Mon.Sep 20, 2021

article thumbnail

US to Unveil Sanctions on Use of Cryptocurrency for Ransoms

Data Breach Today

Report: Treasury Department to Announce Sanctions as Early as This Week The Biden administration may soon unveil plans to curtail the ransomware attacks that have crippled corporate networks this year. According to a report from The Wall Street Journal, the Treasury Department will announce sanctions and similar guidance designed to disrupt the ransomware model.

article thumbnail

Does Your Organization Have a Security.txt File?

Krebs on Security

It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn’t entirely clear who should get the report when remote access to an organization’s internal network is being sold in the cybercrime underground.

Retail 298
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Data Breach Today

Researchers Believe NEW Cooperative Targeted By BlackMatter Gang NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement.

article thumbnail

Data of 106 million visitors to Thailand leaked online

Security Affairs

Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand.

Honeypots 133
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Chinese APT Data-Harvesting Campaign Analyzed

Data Breach Today

Nation-State Chinese Groups APT27, APT41 Likely Candidates Earlier this month, McAfee Enterprise's Advanced Threat Research team, working with McAfee's Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group's tools, tactics and techniques.

308
308

More Trending

article thumbnail

Shipping Giant CMA CGM Hit With Second Attack

Data Breach Today

Compromised PII Includes Names, Email and Phone Numbers The French shipping firm CMA CGM reported on Monday that it had been struck with a data breach almost a year after it was hit with a ransomware attack that knocked its systems offline for several days.

article thumbnail

Apache OpenOffice is currently impacted by a remote code execution flaw

Security Affairs

Apache OpenOffice (AOO) is currently impacted by a remote code execution flaw, tracked as CVE-2021-33035, that has yet to be fixed in the official release. Security researcher Eugene Lim ( @spaceraccoonsec ) recently revealed technical details about a remote code execution flaw, tracked as CVE-2021-33035, (CVE-2021-33035) that impacts OpenOffice (AOO).

Metadata 107
article thumbnail

Hacker Makes Off With $12 Million in Latest DeFi Breach

Data Breach Today

Cross-Chain Protocol pNetwork Offers Hacker 'Clean' $1.5 Million Bug Bounty In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.

Security 193
article thumbnail

Regulatory Update: NAIC Summer 2021 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. As a result of the continuing COVID-19 pandemic, the NAIC met in a hybrid format with attendees participating both in person and virtually. This post summarizes the highlights from this meeting in addition to interim meetings that were held during July in lieu of taking place during the Summer Meeting.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Post-Attack, Health Agency Notifying 'All Alaskans'

Data Breach Today

Alaska DHSS' IT Systems Are Still Recovering from Nation-State-Sponsored Attack Alaska's Department of Health and Social Services says it is notifying "all Alaskans" that their personal and protected health information may have been compromised in a nation-state-sponsored cyberattack that was detected in May, from which the department is still recovering.

IT 187
article thumbnail

Bring Your APIs Out of the Shadows to Protect Your Business

Threatpost

APIs are immensely more complex to secure. Shadow APIs—those unknown or forgotten API endpoints that escape the attention and protection of IT¬—present a real risk to your business. Learn how to identify shadow APIs and take control of them before attackers do.

Risk 99
article thumbnail

No Bounty for Bug Hunters in India

Data Breach Today

Experts Discuss Challenges, Solutions for Bounty Hunters While there is no dearth of talent among Indian bug bounty hunters, hurdles such as lack of trust, payment disputes, cost, unethical practices and lack of regulatory laws deter the growth of the bug bounty programs in the country, according to some experts.

130
130
article thumbnail

Black Matter gang demanded a $5.9M ransom to NEW Cooperative

Security Affairs

U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for the soilmap.com project, financial info, network information, R&D results, sensitive employee information, legal and executive info, and KeePass ex

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

“Staying Current” is Not Just a Fashion Statement

Micro Focus

Keeping up with the latest fashion trends can be an uncomfortable and costly exercise. Having mistakenly perceived the wisdom of flared trousers, twice, I am fully aware of such risks. In the software world, too, being addicted to new and shiny objects is a fool’s errand. Tech trends do come and go and only time. View Article.

Risk 89
article thumbnail

Large phishing campaign targets EMEA and APAC governments

Security Affairs

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . The phishing campaign has been ongoing since spring 2020 when the domains were first transferred to their current host.

article thumbnail

Payment API Bungling Exposes Millions of Users’ Payment Data

Threatpost

Misconfigured APIs make any app risky, but when you’re talking about financial apps, you’re talking about handing ne’er-do-wells the power to turn your pockets inside-out.

Cloud 90
article thumbnail

Europol arrested 106 fraudsters, members of a major crime ring

Security Affairs

Europol, along with Italian and Spanish police, dismantled a major crime organization linked to the Italian Mafia that focuses on online frauds. Europol, along with law enforcement agencies in Italy and Spain, has dismantled a major crime group linked to the Italian Mafia that was involved in online fraud, drug trafficking, money laundering, and property crime.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

White House Cybersecurity Summit: A Missed Opportunity

Dark Reading

Last month's summit with the president was missing something crucial: representation from those who deal with critical infrastructure.

article thumbnail

Amazon Driver-Surveillance Cameras Roll Out, Sparking Debate

Threatpost

Drivers bristle under constant surveillance by artificial-intelligence (AI) tech, but Amazon says it works and boosts safety.

article thumbnail

Webinar: VIRTUAL PROJECT MANAGEMENT via ARMA NOVA on September 21, 2021 at 12pm EST

IG Guru

VIRTUAL PROJECT MANAGEMENT Enable People and Organizations to Exceed Their Potential No cost to register! What is good project management? How can we best do that virtually or in the new hybrid world? What are lessons learnt and best practices for sustaining virtual project management? Please join us at 11:30 AM for a facilitated networking […].

article thumbnail

Open Source Software Projects Up Their Security Game but Face More Attacks

Dark Reading

Patches for dependencies are trickling up through the open source ecosystem faster than ever — a good thing because attackers are focusing more on open source software.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Spoliation and Defensible Deletion: What’s the Difference?

eDiscovery Daily

Spoliation and Sanctions. Spoliation, the destruction or manipulation of ESI, has become a prevalent issue in e-discovery. As evidenced by Atalian US New England, LLC v. Navarro , spoliation is often done deliberately. In response to allegations of fraud, the defendant deleted mobile device data and replaced it with fabricated evidence. The judge sanctioned the company for intending to deprive the opposing counsel of relevant information. [1] Negligence is another cause for spoliation.

article thumbnail

Europol Breaks Open Extensive Mafia Cybercrime Ring

Threatpost

Organized crime ring thrived on violence, intimidation and $12 million in online fraud profits.

article thumbnail

Wondering Where to Start with Modernization? Rocket® Process Insights Has the Answer

Rocket Software

Rocket helps organizations evolve their IBM® i platforms to take advantage of modern technologies and user experiences without disruption. With an effective modernization strategy, organizations can streamline workflows and drive efficiencies to minimize risk, improve customer satisfaction, and promote positive employee experiences. While Rocket has an extensive portfolio of modernization products, customers often have one foundational question: Where do we start?

article thumbnail

Washington says a transatlantic data deal is close. Brussels disagrees via Politico

IG Guru

Check out the article here. The post Washington says a transatlantic data deal is close. Brussels disagrees via Politico appeared first on IG GURU.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Google: New Privacy Feature Will Affect 'Billions' of Android Devices

Dark Reading

Starting in December, Google will expand its "permissions auto-reset feature" to devices using Android 6.0 and higher.

Privacy 75
article thumbnail

DXC London Innovation Centre takes on business challenges with teamwork and emerging tech

DXC Technology

A conversation with Sukhi Gill about meeting the challenge of turning digital transformation ideas into reality Two years ago DXC launched our London Innovation Centre, a collaborative environment that brings together DXC employees, customers and partners to transform and accelerate innovative solutions in a rapidly changing digital era. Since that time, the Innovation Centre […].

article thumbnail

What does same-day support really mean and why is it so crucial?

Jamf

With most — if not all — device management vendors touting same-day support for new operating systems and features, we set out to put their claims to the test.

IT 52