episode of AIIM On Air , I speak with Sue Trombley, Managing Director of Thought Leadership for Iron Mountain. We discuss the biggest impacts on the workplace from Covid-19 and the challenges and opportunities of the new normal of business today. While remote work is a new reality for many organizations and workers, not all people and positions can work from home.

Digital transformation 196

Digital transformation Paper Education IT 196

Data Breach Today

OCTOBER 21, 2020

Indictments Are Just a First Step Toward a Crackdown The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.

Military 301

Military 301

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

OCTOBER 21, 2020

Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers. Microsoft’s Defender team, FS-ISAC , ESET , Lumen’s Black Lotus Labs , NTT , and Broadcom’s cyber-security division Symantec joined the forces and announced last week a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet.

IoT 127

IoT Ransomware Security IT 127

Threatpost

OCTOBER 21, 2020

The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices.

Security 126

Security 126

Data Breach Today

OCTOBER 21, 2020

Hacker Claims to Drop Malicious Plans After Learning of Entity's Mission A recent hacking incident had an unusual twist: The hacker who broke into the network of a Pennsylvania-based nonprofit entity apparently decided against injecting malware or proceeding with other malicious activities after discovering the organization serves individuals with intellectual disabilities.

262

262

Dark Reading

OCTOBER 21, 2020

One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.

Cybersecurity 123

Cybersecurity Data breaches Ransomware 123

Data Breach Today

OCTOBER 21, 2020

Atlanta-Based Maxex Left Software Development Platform Open Maxex, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.

Marketing 245

Marketing IT 245

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

OCTOBER 21, 2020

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included in standard Chrome releases.

Libraries 115

Libraries Security Information Security IT 115

Data Breach Today

OCTOBER 21, 2020

Messages Use an OAuth-Based Consent App to Gain Office 365 Access Fraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4.

Phishing 175

Phishing Access Security 175

Dark Reading

OCTOBER 21, 2020

Lookout Security debuts a mobile endpoint detection and response offering that will integrate into its mobile security platform.

Security 136

Security IT 136

Schneier on Security

OCTOBER 21, 2020

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

Government 109

Government Access 109

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

OCTOBER 21, 2020

The IASME Consortium has been awarded a DCMS grant, enabling the UK organization to kick-start an Internet of Things (IoT) assessment scheme. IASME is looking for manufacturers interested in getting their IoT device certified cyber secure for free via the new pilot scheme.

IoT 111

IoT Manufacturing Security 111

Security Affairs

OCTOBER 21, 2020

Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the CVE-2020-3118 high severity vulnerability that affects multiple carrier-grade routers running the Cisco IOS XR Software. The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR Software and could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a relo

Security 109

Security IT 109

Dark Reading

OCTOBER 21, 2020

To keep pace with intelligent, unpredictable threats, cybersecurity will have to adopt an intelligent security of its own.

Phishing 125

Phishing Cybersecurity Security IT 125

Threatpost

OCTOBER 21, 2020

Over half of Oracle's flaws in its quarterly patch update can be remotely exploitable without authentication; two have CVSS scores of 10 out of 10.

Authentication 112

Authentication Financial Services IT Retail 112

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

National Archives Records Express

OCTOBER 21, 2020

The next post in our Federal Government transition series highlights the need to manage official email and social media accounts of senior officials as they enter and exit Federal Service. It is very important for these officials to keep personal materials separate from official accounts or systems. This avoids the laborious and difficult task of reviewing voluminous materials when leaving the agency.

Records Management 98

Records Management Government Communications IT 98

Threatpost

OCTOBER 21, 2020

The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.

Security 115

Security Government 115

Dark Reading

OCTOBER 21, 2020

The 12 points seek to provide security professionals with advice on ethical behavior during incident response.

Security 126

Security 126

Threatpost

OCTOBER 21, 2020

The ransomware gang claims to have bought network access to the bookseller's systems before encrypting the networks and stealing "financial and audit data.".

Encryption 97

Encryption Ransomware Access 97

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

OCTOBER 21, 2020

Seedworm Group, aka MuddyWater, is also deploying commodity ransomware as part of espionage attacks on companies and government agencies in the Middle East region.

Ransomware 113

Ransomware Government 113

Threatpost

OCTOBER 21, 2020

The memory-corruption vulnerability exists in the browser’s FreeType font rendering library.

Libraries 111

Libraries Security 111

Dark Reading

OCTOBER 21, 2020

A few lines of code and two API calls is all that it takes for developers to add encryption to their applications, startup says.

Encryption 118

Encryption IT 118

OpenText Information Management

OCTOBER 21, 2020

The world is not changing. It has changed. These changes are deep. Structural. Lasting. We must use this opportunity to rethink on a massive scale. Rethink the nature of humanity and the evolution of our species on every level: Economic, Societal, Technological, Individual, Environmental, Educational, Geopolitical, Industries. There has never been a more important time … The post OpenText World 2020—Are You Ready for the Great Rethink?

Education 69

Education IT 69

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

OCTOBER 21, 2020

October's CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.

Authentication 80

Authentication Security 80

IG Guru

OCTOBER 21, 2020

Check out this post by John Mancini on CMS Wire about US Federal Records over the last 4 years. The post How Will the History of the Last 4 Years Be Recorded? via CMS Wire appeared first on IG GURU.

CMS 68

CMS Records Management Information governance Government 68

Dark Reading

OCTOBER 21, 2020

Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.

IT 88

IT 88