Data Breach Today
SEPTEMBER 8, 2021
Workarounds Detailed to Block Active Attack; Microsoft Has Yet to Release Patches Attackers are actively exploiting a flaw in Microsoft Windows for which no patch is yet available. Microsoft has issued workarounds and mitigations designed to block the zero-day attack for the flaw in the MSHTML browsing engine, which is being exploited via malicious Microsoft Office documents.
Krebs on Security
SEPTEMBER 8, 2021
Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 8, 2021
Experts Say Social Engineering Continues to Drive Illicit Activity The U.S. SEC in a new advisory warns against schemes targeting digital assets. Security experts say that with social engineering attempts on the rise, individuals and organizations must defend against related scams and other "get rich quick" schemes.
Security Affairs
SEPTEMBER 8, 2021
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Microsoft did not share info about the attacks either the nature of the threat actors.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
SEPTEMBER 8, 2021
Classes Canceled as the University's IT Staff Repairs Damage Howard University canceled classes Tuesday in the wake of a ransomware attack it first detected on Friday, the university has announced. There is no evidence the attackers accessed or exfiltrated personal information, the school says.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 8, 2021
NZ CERT: Intermittent Disruptions at Financial Organizations New Zealand's Computer Emergency Response Team says it is aware of ongoing distributed denial-of-service attacks that have disrupted services at several organizations in the country, including some financial institutions and the national postal service.
The Guardian Data Protection
SEPTEMBER 8, 2021
Exclusive: national and local governments using targeted ads on search engines and social media A new form of “influence government”, which uses sensitive personal data to craft campaigns aimed at altering behaviour has been “supercharged” by the rise of big tech firms, researchers have warned. National and local governments have turned to targeted advertisements on search engines and social media platforms to try to “nudge” the behaviour of the country at large, the academics found.
Data Breach Today
SEPTEMBER 8, 2021
Millions of Indonesian Residents, Including President Widodo, Affected The personal data of at least 1.3 million Indonesian residents, stored on two government-developed COVID-19 tracking apps, PeduliLindungi and eHAC, has been leaked online, according to security researchers. President Joko Widodo is among those affected.
Schneier on Security
SEPTEMBER 8, 2021
Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the SIM, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would have been much worse. Here’s a link to an archived version.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
SEPTEMBER 8, 2021
Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially motivated threat actor Groove has leaked online compromised credentials belonging to many organizations. The ransomware group has been active since August 2021 and implement a double extortion model like other gangs.
Hunton Privacy
SEPTEMBER 8, 2021
On September 1, 2021, the Federal Trade Commission banned Support King, LLC, the operator of SpyFone.com (“SpyFone”), and its CEO, Scott Zuckerman, from offering, promoting, selling or advertising any surveillance app, service or business. The FTC alleged SpyFone allowed purchasers to illegally surveil other individuals by surreptitiously monitoring a device user’s activity without the device user’s knowledge.
eSecurity Planet
SEPTEMBER 8, 2021
A critical vulnerability discovered in the open-source load balancer and proxy server HAProxy could enable bad actors to launch an HTTP Request Smuggling attack, which would let them bypass security controls and gain unauthorized access to sensitive data. Researchers with JFrog Security uncovered the vulnerability, CVE-2021-40346, during their regular searches for new and previously unknown vulnerabilities in popular open-source projects.
Jamf
SEPTEMBER 8, 2021
The new Jamf Educator platform offers a broad range of support for users who want to refine their understanding of the Jamf Teacher app. Learn more about why you should try out this program.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
eSecurity Planet
SEPTEMBER 8, 2021
The cybercriminal gang behind the Ragnar Locker ransomware attacks is threatening victims that it will go public with data captured in an attack if they contact law enforcement agencies or hire negotiators. The Ragnar Locker group posted on its darknet leak site a note outlining the warning, putting even more pressure on target companies (which the group calls “clients”) and increasing attention on the already high-profile debate about organizations paying ransoms.
Security Affairs
SEPTEMBER 8, 2021
Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN and ExpressVPN. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN, ExpressVPN, KeepSolid VPN Unlimited, Nord VPN, Speedify VPN, and IPVanish VPN.
The Guardian Data Protection
SEPTEMBER 8, 2021
Campaigners from 31 NGOs urge MEPs to rethink plans to overhaul Eurodac database The EU has been accused of planning “a powerful tool for the mass surveillance” of migrants through proposed changes to a fingerprint database for asylum seekers. Campaigners from 31 non-governmental organisations, including Amnesty International and the European Network Against Racism, made the charge in an open letter to the European parliament urging MEPs to rethink plans to overhaul the Eurodac database of asylu
Threatpost
SEPTEMBER 8, 2021
Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
SEPTEMBER 8, 2021
Even the most extreme internet infrastructure providers have turned their backs on the website for violating their terms of service.
Threatpost
SEPTEMBER 8, 2021
There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help.
IG Guru
SEPTEMBER 8, 2021
The Virginia Assoc of Govt Archives & Records Managers Virtual Conference is scheduled October 28 and registration is open. The ½ day virtual conference (9 a.m. – 12:30 p.m. EST) has three great sessions and is free for VAGARA members and only $20 for non-members. Information on the conference – including the agenda can […]. The post Webinar: Virginia Association of Government Archives and Records Administrators on October 28th 9am-12:30pm appeared first on IG GURU.
Threatpost
SEPTEMBER 8, 2021
Justin Jett, director of audit and compliance at Plixer, discusses how to effectively use network flow data in the fight against ransomware.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
WIRED Threat Level
SEPTEMBER 8, 2021
The email service says it was unable to appeal a Swiss court’s demand to log the IP address of a French climate advocate.
OpenText Information Management
SEPTEMBER 8, 2021
The US President’s Cybersecurity Executive Order, released in May 2021, outlines “the persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” Here are three strategies to help government CISOs better understand how to maximize early detection, and the removal of cybersecurity … The post Three MDR strategies for government CISOs to quickly detect and respond to threat
WIRED Threat Level
SEPTEMBER 8, 2021
The fallout from the company's recent proposal has created a new opportunity to fix how it roots out abusive material across its devices.
Threatpost
SEPTEMBER 8, 2021
The attackers are indiscriminately striking thousands of victims worldwide with their new “Chimaera” campaign.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Jamf
SEPTEMBER 8, 2021
The new Jamf Educator platform offers a broad range of support for users who want to refine their understanding of the Jamf Teacher app. Learn more about why you should try out this program.
The Security Ledger
SEPTEMBER 8, 2021
What will it mean to secure the “new normal” after the COVID pandemic has receded? In this spotlight edition of the podcast, Cathy Spence, a Senior Principal Engineer at Intel, joins us in The Security Ledger Podcast studios to talk about what that new normal wt ill look like. For Cathy, the future looks a lot like the COVID-influenced. Read the whole entry. » Related Stories Spotlight: Securing the Great Resignation with Code 42 Spotlight: E-Commerce’s Bot and Mouse Game Encore Podca
Information Matters
SEPTEMBER 8, 2021
Data sharing solutions for the manufacturing sector got a boost with the announcement of Fractory’s £6.5m investment for its supply chain platform. Based in Manchester, Fractory has developed a supply Read more. The post Fractory raises £6.5m for its metalworking supply chain platform appeared first on Information Matters - Data-Driven Innovation in the UK.
Expert insights. Personalized for you.
345 
Let's personalize your content