Fri.Mar 05, 2021

article thumbnail

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity.

Cleanup 363
article thumbnail

Supply Chain Attack Jolts Airlines

Data Breach Today

Malaysia Airlines, Singapore Airlines, Finnair, Air New Zealand Confirm Breaches An aviation IT company that says it serves 90% of the world's airlines has been breached in what appears to be a coordinated supply chain attack. Customers of at least four companies - Malaysia Airlines, Singapore Airlines, Finnair Airlines and Air New Zealand - may have been affected by the incident.

IT 281
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Managed Services provider CompuCom by Darkside ransomware

Security Affairs

US managed service provider CompuCom was the victim of a cyberattack that partially disrupted its operations, experts believe it was a ransomware attack. US managed service provider CompuCom was the victim of a cyberattack that partially disrupted its services and some of its operations. Even if the company initially did not provide technical details about the attack, security experts speculated the involvement of ransomware due to the observed effects.

article thumbnail

Mark of Ransomware's Success: $370 Million in 2020 Profits

Data Breach Today

Proceeds Boosted via Big Game Hunting, Data Leaking, Hitting Healthcare Sector Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant

Threatpost

A new variant of the Gafgyt botnet - that's actively targeting vulnerable D-Link and Internet of Things devices - is the first variant of the malware to rely on Tor communications, researchers say.

IoT 123

More Trending

article thumbnail

Massive Supply-Chain Cyberattack Breaches Several Airlines

Threatpost

The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.

Cloud 138
article thumbnail

Accellion Appliance Zero-Day Attack Breaches: Key Takeaways

Data Breach Today

This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.

article thumbnail

No, RSA Is Not Broken

Schneier on Security

I have been seeing this paper by cryptographer Peter Schnorr making the rounds: “Fast Factoring Integers by SVP Algorithms.” It describes a new factoring method, and its abstract ends with the provocative sentence: “This destroys the RSA cryptosystem.” It does not. At best, it’s an improvement in factoring — and I’m not sure it’s even that.

Paper 119
article thumbnail

Researchers Disclose More Malware Used in SolarWinds Attack

Data Breach Today

Microsoft, FireEye Find Additional Payloads Used During Supply Chain Attack Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds last December. These second-stage malware variants appear to have been deployed after organizations downloaded the "Sunburst" backdoor hidden in a software update.

283
283
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Realistic Patch Management Tips, Post-SolarWinds

Dark Reading

Patch management and testing are different, exactly the same, and completely out of hand. Here are tips from the experts on how to wrangle patches in a time of malicious software updates.

113
113
article thumbnail

Hackers Exploit Exchange Flaws to Target Local Governments

Data Breach Today

FireEye, Other Security Firms Detect Activity Hackers have targeted units of local government by attempting to exploit unpatched vulnerabilities in Microsoft Exchange email servers, according to a new report by the security firm FireEye. Meanwhile, CISA has updated its alert.

article thumbnail

Millions of travelers of several airlines impacted by SITA data breach

Security Affairs

SITA, a multinational IT company that provides services to the air transport industry was the victim of cyberattack that impacted multiple airlines. SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry. The company provides its services to around 400 members and 2,800 customers worldwide, which it claims is about 90% of the world’s airline business.

article thumbnail

VMware Patches Vulnerability on View Planner

Data Breach Today

Researchers Say Exploit Could Enable Remote Code Execution VMware has issued patches for a critical vulnerability in its virtual desktop deployment platform, View Planner, which could enable remote code execution.

IT 236
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

5 Ways Social Engineers Crack Into Human Beings

Dark Reading

These common human traits are the basic ingredients in the con-man's recipe for trickery.

145
145
article thumbnail

Data Analytics Firm Polecat Exposed 30 TB of Data

Data Breach Today

Researchers Say Social Media Information Exposed An unsecured server belonging to UK-based data analytics company Polecat exposed an estimated 30 terabytes of data, including 12 billion records related to social media, according to Wizcase CyberResearch Team.

Analytics 195
article thumbnail

Five privilege escalation flaws fixed in Linux Kernel

Security Affairs

Experts found five vulnerabilities in the Linux kernel, tracked as CVE-2021-26708, that could lead to local privilege escalation. Positive Technologies researcher Alexander Popov found five high severity vulnerabilities in the Linux kernel that could lead to local privilege escalation. The Linux kernel vulnerabilities are race conditions that reside in AF_VSOCK implementation, they were implicitly introduced in November 2019 in the commits c0cfa2d8a788fcf4 and 6a2c0962105ae8ce that added VSOCK m

Security 102
article thumbnail

Accellion Breaches: Key Takeaways

Data Breach Today

This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures

Threatpost

The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.

article thumbnail

Make Sure That Stimulus Check Lands in the Right Bank Account

Dark Reading

If you haven't already, it's time to build trust relationships with your financial institutions, using strong security, privacy protections and secure, unique user credentials.

Privacy 132
article thumbnail

GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers

Security Affairs

Microsoft experts continue to investigate the SolarWinds attack and spotted 3 new strains of malware used as second-stage payloads. Microsoft announced the discovery of three new pieces of malware that the threat actors behind the SolarWinds attack, tracked by the IT giant as Nobelium, used as second-stage payloads. Microsoft’s initial investigation revealed the existence of the Sunburst backdoor and Teardrop malware, now the Microsoft Threat Intelligence Center (MSTIC) team and the Mic

article thumbnail

WordPress Injection Anchors Widespread Malware Campaign

Threatpost

Website admins should patch all plugins, WordPress itself and back-end servers as soon as possible.

Security 112
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

On International Women's Day 2021, Does the 'Rule of Steve' Still Apply? Yes.

Dark Reading

On International Women's Day 2021, gender diversity has improved in cybersecurity, but there is still a long way to go.

article thumbnail

Weekly Update 233

Troy Hunt

Data breaches all over the place this week! Not just data breaches, but noteworthy data breaches; the VPN ones for being pretty shady, Oxfam because it included my data which was posted to a hacking forum, Ticketcounter because of the interactions I had with them during the disclosure process and Gab because, well, everything about Gab is always weird.

article thumbnail

Pandemic tests electronic records management via GCN

IG Guru

Check out the article here. The post Pandemic tests electronic records management via GCN appeared first on IG GURU.

article thumbnail

McAfee Is Indicted for Altcoin Pump-and-Dumps and ICO Schemes

WIRED Threat Level

The 75-year-old antivirus entrepreneur faces up to 80 years in prison if convicted.

Security 118
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Microsoft Exchange Server Exploits Hit Retail, Government, Education

Dark Reading

Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities.

Retail 113
article thumbnail

Apple updates XProtect and MRT

Jamf

Apple just pushed updates to both XProtect and the Malware Removal Tool, MRT.

102
102
article thumbnail

Microsoft Adopted an 'Aggressive' Strategy for Sharing SolarWinds Attack Intel

Dark Reading

Rob Lefferts, corporate vice president for Microsoft 365 Security in Security and Compliance, explains the company's approach to keeping its customers and the industry apprised and updated on its findings from the now-infamous attack.