KnowBe4
APRIL 18, 2022
Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are using this technique. Researchers at Mandiant observed the Russian state-sponsored actor Cozy Bear launching repeated MFA prompts until the user accepted the request.
Data Breach Today
APRIL 18, 2022
Expanded Rewards Follow FBI Attributing Ronin Network Hack to Lazarus Group The U.S. government is offering up to $5 million for information that helps disrupt the illicit flow of funds to North Korea, including via cryptocurrency exchange hacks and ransomware. The expanded reward comes as the FBI has attributed a $620 million cryptocurrency heist to North Korean hackers.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
APRIL 18, 2022
Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not. During such reconnaissance operations, attackers collect relevant data about their victims, but it’s not without risks for them.
Data Breach Today
APRIL 18, 2022
Wind Turbine Maker Forced to Shut All IT Systems The Conti ransomware gang has claimed responsibility for the March 31 cyberattack on German wind turbine manufacturer Nordex, which was forced to turn off its IT systems at multiple locations across several business units. The Russia-linked threat group has added Nordex as a victim on its leak site.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
APRIL 18, 2022
US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Hunton Privacy
APRIL 18, 2022
On April 11, 2022, Federal Trade Commission Chair Lina Khan spoke at the opening of the International Association of Privacy Professionals’ Global Privacy Summit. This speech marks Khan’s first major privacy address since her appointment last June. In her remarks, Khan stated that the FTC has been focused on adapting its existing authority to address and rectify unlawful data practices.
Data Breach Today
APRIL 18, 2022
New guidance provides healthcare entities and medical device makers a jump-start for negotiating critical cybersecurity issues pertaining to procurement contracts, says Jim Jacobson of device manufacturer Siemens Healthineers, co-chair of an industry group that developed the contract template.
ARMA International
APRIL 18, 2022
It is essential that your organization’s records retention schedule is compliant with the data protection requirements in the jurisdictions where your organization operates. This task may seem overwhelming since jurisdictions around the world are enacting new laws, regulations, and requirements; and organizations are continuing to expand their jurisdictional footprint.
Data Breach Today
APRIL 18, 2022
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm Bracket f Inc.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
APRIL 18, 2022
IT departments must account for the business impact and security risks such applications introduce.
Threatpost
APRIL 18, 2022
Fortinet's Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.
Security Affairs
APRIL 18, 2022
A new marketplace named Industrial Spy that focuses on the sale of stolen data appeared in the threat landscape. Malware HunterTeam and Bleeping Computer reported the born of a new marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members. MalwareHunterTeam researchers spotted malware samples [ 1 , 2 ] that drop the following wallpaper that promotes the site.
KnowBe4
APRIL 18, 2022
A phishing campaign is targeting African banks with a technique called “HTML smuggling” to bypass security filters, according to threat researchers at HP.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
APRIL 18, 2022
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion that occurred in the previous weeks: April 16 – The unceasing action of Anonymous against Russia. This week the Anonymous collective and its affiliates have targeted multiple Russian organizations stealing gigabytes of data.
Hunton Privacy
APRIL 18, 2022
On April 8, 2022, the New York Bar issued an opinion to protect “confidential” client identity information stored on an attorney’s smartphone. In particular, the opinion prohibits an attorney who stores “confidential” (as defined under Rule 1.6 of the New York Rules of Professional Conduct) client identity information in the attorney’s “contacts” folder on the attorney’s smartphone from consenting to share their “contacts” with a smartphone app, unless certain criteria are met.
IG Guru
APRIL 18, 2022
Check out the article here. The post Virginia police routinely use secret GPS pings to track people’s cell phones via Inside NoVa appeared first on IG GURU.
Dark Reading
APRIL 18, 2022
Companies need to detect and counteract brute-force and enumeration attacks before fraudsters run away with their customers' funds.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Jamf
APRIL 18, 2022
In this edition of the macOS Security Basics series, we dive headfirst into the battle between Virtual Private Networking (VPN) and Zero Trust Network Access (ZTNA) to determine which of the two technologies is best suited to securing your network communications across your entire device fleet based on how they function, their features and capabilities at keeping traffic safe from bad actors.
Dark Reading
APRIL 18, 2022
Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings — a key component of DevSecOps.
Collibra
APRIL 18, 2022
Metadata management is a cross-organizational agreement on how to define informational assets. The first blog of this series discusses how businesses are increasingly realizing the need for metadata management to drive data governance, compliance, collaboration and higher data quality. This blog focuses on the best practices for metadata management.
Dark Reading
APRIL 18, 2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Info Source
APRIL 18, 2022
For Immediate Release: April 12, 2022. Media Contacts: Cheri Baker; Director, Communications (240) 215-0224 x 228 Matthew McCabe; Vice President, Sales & Marketing (240) 215-0224 x 210. Frederick, Maryland and Niederdreisbach, Germany– The Crowley Company(Crowley) has been tapped by ROTH + WEBER GmbH to represent its innovative large format ROWE scan systems in North America and the United Kingdom.
Dark Reading
APRIL 18, 2022
Swimlane’s Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.
Krebs on Security
APRIL 18, 2022
Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” On April 13, Microsoft said it executed a legal sneak atta
Dark Reading
APRIL 18, 2022
Study shows that more than 35% have suffered seven or more successful attacks.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
APRIL 18, 2022
The ongoing war in Ukraine means that defenses are only as good and as strong as those with whom we partner.
Expert insights. Personalized for you.
110 
Let's personalize your content