Tue.Apr 27, 2021

article thumbnail

DC Metropolitan Police Hit With Cyberattack

Data Breach Today

Babuk Ransomware Gang Takes Credit, Threatens Data Leak The Babuk ransomware gang is taking credit for an attack against the Metropolitan Police Department of Washington, D.C., and threatening to post exfiltrated data if a ransom is not paid. The department confirms that attackers accessed its network, but it's offering no further details.

article thumbnail

Build a Cloud-First Content Management Strategy in Three Simple Steps

AIIM

Global research and advisory firm, Gartner, predicts that by 2024 more than 45% of IT spending will shift from legacy on-premises solutions to the cloud. Cloud infrastructure spending is expected to jump from $63 billion in 2020 to $81 billion by 2022. The cloud race was well underway in 2020 when COVID reared its unfortunate head and sent businesses still on the cloud adoption starting blocks into a frenzy.

Cloud 194
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Lawmakers Seek to Expand CISA's Role

Data Breach Today

Proposals Call for More Funding, Greater Responsibility Several bipartisan congressional initiatives are seeking to expand the mission of the U.S. Cybersecurity and Infrastructure Security Agency. Here's a rundown of the details.

article thumbnail

Challenging Our Education System to Nurture the Cyber Pipeline

Dark Reading

Let's teach students how to teach themselves. Once we do that, we will have taught a generation of students how to think like hackers.

Education 141
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

FBI Shares Email Addresses to Speed Emotet Cleanup

Data Breach Today

Bureau Shares Emails of Those Affected With Have I Been Pwned Breach Notification Service The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been Pwned breach notification site. The entry of those addresses into the site increases the chance that those infected with Emotet can take remediation actions, such as changing passwords.

Cleanup 257

More Trending

article thumbnail

Cyber Extortion Thriving Thanks to Accellion FTA Hits

Data Breach Today

Coveware: Average Ransom Payment Hits $220,298, Presaging More Supply-Chain Attacks Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.

article thumbnail

Security Vulnerabilities in Cellebrite

Schneier on Security

Moxie Marlinspike has an intriguing blog post about Cellebrite , a tool used by police and others to break into smartphones. Moxie got his hands on one of the devices, which seems to be a pair of Windows software packages and a whole lot of connecting cables. According to Moxie, the software is riddled with vulnerabilities. (The one example he gives is that it uses FFmpeg DLLs from 2012, and have not been patched with the 100+ security updates since then.). …we found that it’s possib

Security 116
article thumbnail

Thoma Bravo to Buy Proofpoint for $12.3 Billion

Data Breach Today

Private Equity Firm Also Owns Other Security Companies, Including McAfee Private equity firm Thoma Bravo on Monday announced it had signed a definitive agreement to acquire the cybersecurity and compliance firm Proofpoint in a $12.3 billion all-cash deal.

article thumbnail

Ransomware hit Guilderland Central School District near Albany

Security Affairs

Officials revealed that the school district near Albany was hit by a ransomware attack that forced students in grades 7 through 12 into all-remote learning on Monday. The Guilderland Central School District near Albany was hit by a ransomware attack that forced students in grades 7 through 12 into all-remote learning on Monday, the news was confirmed by district officials.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

COVID-19: Is the End in Sight?

Data Breach Today

Pandemic Expert Regina Phelps on Variants, Vaccines and Office Reopenings COVID-19 infections and death rates are down in the United States, and the percentage of vaccinated citizens is rising. Does this mean the end of the pandemic is finally in sight? Not quite, says continuity planning expert Regina Phelps, who explains why.

173
173
article thumbnail

FBI shares with HIBP 4 million email addresses involved in Emotet attacks

Security Affairs

The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed in malware campaigns. Last week, European law enforcement has conducted an operation aimed at performing a mass-sanitization of computers infected with the infamous Emotet Windows malware. The authorities automatically wiped the infamous Emotet malware from infected systems across the world as part of a mass sanitization operation.

Cleanup 104
article thumbnail

Cybersecurity Community Remembers Researcher Dan Kaminsky

Data Breach Today

Banisher of 'The Kaminsky Bug' Lauded for His Drive to 'Make Things Better' Dan Kaminsky, a renowned security researcher, died last week at age 42. He gained cybersecurity fame in 2008 after discovering and helping to coordinate a patch for a massive security flaw in the internet's Domain Name System.

article thumbnail

The Supreme Court sharply curtails FTC’s authority to obtain restitution

DLA Piper Privacy Matters

In a significant decision issued on Thursday, April 22, 2021, the US Supreme Court unanimously ruled in an eagerly anticipated case that the Federal Trade Commission (FTC) does not have the legal authority under Section 13(b) of the FTC Act to obtain court-ordered monetary equitable relief (such as restitution or disgorgement). In AMG Capital Management, LLC v.

Retail 102
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Public Affairs: Your New Neighborhood Library

Information Governance Perspectives

When you think about the fact that libraries are about information and not simply about books, you begin to see where the value is. The post Public Affairs: Your New Neighborhood Library appeared first on Rafael Moscatel.

article thumbnail

CISA, NIST published an advisory on supply chain attacks

Security Affairs

CISA and NIST published a report on software supply chain attacks that shed light on the associated risks and provide instructions on how to mitigate them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) released a joint advisory that provides trends and best practices related to supply chain attacks for network defenders.

Risk 95
article thumbnail

Expect an Increase in Attacks on AI Systems

Dark Reading

Companies are quickly adopting machine learning but not focusing on how to verify systems and produce trustworthy results, new report shows.

145
145
article thumbnail

How IAM can help you thrive in a disruptive environment

Thales Cloud Protection & Licensing

How IAM can help you thrive in a disruptive environment. madhav. Tue, 04/27/2021 - 10:58. At Thales we are excited to participate in this week’s virtual Gartner Identity and Access Management Summit taking place on 28 and 29 April 2021. This year’s theme is “Adapting to Disruption. Enabling Transformation.” Participants in the summit will get the latest advice on identity and access management technologies and strategies, covering multifactor authentication (MFA), identity governance and adminis

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

Hunton Privacy

As reported on the Hunton Retail Law Blog , on April 26, 2021, the U.S. Court of Appeals for the Second Circuit affirmed the dismissal on Article III standing grounds of a data breach class action predicated on an alleged increased risk of identity theft. McMorris v. Carlos Lopez & Assocs. , LLC , No. 19-4310, 2021 WL 1603808 (2d Cir. Apr. 26, 2021).

article thumbnail

Do Cyberattacks Affect Stock Prices? It Depends on the Breach

Dark Reading

A security researcher explores how data breaches, ransomware attacks, and other types of cybercrime influence stock prices.

article thumbnail

Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses

Threatpost

A variant of Mac No. 1 threat Shlayer since January already has been exploiting the vulnerability, which allows payloads to go unchecked through key OS security features.

article thumbnail

Feds Arrest an Alleged $336M Bitcoin-Laundering Kingpin

WIRED Threat Level

The alleged administrator of Bitcoin Fog kept the dark web service running for 10 years before the IRS caught up with him.

Security 103
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

The Governance and Recordkeeping Around the World Newsletter April 2021 Edition available via Library and Archives Canada

IG Guru

Check out the post here. The post The Governance and Recordkeeping Around the World Newsletter April 2021 Edition available via Library and Archives Canada appeared first on IG GURU.

article thumbnail

Ransomware Recovery Costs Near $2M

Dark Reading

The cost of recovering from a ransomware attack has more than doubled in one year, Sophos researchers report.

article thumbnail

CIPL Submits Response to the EDPB Guidelines on Virtual Voice Assistants

Hunton Privacy

On April 23, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on virtual voice assistants (the “Guidelines”). The Guidelines were adopted on March 12, 2021 for public consultation. The EDPB’s Guidelines are intended to help organizations identify the risks associated with virtual voice assistants (“VVAs”), implement the relevant mitigation measures and provide

GDPR 77
article thumbnail

Ombudsman says ACT federal police may have illegally accessed location data

The Guardian Data Protection

Only nine out of 1,713 times ACT police accessed location was fully compliant with laws, putting prosecutions at risk, Ombudsman says The Australian federal police’s ACT unit has been blasted for a “cavalier” attitude to access of location information to arrest criminal suspects which could put prosecutions at risk. On Wednesday the commonwealth ombudsman released a scathing report into the AFP’s access of metadata from location-based services, warning of a failure to identify the scope of unlaw

Access 76
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

5 ways to jumpstart digital process automation

OpenText Information Management

Most organizations are on a path to digital transformation. This means they’re spearheading initiatives to elevate operations for improved business outcomes via smarter decisions, increased efficiency and improved agility. However, digital transformation looks different for every company. Some are keeping pace with the integration of digital technology to support growth.

article thumbnail

Linux Kernel Bug Opens Door to Wider Cyberattacks

Threatpost

The information-disclosure flaw allows KASLR bypass and the discovery of additional, unpatched vulnerabilities in ARM devices.

89
article thumbnail

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

Microsoft announced an improvement of its Defender antivirus that will leverage Intel’s Threat Detection Technology (TDT) to detect processes associated with crypto-miners. Microsoft announced that Microsoft Defender for Endpoint, its commercial version of Windows 10 Defender antivirus, implements a new mechanism that leverages Intel’s Threat Detection Technology (TDT) to block cryptojacking malware using.

Mining 74