Krebs on Security

JUNE 9, 2020

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Ransomware 352

Ransomware Systems administration Cybersecurity Personal data 352

Data Breach Today

JUNE 9, 2020

Can't Stop the Crypto-Locking Malware Attacks? Criminals Keep Hitting Big Targets Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.

Ransomware 335

Ransomware Security IT 335

AIIM

JUNE 9, 2020

In this series, we've been exploring the intersection of IIM policy and the law in order to help IIM practitioners and legal specialists work together more effectively by gaining a better understanding of the relationship between the two. So far, we've covered: Part 1 - IIM Policies and The Principle of Hearsay. Part 2 - IIM Policies and "Ordinary Course of Business".

Risk 126

Risk Sales Education Compliance 126

Data Breach Today

JUNE 9, 2020

Food-Like Labeling for Connected Devices Developed by Carnegie Mellon University With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose.

Privacy 312

Privacy IoT Security Risk 312

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

OpenText Information Management

JUNE 9, 2020

Remote work teams around the world are showing that despite today’s extraordinary circumstances, we can still churn out hearty levels of productivity. But it’s challenging. Maybe it’s our innate desire for connection or our drive to escape social isolation, but lately many of us are missing our teammates and the buzz of an office environment. … The post How to keep your remote work team together appeared first on OpenText Blogs.

121

121

WIRED Threat Level

JUNE 9, 2020

Just like with foods that display health information the package, researchers are exploring a tool that details how connected devices manage data.

IoT 131

IoT Privacy Security 131

Data Breach Today

JUNE 9, 2020

Proofpoint Analysts Find Connections Between New Trojan and Other Attacks Several U.S. energy providers have been targeted by a spear-phishing campaign attempting to spread a recently discovered Trojan called FlowCloud, according to Proofpoint research. The analysts have found connections between these attacks and another campaign using malware called LookBack.

Phishing 256

Phishing 256

OneHub

JUNE 9, 2020

We’re excited to announce the launch of the new Onehub iOS app! We’ve spent most of the year rebuilding the app from the ground up to make it look, feel, and work even better than before. The new Onehub for iOS is faster, easier-to-use, completely redesigned, and packed with new features. With the redesigned Onehub app you can be as productive on-the-go as you would be in the office.

Access 97

Access Security IT 97

Data Breach Today

JUNE 9, 2020

Lack of Oversight Led to a National Security Risk; Major Changes Recommended A U.S. Senate report found that three Chinese telecommunications firms operated in the United States for two decades without proper oversight from the federal agencies that were assigned to provide security guidance and advice to the Federal Communications Commission.

Communications 248

Communications Risk Security 248

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

IT Governance

JUNE 9, 2020

BT’s external auditor, KPMG, has issued an “adverse opinion” of the telecom giant’s internal financial reporting controls in another blow to its accounting credibility. KPMG found that BT had misstated its financial statements as a result of “material weaknesses related to general IT controls and risk assessments”. The announcement comes three years after auditors discovered accounting irregularities in BT Italia, which wiped £530 million off the organisation’s market value.

IT 92

IT Government Compliance Marketing 92

Data Breach Today

JUNE 9, 2020

Victimized Company Tasked With Procuring Personal Protective Equipment An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.

Phishing 225

Phishing IT 225

Security Affairs

JUNE 9, 2020

Security experts discovered a new UPnP vulnerability, dubbed Call Stranger , that affects billions of devices and could be exploited for various malicious activities. Security experts disclosed a new UPnP vulnerability, named Call Stranger , that affects billions of devices and could be exploited for various malicious activities. that affects billions of devices, it could be exploited by attackers to carry out multiple malicious activities, including distributed denial-of-service (DDoS) attacks

Manufacturing 90

Manufacturing Communications Access Security 90

Data Breach Today

JUNE 9, 2020

Increasing Use of Open Source Software Creates More Opportunities for Flaws The number of reported vulnerabilities found in open source software more than doubled in 2019 to almost 1,000, with projects such as Magento, GitLab, and Jenkins posting the largest increases, according to security firm RiskSense.

Security 207

Security 207

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Hunton Privacy

JUNE 9, 2020

On June 5, 2020, the Belgian Data Protection Authority (the “Belgian DPA”) published guidance on its website (the “Guidance”) regarding temperature checks during the COVID-19 crisis. The Guidance aims to provide advice to organizations looking to control access to their premises by restricting individuals with fevers in order to prevent further spread of the virus.

GDPR 87

GDPR Personal data Access IT 87

Data Breach Today

JUNE 9, 2020

Beyond mere information sharing, collective defense is a concept that aligns public and private sectors in a unified front against cyber threats. Bill Swearingen of IronNet Cybersecurity defines the concept and how it's being employed today.

Cybersecurity 191

Cybersecurity IT 191

IBM Big Data Hub

JUNE 9, 2020

Modern Data and AI application deployments are expanding through open source containers and hybrid multi-cloud support, but how can you achieve the benefits of infrastructure optimization and unified operationalization without vendor lock-in?

Cloud 84

Cloud 84

Data Breach Today

JUNE 9, 2020

For an upcoming virtual roundtable, Alex Laurie of ForgeRock discusses the importance of digital identity management, the need for organizations to quickly and accurately register people, comply with privacy regulations and define and manage the level of risk involved.

Privacy 165

Privacy Risk 165

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

JUNE 9, 2020

The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.

Security 119

Security 119

Threatpost

JUNE 9, 2020

The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs.

94

94

OpenText Information Management

JUNE 9, 2020

Some commentators define cyber security as preventing hackers from attacking your network and accessing your systems and data. Cyber resilience, they may view, is about responding and recovering after an attack has happened. While they position cyber security and cyber resilience as two separate activities, the reality is more complex than that. Cyber security can … The post What is the difference between cyber resilience vs. cyber security?

Security 75

Security Access 75

Dark Reading

JUNE 9, 2020

The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software.

91

91

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Security Affairs

JUNE 9, 2020

Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE) against COVID-19. Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE). Threat actors are targeting executives of a German multinational corporation part of a government-private sector task force that is involved in the supply of personal protective equipment (PPE)

Phishing 74

Phishing Healthcare Manufacturing Government 74

Dark Reading

JUNE 9, 2020

The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.

119

119

Security Affairs

JUNE 9, 2020

Adobe has released security updates to address vulnerabilities in its Flash Player, Framemaker and Experience Manager products. Adobe has released security updates to address ten vulnerabilities in its Adobe Flash Player, Adobe Experience Manager, and Adobe Framemaker products. Four vulnerabilities out of ten are rated as ‘Critical,’ they could allow a remote attacker to execute commands on vulnerable systems.

Security 70

Security Cybersecurity IT Information Security 70

Threatpost

JUNE 9, 2020

The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.

Access 99

Access 99

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

JUNE 9, 2020

Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.

Security 113

Security 113

Schneier on Security

JUNE 9, 2020

New research: " Security Analysis of the Democracy Live Online Voting System ": Abstract: Democracy Live's OmniBallot platform is a web-based system for blank ballot delivery, ballot marking, and (optionally) online voting. Three states -- Delaware, West Virginia, and New Jersey -- recently announced that they will allow certain voters to cast votes online using OmniBallot, but, despite the well established risks of Internet voting, the system has never been the subject of a public, independent

Security 95

Security Risk Privacy IT 95

Dark Reading

JUNE 9, 2020

The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based "ethical hacking" firm that works on behalf of commercial clients.

Phishing 75

Phishing 75