Krebs on Security
SEPTEMBER 28, 2021
The new $30 AirTag tracking device from Apple has a feature that allows anyone who finds one of these tiny location beacons to scan it with a mobile phone and discover its owner’s phone number if the AirTag has been set to lost mode. But according to new research, this same feature can be abused to redirect the Good Samaritan to an iCloud phishing page — or to any other malicious website.
Data Breach Today
SEPTEMBER 28, 2021
Researchers Say Trojan Steals Data from Steam, Epic Games Stores, EA Origin Researchers at cybersecurity firm Kaspersky have discovered an advanced Trojan, dubbed BloodyStealer, stealing gamer accounts and data from platforms such as Steam, Epic Games Stores and EA Origin. They say there is a demand for this type of data among cybercriminals.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Protection Report
SEPTEMBER 28, 2021
You may not believe that dogs have much to do with privacy and security, but on September 20, 2021, New Jersey’s highest state court ruled that dog owners’ names and addresses were public and therefore not exempt from disclosure by a city dog licensing authority, but other information (such as dog breed and name) raised security concerns. Bozzi v. City of Jersey City , — A.3d —- (2021) (2021 WL 4256377).
Data Breach Today
SEPTEMBER 28, 2021
Microsoft: Malware Creates Backdoor to Exfiltrate Sensitive ADFS Server Data The Russia-linked cyberespionage group Nobelium, which was responsible for the SolarWinds supply chain attack, has developed and deployed a new malware, dubbed FoggyWeb, according to a Microsoft Threat Intelligence Center security blog. Microsoft says FoggyWeb creates a backdoor to exfiltrate data.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
HID Global
SEPTEMBER 28, 2021
The European Union Is Already Rolling Out Biometric National ID Cards for Travel and More. rmatyasek. Tue, 09/28/2021 - 09:18.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Protection Report
SEPTEMBER 28, 2021
On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. The deadline for responding to the consultation is 19 November 2021. In August, the Government announced that it intended to “seize the opportunity” afforded by the UK’s exit from the European Union to makes some changes (see our blog The UK Government unveils its post-Brexit plans to shake up data protection laws | Data Protection Report ).
Data Breach Today
SEPTEMBER 28, 2021
ShapeShift's Systems Reduced Privacy for Monero, Researcher Says Weaknesses in the systems of ShapeShift, a U.K.-based cryptocurrency exchange, reveal how a North Korean-linked group laundered cryptocurrency that came from the WannaCry 2.0 attack four years ago. The issues undermined some protections in Monero, a cryptocurrency designed to provide a high degree of privacy.
National Archives Records Express
SEPTEMBER 28, 2021
This post comes from our Records Management Training Team. Our Records Management Training Program has published all of our current training materials on the NARA website in the Records Management Training Catalog (RMTC). All of these materials are free and more will be posted as they become available. . The Records Management Instruction Support (ReMIS) team is available to assist you with questions you have about how to use the training materials.
Data Breach Today
SEPTEMBER 28, 2021
How It Spread and How to Fight It The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
SEPTEMBER 28, 2021
FinFisher (aka FinSpy) surveillance software now goes to extreme lengths to duck analysis and discovery, researchers found in a months-long investigation.
Data Matters
SEPTEMBER 28, 2021
This summer, the Federal Trade Commission (“FTC”) hosted its sixth annual PrivacyCon , an event focused on the latest research and trends related to consumer privacy and data security. This years’ event was divided into six panels: Algorithms; Privacy Considerations and Understandings; Adtech; Internet of Things; Privacy-Children and Teens; and, Privacy and the Pandemic.
OpenText Information Management
SEPTEMBER 28, 2021
Every 11 seconds there is a ransomware attack. Bad actors are targeting companies and critical infrastructure systems for their next opportunity. In many cases, they infiltrate their target and then wait to strike. OpenText™ Managed Detection and Response (MDR) has caught numerous malicious activities within hours of implementation and prevented attacks from causing major financial … The post Catching threats in minutes, not days with OpenText MDR – Part 1 appeared first on OpenText Blogs.
The Texas Record
SEPTEMBER 28, 2021
Creation and maintenance of an information management disaster plan is a never-ending task. While it can be cumbersome, hard to obtain buy-in, and require an upfront cost, it is one of the most important documents that your office can create. Protecting your information is protecting your assets. You will be able to continue operations and meet objectives with less risk of serious disruption if you ensure that you have continuous access to your information.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
SEPTEMBER 28, 2021
The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.
Dark Reading
SEPTEMBER 28, 2021
In the wake of SolarWinds and other third-party attacks, security teams worry that outsourced applications pose risks to the organization's application security, according to Dark Reading's recent "How Enterprises Are Developing Secure Applications" report.
eSecurity Planet
SEPTEMBER 28, 2021
Microsoft Exchange is a frequent target of hackers, and often the attack vector is a well known vulnerability that a company just hasn’t gotten around to patching. To try to deal with that problem, Microsoft is doing what a lot of other software vendors may start doing: making patching a lot less optional. In the September 2021 Cumulative Update (CU), the software giant has added a new feature called the Microsoft Exchange Emergency Mitigation (EM) service.
Security Affairs
SEPTEMBER 28, 2021
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom malware, dubbed FoggyWeb used by the Nobelium APT group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Schneier on Security
SEPTEMBER 28, 2021
These two sites tell you what sorts of information you’re leaking from your browser.
Security Affairs
SEPTEMBER 28, 2021
Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Malware researchers at Kaspersky have spotted a new improvement of the infamous commercial FinSpy surveillance spyware (also known as Wingbird), it can now hijack and replace the Windows UEFI (Unified Extensible Firmware Interface) bootloader to infect the target machines.
Threatpost
SEPTEMBER 28, 2021
The BloodyStealer trojan helps cyberattackers go after in-game goods and credits.
Security Affairs
SEPTEMBER 28, 2021
Trend Micro has addressed a critical authentication bypass vulnerability, tracked as CVE-2021-36745, affecting the ServerProtect solution. Trend Micro has released security patches to address a critical authentication bypass vulnerability, tracked as CVE-2021-36745 , that affects the Trend Micro ServerProtect product. Trend Micro Server Protect offers comprehensive real-time protection for enterprise infrastructure, preventing them from being targeted by viruses, spyware, and other Web threats.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
WIRED Threat Level
SEPTEMBER 28, 2021
From Afghanistan to cyberattacks, Frank Herbert’s novel anticipated and shaped warfare as we know it.
Threatpost
SEPTEMBER 28, 2021
The unredacted RCE exploit allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service.
IG Guru
SEPTEMBER 28, 2021
Check out the post here. The post Church, FamilySearch celebrate ‘incredible milestone’ of digitizing 2.4 million rolls of microfilm via Desert News appeared first on IG GURU.
Threatpost
SEPTEMBER 28, 2021
A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
eDiscovery Daily
SEPTEMBER 28, 2021
Ask any legal service provider (LSP) about how they can increase their revenue and you’ll undoubtedly get a variety of answers, such as: Go paperless. Use different fee structures. Fire non paying clients. Automate labor intensive tasks. While opportunities vary depending on a variety of factors, one consistent challenge you might come across is setting aside the time to explore any new possibilities.
Threatpost
SEPTEMBER 28, 2021
Dave Stewart, Approov CEO, lays out six best practices for orgs to avoid costly account takeovers.
OpenText Information Management
SEPTEMBER 28, 2021
We are on the cusp of a revolution in application architecture. According to IDC (International Data Corporation), by 2022, 90 percent of all new applications will be based on microservices architectures. Many enterprises are thinking about migrating their existing apps to microservices-based architectures. But there are many critical questions to ask first.
Expert insights. Personalized for you.
308 
Let's personalize your content