Tue.Feb 02, 2021

article thumbnail

Updated Agent Tesla Malware Disables Endpoint Protection

Data Breach Today

Sophos: Information-Stealing RAT Found in Many Malicious Email Attachments The operators behind the Agent Tesla remote access Trojan have updated the malware to enable it to disable endpoint protection software and have added features to hide communications, according to a report from the security firm Sophos.

article thumbnail

[Podcast] Process Adaptability and Information Access are Key for Transformation

AIIM

I was so pleased to speak with Jason Burian , VP of Product Development at Knowledge Lake, in this episode of AIIM On Air. As companies look to 2021 and beyond and start crafting new strategies and methodologies, it is important to consider those factors and conditions that will most effectively drive organizational performance. Jason discusses the key aspects of process adaptability and information access and how they will influence our success.

Access 150
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Evolution of Application & DDoS Defenses

Data Breach Today

Drawing upon Imperva's own recent Cyber Threat Index findings, Reinhart Hansen, director of technology in the office of the CTO, talks about that latest application vulnerabilities and DDoS attack trends as we start 2021.

246
246
article thumbnail

NAIC Insurance Data Security Law Annual Certifications: Is Yours Due By February 15?

Data Matters

Most cybersecurity professionals are aware of the New York Department of Financial Service’s requirement imposed on DFS-licensed entities to certify their cybersecurity program’s compliance on an annual basis (by April 15th of each year), but less well known is that numerous other states impose similar requirements on regulated insurance entities and that deadline for many states is coming up on February 15, 2021.

Insurance 114
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Washington State Breach Tied to Accellion Vulnerability

Data Breach Today

State Auditor Says Office Never Received Notification of Flaw or Patch A data breach of a Washington state auditor's system exposed 1.4 million unemployment claimants’ records. The breach stemmed from an exploit of an unpatched system from Accellion, and the state says it was never notified of the flaw. But Accellion says it notified customers and offered a patch in December.

More Trending

article thumbnail

Ransomware Newcomers Include Pay2Key, RansomEXX, Everest

Data Breach Today

Maze May Have Exited, But Fresh Gangs Arrive Bearing Dedicated Data-Leaking Sites Ransomware operations continue to come and go. The notorious Maze ransomware gang retired last year, apparently replaced by Egregor, while new operators, such as Pay2Key, RansomEXX and Everest, have emerged. But in recent months, experts say, just six operations have accounted for 84% of attacks.

article thumbnail

Fighting Fileless Malware, Part 1: What Is It?

Dark Reading

Despite multiple layers of protection, fileless malware cyberattacks remain rampant and difficult to defeat. In this, the first of The Edge's three-part series about the cyberthreat and how to fight back, you'll learn what fileless malware is and why it's so dangerous.

IT 109
article thumbnail

Ransomware's Helper: Initial Access Brokers Flourish

Data Breach Today

High-Quality Access - via RDP, VPN, Citrix - Can Retail for $2,000, Kela Reports To take down bigger targets more easily and quickly, ransomware gangs are increasingly tapping initial access brokers, who sell ready access to high-value networks. Economically speaking, it's a no-brainer move for cybercrime gangs.

Access 159
article thumbnail

Cyber Defense Magazine – February 2021 has arrived. Enjoy it!

Security Affairs

Cyber Defense Magazine February 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 108 pages of excellent content. 108 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached.

IT 103
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

SonicWall Confirms Zero-Day Flaw Affects Certain Products

Data Breach Today

Researchers Spot Exploits in the Wild; Company Developing Patch SonicWall has confirmed that a zero-day vulnerability is affecting its Secure Mobile Access, or SMA, gateway product line, and the company is developing a patch to address the issue. Researchers say they have found exploits for the vulnerability circulating in the wild.

Access 151
article thumbnail

Attackers Continue to Nibble at Apple's iOS Security

Dark Reading

For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.

Security 105
article thumbnail

Jim Clark: Why He's Giving Away Passwordless Technology

Data Breach Today

Internet Browser Pioneer on ID Threats and Overcoming the Password Liability When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free.

Passwords 152
article thumbnail

Kobalos, a complex Linux malware targets high-performance computing clusters

Security Affairs

ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed a new piece of malware, dubbed Kobalos, that was employed in attacks against high-performance computing clusters (HPC). The name Kobalos comes from a small sprite from Greek mythology, a mischievous creature fond of tricking and frightening mortals.

Mining 96
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

A Second SolarWinds Hack Deepens Third-Party Software Fears

WIRED Threat Level

It appears that not only Russia but also China targeted the company, a reminder of the many ways interconnectedness can go wrong.

IT 104
article thumbnail

Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs

Security Affairs

Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992 , to encrypt virtual hard disks. According to ZDNet , threat actors are using VMWare ESXi exploits to encrypt the disks of virtual machines deployed in enterprise environments.

article thumbnail

Interview With a Russian Cybercriminal

Dark Reading

A LockBit ransomware operator shared with researchers why he became involved in cybercrime, how he chooses victims, and what's in his toolbox.

article thumbnail

TrickBot Continues Resurgence with Port-Scanning Module

Threatpost

The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.

87
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

FTC: ID Theft Doubled in 2020

Dark Reading

The Federal Trade Commission said a surge in reports of identity theft occurred amid the COVID-19 pandemic.

143
143
article thumbnail

Identity Theft Spikes Due to COVID-19 Relief

Threatpost

Cases reported to the FTC doubled last year as cybercriminals took advantage of increased filing for government relief benefits due to the pandemic.

article thumbnail

Average Ransom Payments Declined Last Quarter

Dark Reading

More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.

141
141
article thumbnail

Hunton Publishes 2020 Retail Industry Year in Review

Hunton Privacy

This is an extraordinary and unprecedented time for the retail industry. Hunton Andrews Kurth’s 2020 Retail Industry Year in Review provides an in-depth analysis of the issues and challenges that retailers faced in the past year, and a look ahead at what they can expect in 2021. The Year in Review includes several articles authored by our privacy and cybersecurity lawyers, including on topics such as the cashier-less technology revolution, the California Privacy Rights Act of 2020 and “buy now,

Retail 71
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

SonicWall Confirms Zero-Day Vulnerability

Dark Reading

The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.

106
106
article thumbnail

Agent Tesla Trojan ‘Kneecaps’ Microsoft’s Anti-Malware Interface

Threatpost

A new version of the Agent Tesla RAT can 'kneecap' endpoint protection software supported by Microsoft ASMI.

92
article thumbnail

How Recruiting Women Can Help Solve Security's Biggest Problems

Dark Reading

We can solve cybersecurity's longstanding talent gap by bringing more women into the field.

article thumbnail

ARMA Houston Annual Spring Conference – Call for Speakers – Due February 12th

IG Guru

Check out the request here. The post ARMA Houston Annual Spring Conference – Call for Speakers – Due February 12th appeared first on IG GURU.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

RF Enables Takeover of Hostile Drones

Dark Reading

Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.

IT 76
article thumbnail

KnowledgeLake Growth in 2020 Driven by Increasing Demand for Cloud-based Intelligent Capture and Document Processing Automation 

Info Source

Product Innovation, Expansion of Channel Program, and Robust Pipeline of Legacy ECM Migration Projects Result in Strong 2020 . ST. LOUIS, MO., — February 2, 2021 — KnowledgeLake today announced growth figures for 2020 that highlight the rapid adoption of its cloud-native platform for intelligent document processing that gives organizations control of the entire document lifecycle and the ability to capture, process, and manage almost any document. .

Cloud 59
article thumbnail

Agent Tesla Upgrades with New Delivery & Evasion Tactics

Dark Reading

A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.

Access 76