Data Breach Today
FEBRUARY 22, 2021
Accellion and Mandiant Say Four Vulnerabilities Have Now Been Patched Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
WIRED Threat Level
FEBRUARY 22, 2021
The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
IT Governance
FEBRUARY 22, 2021
Ransomware has become one of the most common and profitable forms of cyber crime, but there’s an obvious fact that is neglected: the attacks are only worthwhile if the victim chooses to pay up. Of course, it’s easy to say that organisations can ignore criminals’ demands, but when facing weeks of disruption, huge financial losses and the prospect of customers’ personal data being leaked online, you can understand why some victims cave in.
Threatpost
FEBRUARY 22, 2021
At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that over the weekend a user was able to breach “multiple” ClubHouse room audio feeds […].
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
FEBRUARY 22, 2021
Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was to create weaponized Excel documents used in multiple phishing attacks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Schneier on Security
FEBRUARY 22, 2021
Really good op-ed in the New York Times about how vulnerable the GPS system is to interference, spoofing, and jamming — and potential alternatives. The 2018 National Defense Authorization Act included funding for the Departments of Defense, Homeland Security and Transportation to jointly conduct demonstrations of various alternatives to GPS, which were concluded last March.
Preservica
FEBRUARY 22, 2021
When I first started working at the Limestone County Archives in 2010, the number one question I got was, “So what do you do in there all day, anyway?”. Over the following decade, the answer to that question has basically remained the same: “I preserve and share our community’s history!” But two major things have changed: 1) Our methods have evolved from a focus on physical preservation, access, and outreach to digital versions of those activities; and. 2) I don’t get asked that question so much
Jamf
FEBRUARY 22, 2021
The new Mac-focused malware Silver Sparrow has been found on more than 29k macOS endpoints, and it runs natively on the Intel or M1 chips. Luckily, this appears to have been laying a foundation for a future payload and so far appears benign. And you can find and remove it.
Threatpost
FEBRUARY 22, 2021
APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Hunton Privacy
FEBRUARY 22, 2021
On February 16, 2021, the New York Department of Financial Services (“NYDFS”) issued a Cyber Fraud Alert (the “Alert”) to regulated entities in light of a growing campaign to steal Nonpublic Information (“NPI”), as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance (“Instant Quote Websites”).
WIRED Threat Level
FEBRUARY 22, 2021
For Empress, cracking titles like Red Dead Redemption 2 and Immortals Fenyx Rising is more than a pastime. It's a mission.
Security Affairs
FEBRUARY 22, 2021
Ukraine ‘s government accused unnamed Russian traffic networks as the source of massive attacks on Ukrainian security and defense websites. Today Ukraine accused unnamed Russian internet networks of massive attacks that targeted Ukrainian security and defense websites. The Ukrainian officials did not provide details about the attacks either the damage they have caused. “It was revealed that addresses belonging to certain Russian traffic networks were the source of these coordinated a
Dark Reading
FEBRUARY 22, 2021
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
FEBRUARY 22, 2021
An attacker demonstrated this week that Clubhouse chats are not secure, he was able to siphon audio feeds from “multiple rooms” into its own website. While the popularity of the audio chatroom app Clubhouse continues to increase experts are questioning the security and privacy level it offers to its users. Recently the company announced it is working to enhance the security of its platform and to avoid threat actors to access audio chats.
Dark Reading
FEBRUARY 22, 2021
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
Security Affairs
FEBRUARY 22, 2021
The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. Check Point Research team discovered that China-linked APT31 group ( aka Zirconium.) used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years before it was leaked online by Shadow Brokers hackers.
Dark Reading
FEBRUARY 22, 2021
FireEye Mandiant says it discovered data stolen via flaw in Accellion FTA had landed on a Dark Web site associated with a known Russia-based threat group.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 22, 2021
The systems of Georgetown County have been hacked at the end of January, and the county staff is still working to rebuild its computer network. The systems of Georgetown County have been hit with a sophisticated cyber attack at the end of January, and the county staff is still working to recover from the incident. The attack chain began with a malicious email, the intruders demanded the payment of a ransom to give back the control of the county’s systems to the its staff. “Hackers sent an
Threatpost
FEBRUARY 22, 2021
The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed.
Dark Reading
FEBRUARY 22, 2021
In this video, Omdia Cybersecurity Senior Research Director Maxine Holt explains why a more sustainable approach to post-pandemic cybersecurity is necessary.
Micro Focus
FEBRUARY 22, 2021
INSPIRE 20 Podcast: Meet Rod Flavell, CEO, FDM Group Rod Flavell, founder and chief executive officer of the FDM Group, ensures that inclusivity is engrained into FDM’s corporate values and that the organization instils a culture of acceptance. In our latest INSPIRE 20 podcast, showcasing executives from around the world who are making a difference.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
FEBRUARY 22, 2021
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.
IG Guru
FEBRUARY 22, 2021
February 12, 2021 The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services announces its sixteenth settlement of an enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative to support individuals’ right to timely access their health records at a reasonable cost under the HIPAA Privacy […].
Dark Reading
FEBRUARY 22, 2021
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.
ForAllSecure
FEBRUARY 22, 2021
Valentine’s Day has unfortunately come to a close. What follows love? Heartbreak. That’s right, it's time to dust off your best stationary and bust out the ice cream because we’re writing a series of break up letters. What can we say? Life has embittered us.or has it? You’ll have to wait until the end of this To All The Tools I’ve Loved Before four part blog series to find out.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
FEBRUARY 22, 2021
App developers must take responsibility for the security of users' data.
ForAllSecure
FEBRUARY 22, 2021
Valentine’s Day has unfortunately come to a close. What follows love? Heartbreak. That’s right, it's time to dust off your best stationary and bust out the ice cream because we’re writing a series of break up letters. What can we say? Life has embittered us.or has it? You’ll have to wait until the end of this To All The Tools I’ve Loved Before four part blog series to find out.
The Security Ledger
FEBRUARY 22, 2021
A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted. The post Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted appeared first on The Security Ledger. Related Stories Episode 201: Bug Hunting with Sick Codes Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again.
Expert insights. Personalized for you.
301 
Let's personalize your content