Data Breach Today
MARCH 23, 2021
Brian Byrne and Bastien Latge of EMVCo Discuss Enhancement of Specifications As digital payments have skyrocketed as a result of the surge in e-commerce during the pandemic, more organizations have provided feedback on enhancing EMVCo's specifications to help fight fraud, two executives with the global technical body say.
Krebs on Security
MARCH 23, 2021
A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 23, 2021
Employee and Customer Information Compromised in January Attack; ICO Investigating British clothing and accessories retailer Fat Face says it detected a data breach in January, which exposed personal information - including partial payment card numbers - for an unspecified number of customers and employees. The Information Commissioner's Office is investigating.
AIIM
MARCH 23, 2021
Many organizations have an obligation to maintain the information they create and receive as part of regular business activities and to ensure that the information is secured and maintained in official filing systems. But, with an endless amount of information flowing in and out of your business on a daily basis - how do you determine what to capture and what to avoid?
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 23, 2021
Proofpoint Update Describes the Fraud Tactics The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 23, 2021
Acting Director Describes Latest Steps in Battle Against Ransomware The Cybersecurity and Infrastructure Security Agency will soon use its new subpoena powers authorized under the 2021 National Defense Authorization Act to help in the battle against ransomware attacks and other cyberthreats, says Brandon Wales, the acting agency director.
Security Affairs
MARCH 23, 2021
This week, IoT company Sierra Wireless disclosed a ransomware attack that hit its internal IT systems on March 20 and disrupted its production. Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. The company sells mobile computing and machine-to-machine (M2M) communications products that work over cellular networks.
Data Breach Today
MARCH 23, 2021
Multiple Systems Impacted, Including Manufacturing and Internal IT Operations The Canadian Internet of Things manufacturer Sierra Wireless reported today it had suffered a ransomware attack over the weekend, forcing it to halt production at its manufacturing sites. The attack has disrupted its website and other unspecified internal operations.
Security Affairs
MARCH 23, 2021
Oil and gas giant Royal Dutch Shell (Shell) discloses a data breach resulting from the compromise of its Accellion File Transfer Appliance (FTA) file sharing service. Energy giant Shell disclosed a data breach resulting from the compromise of an Accellion File Transfer Appliance (FTA) used by the company. Shell is an Anglo-Dutch multinational oil and gas company with more than 86,000 employees and mede US$180.5 billion in 2020.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MARCH 23, 2021
Meanwhile, Clop Ransomware Group Turns Up the Heat on Another Victim The Accellion File Transfer Appliance data breach continues to cause anguish. The energy company Shell has disclosed that it has been affected. Meanwhile, some customers of a Michigan-based bank have been informed that personally identifiable data has been exposed via the FTA breach.
Threatpost
MARCH 23, 2021
A former IT contractor is facing jailtime after a retaliatory hack into a company’s network and wiping the majority of its employees’ Microsoft Office 365 accounts.
DLA Piper Privacy Matters
MARCH 23, 2021
What is the context? As described in more details in our previous post , the French supervisory authority (“ CNIL ”) has published on October 2020 a revised version of its guidelines (“ Revised Guidelines ”) and the final version of its recommendations on the practical procedures for collecting consent concerning cookies and other trackers (“ Recommendations ”).
Threatpost
MARCH 23, 2021
Attackers accessed personal and business data from the company’s legacy file-transfer service in a recent data-security incident but core IT systems remained untouched.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
The Texas Record
MARCH 23, 2021
How long should you keep records documenting the copyright of an original work of authorship? Records documenting the copyright status of original works are administratively valuable when it comes to crafting licensing agreements, drafting acceptable use notices, responding to infringement lawsuits, etc. For Texas state universities, the answer is simple: follow the minimum retention period for RSIN 11.1.005 on the University Records Retention Schedule (URRS).
Threatpost
MARCH 23, 2021
The arts-and-crafts retailer left 138GB of sensitive information open to the public internet.
Schneier on Security
MARCH 23, 2021
A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. The governor of New Zealand’s central bank, Adrian Orr, says Accellion failed to warn it after first learning in mid-December that the nearly 20-year-old FTA application — using antiquated technology and set for retirement
Threatpost
MARCH 23, 2021
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Thales Cloud Protection & Licensing
MARCH 23, 2021
The Hand of Amazon: How the financial industry must keep up. sparsh. Wed, 03/24/2021 - 05:33. Originally published in Finextra on February 1, 2021. Last year Amazon announced the adoption of a game changer for payments; Amazon One, which allows shoppers to pay at stores by placing their palm over a scanning device when they walk in the door or when they check out.
Hunton Privacy
MARCH 23, 2021
On March 30, 2021, Hunton Andrews Kurth will host a webinar examining Virginia’s new Consumer Data Protection Act. On March 2, 2021, Virginia Governor Ralph Northam signed the Consumer Data Protection Act into law, making Virginia the second U.S. state to enact comprehensive data privacy legislation of general applicability. The law’s requirements will take effect on January 1, 2023, which is the same day that requirements under the new California Privacy Rights Act (“CPRA”) becomes operative.
Dark Reading
MARCH 23, 2021
The history and details of China Chopper - a Web shell commonly seen in the widespread Microsoft Exchange Server attacks.
Security Affairs
MARCH 23, 2021
U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker to conduct multiple malicious activities on vulnerable systems. U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of vulnerabilities in GE Power Management Devices that could be exploited by an attacker to conduct multiple malicious activities on systems belonging to the Universal Relay (UR) family.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MARCH 23, 2021
When every employee is well-versed in customer data privacy principles, the DPO knows the enterprise's sensitive data is in good hands.
Security Affairs
MARCH 23, 2021
Google addressed a zero-day vulnerability affecting Android devices that use Qualcomm chipsets which is actively exploited in the wild. Google has addressed a zero-day vulnerability, tracked as CVE-2020-11261, affecting Android devices that use Qualcomm chipsets. According to the IT giant, threat actors are actively exploiting the vulnerability in attacks in the wild.
Dark Reading
MARCH 23, 2021
More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.
Threatpost
MARCH 23, 2021
TikTok’s source code is in line with industry standards, security researchers say.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
MARCH 23, 2021
Cloudflare says it’s possible to build a version of the notoriously slow and buggy tool without compromising on speed.
Dark Reading
MARCH 23, 2021
Researchers explore how cybercriminals weigh the possibility of arrest and whether it deters criminal activity.
Collibra
MARCH 23, 2021
ATB Financial provides a diversified set of financial services to more than 770,000 residents of Alberta, Canada. Being a regionally focused institution, the group is dedicated to knowing its customers intimately, understanding their needs and providing products and services that help them achieve their goals. Delivering on that mission requires a wide variety of data-driven decisions.
Expert insights. Personalized for you.
335 
Let's personalize your content