Data Breach Today
MAY 4, 2022
John Riggi and Carolyn Crandall Discuss the Top Threats John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
Data Matters
MAY 4, 2022
Washington, D.C. – Sidley announced today that David Lashway and John Woods have joined as partners in the firm’s Privacy and Cybersecurity practice in Washington, D.C. Mr. Lashway and Mr. Woods join Sidley from Baker McKenzie where they started and led the global cybersecurity practice group for over 10 years. “David and John’s industry leading knowledge and global experience provide a rare viewpoint of the current geopolitical risks in the world today and will have an immediate and positive im
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MAY 4, 2022
Mosyle Wants to Expand Beyond MDM and Provide a Holistic Apple Security Platform Mosyle closed a $196 million funding round to expand beyond mobile device management and provide a holistic security platform for Apple devices. The company wants to boost adoption of Mosyle Fuse, which combines MDM, endpoint security, encrypted DNS, identity management and app management.
Hunton Privacy
MAY 4, 2022
In April 2022, two states enacted insurance data security legislation based on the National Association of Insurance Commissioners (“NAIC”) Insurance Data Security Model Law (MDL-668). Kentucky Governor Andy Beshear signed HB 474 into law on April 8, 2022, and Maryland Governor Larry Hogan signed SB 207 into law on April 21, 2022. The new laws establish data security obligations for insurance carriers and generally require carriers to take the following actions, subject to certain exemptions: Co
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MAY 4, 2022
New industry guidance provides a detailed road map to help healthcare sector entities respond to and recover from cyberattacks involving extended IT outages, say Lisa Bisterfeldt and Kirsten Nunez, who are members of the Health Sector Coordinating Council task force that developed the resource.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MAY 4, 2022
Department, Now Named the Crypto Assets and Cyber Unit, Will Have 50 Positions The U.S. Securities and Exchange Commission has allocated 20 new positions to the unit responsible for protecting investors in cryptocurrency markets from cyber-related threats. The SEC says that the Crypto Assets and Cyber Unit in the Division of Enforcement will grow to 50 dedicated positions.
Collibra
MAY 4, 2022
Poor data can be a challenge. As a result, organizations are heavily investing in data quality solutions. Gartner predicts that by 2025, 60% of data quality processes will be autonomously embedded and integrated into critical business workflows. This assessment highlights the critical role data quality plays in business. Data quality indicates if data is fit for use to drive trusted business decisions.
Data Breach Today
MAY 4, 2022
Company Will Create Variable Access Policies Based on a Device's Security Posture Tailscale has closed a $100 million funding round to enhance its zero trust VPN offering by factoring in the security posture of a particular device. The startup plans to use the Series B proceeds to create access policies that are variable based on the security posture of a device itself.
Dark Reading
MAY 4, 2022
Companies see AI-powered cybersecurity tools and systems as the future, but at present nearly 90% of them say they face significant hurdles in making use of them.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MAY 4, 2022
SSSCIP Goes Passwordless; Yubico Offers Tech Support As Ukraine continues to be hit by cyberattacks from Russia, the State Service of Special Communication and Information Protection of Ukraine has sought to combat this offensive against the country's critical national infrastructure by going passwordless and using Yubico's security keys.
The Guardian Data Protection
MAY 4, 2022
Exclusive: ideas include reducing trial safeguards and allowing startups to harvest patient data A list of radical ideas for transforming the NHS, including lifting safeguards blocking startups’ access to patient data, and nurses being incentivised to help speed trials, was privately drawn up by drug and healthcare companies in talks with senior No 10 advisers.
Data Breach Today
MAY 4, 2022
Increased Interest from Fortinet's Manufacturing Customers Drives Rapid OT Growth Fortinet's operational technology business will surpass its SD-WAN practice due to the elevated threat environment and increased interest from manufacturing customers, CEO Ken Xie says. Fortinet saw OT bookings grow 76% in the quarter ended March 30, outpacing SD-WAN bookings growth of 54%.
Schneier on Security
MAY 4, 2022
Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys to its stealth, including: The use of a unique backdoor Mandiant calls Quietexit, which runs on load balancers, wireless access point controllers, and other types
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
MAY 4, 2022
SSSCIP Says Internet Disconnection Due to Fiber Optic Breakages, Power Outage The Ukrainian city of Kherson faced a "near total" internet blackout on Saturday that cut off connectivity from Ukrainian service providers. Services were restored on Sunday, through regional Ukrainian provider Skynet, or Khersontelecom, but routed through Russia's Miranda and Rostelecom networks.
Security Affairs
MAY 4, 2022
A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John Page aka ( hyp3rlinx ) discovered that malware from multiple ransomware operations, including Conti , REvil , LockBit , AvosLocker , and Black Basta, are affected by flaws that could be exploited block file encryption.
Data Breach Today
MAY 4, 2022
NortonLifeLock's Method for Spotting Malicious Behavior Violates Columbia's Patents A federal jury has ordered NortonLifeLock to pay Columbia University $185.1 million after finding the company infringed on two patents. Jurors decided Monday that NortonLifeLock's use of emulators to monitor programs for malicious behavior intentionally infringes upon Columbia's patents.
Security Affairs
MAY 4, 2022
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers from Cybereason uncovered a sophisticated cyberespionage campaign, dubbed Operation CuckooBees, aimed at stealing intellectual property from the victims. The campaign flew under the radar since at least 2019, it was attributed by the experts to the China-linked Winnti group and targeted technology and manufacturing companies primari
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
KnowBe4
MAY 4, 2022
With the number of email breaches per year almost doubling in the last three years, organizations still don’t see email security solutions as being an effective means of stopping attacks.
Security Affairs
MAY 4, 2022
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on financial institutions, experts estimated that APT38 (Unit 180 of North Korea’s cyber-army Bureau 121) has stolen at hundreds of million dollars from banks worldwide. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, it has been active since at least 2014 and it has been observed targeting over 16 organizations
Dark Reading
MAY 4, 2022
Operation CuckooBees uncovered the state-sponsored group's sophisticated new tactics in a years-long campaign that hit more than 30 tech and manufacturing companies.
KnowBe4
MAY 4, 2022
As detection times are reducing across the board, threat groups are improving their craft and are prioritizing speed as the key ingredient in ransomware attacks.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MAY 4, 2022
All active GitHub users who contribute code will be required to enable at least one form of two-factor authentication by the end of 2023.
KnowBe4
MAY 4, 2022
New data from TrendMicro and Ponemon shows how almost organizations globally are not fully prepared for the looming threat of almost-certain cyberattacks.
Threatpost
MAY 4, 2022
A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices.
KnowBe4
MAY 4, 2022
Researchers at Avanan have observed a surge in phishing emails that abuse a flaw in SMTP relay services to bypass email security filters.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
MAY 4, 2022
The US has to adapt its own policies to counter the push, warns former DocuSign CEO and Under Secretary of State Keith Krach.
Threatpost
MAY 4, 2022
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
Dark Reading
MAY 4, 2022
Microsoft's stand-alone version of Defender for SMBs promises to help SecOps teams automate detection, response, and recovery.
Expert insights. Personalized for you.
291 
Let's personalize your content