Thu.Feb 11, 2021

article thumbnail

Florida City's Water Hack: Poor IT Security Laid Bare

Data Breach Today

Oldsmar Used Windows 7, Shared TeamViewer Password, Didn't Have a Firewall The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.

IT 294
article thumbnail

What are the Drivers of Electronic Records Management (ERM)?

AIIM

Records can be vital to the business. That means the management of records is something that needs great care, attention, and planning. Although not a new concept, the game has somewhat changed in recent years as the way records are created and what is considered a record has evolved. Virtually all new records are created electronically today – they are what we call “born digital.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Taps Neuberger to Lead SolarWinds Probe

Data Breach Today

Deputy National Security Adviser Anne Neuberger to Oversee Investigation The Biden administration has appointed Anne Neuberger, the deputy national security adviser for cyber and emerging technology, to coordinate the investigation into the cyberattack that targeted SolarWinds and other organizations, following criticism from two senators that the probe has lacked coordination.

Security 275
article thumbnail

Avaddon ransomware decryptor released, but operators quickly reacted

Security Affairs

An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it inefficient. The Spanish student Javier Yuste has released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free. Yuste is a student at the Rey Juan Carlos University in Madrid, he developed the AvaddonDecrypter utility that could be used by victims of the ransomware when their computers should not have

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

World Health Organization CISO on Supply Chain Risk

Data Breach Today

Flavio Aggio: SolarWinds-Type Attacks Are Far More Than a 'Patching Problem' Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.

Risk 270

More Trending

article thumbnail

Will Russian Cryptocurrency Law Drive Hacker Recruitment?

Data Breach Today

Regulation Requires Russians to Disclose Their Cryptocurrency Transactions - Or Else Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.

article thumbnail

Military, Nuclear Entities Under Target By Novel Android Malware

Threatpost

The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.

Military 142
article thumbnail

Account Takeover: 2021 - and How to Prevent it

Data Breach Today

SpyCloud has fresh research into account takeover trends and finds that attacks have recently spiked by 300%. Chip Witt explains the trends behind the stats and offers insight into what enterprises often are overlooking in their ATO prevention strategies.

IT 211
article thumbnail

Various Malware Lurks in Discord App to Target Gamers

Threatpost

Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets.

Metadata 111
article thumbnail

Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores

Threatpost

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware.

Security 117
article thumbnail

Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough

Dark Reading

With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.

99
article thumbnail

How Email Attacks are Evolving in 2021

Threatpost

The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Analyzing 4 Common Attack Vectors for Supply Chain Attacks

Thales Cloud Protection & Licensing

Analyzing 4 Common Attack Vectors for Supply Chain Attacks. madhav. Thu, 02/11/2021 - 13:15. Cyber criminals employ a number of different tactics to gain access to enterprise networks and data. One such tactic is to inject malware into a software product the enterprise uses, then use that malware to compromise the devices on which the software is used.

Access 81
article thumbnail

A Windows Defender Flaw Lurked Undetected for 12 Years

WIRED Threat Level

Microsoft has finally patched the bug in its antivirus program after researchers spotted it last fall.

IT 112
article thumbnail

Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever

Dark Reading

Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.

Cloud 95
article thumbnail

Accelerate Partner Network: Our Extended Sales Team Committed to Serving You, Our Customer

Thales Cloud Protection & Licensing

Accelerate Partner Network: Our Extended Sales Team Committed to Serving You, Our Customer. madhav. Fri, 02/12/2021 - 06:07. Last year, Thales launched the Accelerate Partner Network (Accelerate) to support its partners in selling, delivering and servicing its security solutions across the globe. Accelerate currently boasts over 1,500 partners across multiple partner types.

Sales 70
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

UK Supreme Court: Serious Fraud Office Cannot Compel Foreign Companies to Produce Documents Held Abroad

Data Matters

Case: R (on the application of KBR, Inc) (Appellant) v Director of the Serious Fraud Office (Respondent) [2021] UKSC 2. On February 5, 2021, the UK Supreme Court ruled that the Serious Fraud Office (SFO) cannot compel foreign companies with no presence in the jurisdiction to produce documents held abroad using its powers under Section 2(3) of the Criminal Justice Act 1987 (CJA 1987).

IT 68
article thumbnail

Game Over: Stopping DDoS Attacks Before They Start

Dark Reading

Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.

105
105
article thumbnail

Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims

Threatpost

The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.

Access 93
article thumbnail

7 Things We Know So Far About the SolarWinds Attacks

Dark Reading

Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.

90
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Incentivizing public utilities to enhance cybersecurity: FERC’s proposed regulation

Data Protection Report

On February 5, 2021, the Federal Energy Regulatory Commission (“FERC”) published proposed regulations in the Federal Register that would provide federal financial incentives to utilities that voluntarily increase certain cybersecurity measures above those required by the Critical Infrastructure Protection Reliability Standards (“CIP Reliability Standards”) or by the NIST, Framework for Improving Critical Infrastructure Cybersecurity (“NIST Framework”). (86 Fed.

article thumbnail

What is digital experience?

OpenText Information Management

Digital experience inhabits a realm packed with similar terms. You have digital experience management (DXM), customer experience (CX), customer experience management (CXM or CEM), digital customer experience, digital citizen experience, B2B digital experience and digital brand experience, to name a few. If you ask 100 people to define digital experience, you can expect 100 different … The post What is digital experience?

article thumbnail

Ransomware Attackers Set Their Sights on SaaS

Dark Reading

Ransomware has begun to target data-heavy SaaS applications, open source, and Web and application frameworks.

article thumbnail

Webinar: Information Governance Education and Leadership on February 25th, 2021 12pm Eastern via Mid-Michigan ARMA

IG Guru

Information Governance (IG) continues to gain traction throughout organizations. How do you prepare yourstaff for IG matters? What educational and certification opportunities exist for IG professionals? What do experts in the industry think about IG? Speaker Andrew Ysasi will be teaching our audience about academic, certification, and leadershipresources available to manage their IG programs.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Growing Collaboration Among Criminal Groups Heightens Ransomware Threat for Healthcare Sector

Dark Reading

Expect increase in ransomware and 'triple extortion' attacks, Cyber Threat Intelligence League says.

article thumbnail

What is the Jamf Teacher Universal App?

Jamf

Mac admins must ensure that their educational technology stack and applications are optimized for Macs using the M1 chip. Jamf School and the Jamf Teacher app have you covered.

article thumbnail

ADAPTURE Representative Kati Graff Named 2020 Cloudflare Most Valuable Player

Adapture

ATLANTA, GA – February 11 th , 2021 – ADAPTURE Account Executive Kati Graff has been recognized by ADAPTURE partner Cloudflare as a 2020 Most Valuable Player. This recognition honors top achievers who not only provide excellent service to joint customers, but also build new business value by tapping into the power of network, relationships, and ecosystems.