Data Breach Today
APRIL 15, 2022
Declining Loss Ratios Means Insurance Premium Increases Might Moderate in Late 2022 A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
Data Matters
APRIL 15, 2022
Utah has become the fourth state, following California, Virginia and Colorado, to enact a comprehensive consumer data privacy law. The Utah Consumer Privacy Act (“UCPA”), formerly known as Senate Bill 227, passed the Utah Senate and House with no opposition, and was signed by Governor Cox on March 24, 2022. The UCPA shares many similarities with Virginia’s Consumer Data Protection Act (“VCDPA”) and the Colorado Privacy Act (“CPA”), and some similarities with the California Consumer
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 15, 2022
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "ground-breaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm Bracket f Inc.
eSecurity Planet
APRIL 15, 2022
Not everyone adopts multi-factor authentication (MFA) to secure their accounts. Many stick with simple username and password combinations despite the weaknesses of this authentication method. Yet if someone wanted to enable MFA, which option should they use? Each MFA option suffers vulnerabilities and creates user friction, so IT managers need to select the MFA option that best suits their users and their security concerns.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Hunton Privacy
APRIL 15, 2022
On March 29 and March 30, 2022, the California Privacy Protection Agency (“CPPA”) held via video conference two public pre-rulemaking informational sessions regarding the California Privacy Rights Act (“CPRA”). During the sessions, members of the California Attorney General’s Office and various privacy and cybersecurity experts led discussions on topics such as the sale and sharing of personal information, dark patterns, data privacy impact assessments, cybersecurity audits and automated decisio
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
APRIL 15, 2022
The act contains a loophole added late in the process that will impede progress toward the goal of increasing US cybersecurity: a complete carve-out of DNS from the reporting requirements and other obligations outlined in the bill.
eSecurity Planet
APRIL 15, 2022
Vulnerabilities in WatchGuard firewalls and Microsoft Windows and Windows Server need to be patched and fixed immediately, security organizations said in alerts this week. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged organizations to patch a critical WatchGuard firewall vulnerability ( CVE-2022-23176 ) that affects the Fireware operating system running on WatchGuard Firebox and XTM appliances, and government agencies have been told to patch the flaw by May 2.
Record Nations
APRIL 15, 2022
Most companies these days are looking for better ways to “go green” or lessen their carbon footprint. It’s important that we all do our part to make a cleaner environment for generations to come. It’s for this reason that many companies are turning to scanning and cloud services to help reduce their paper waste and […]. The post How Document Scanning Lessens Your Carbon Footprint appeared first on Record Nations.
Dark Reading
APRIL 15, 2022
Google patches a critical flaw in its Chrome browser, bringing its count of zero-day vulnerabilities fixed in 2022 to four.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
KnowBe4
APRIL 15, 2022
KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and globally), and 'in the wild' attacks.
Security Affairs
APRIL 15, 2022
Google Chrome 100.0.4896.127 addresses a new high-severity zero-day vulnerability tracked as CVE-2022-1364, actively exploited by threat actors in the wild. Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux to address a high-severity zero-day, tracked as CVE-2022-1364, that is actively exploited by threat actors in attacks. The CVE-2022-1364 zero-day is a type confusion issue that resides in the V8 JavaScript engine that was reported by Clément Lecigne of Google’s Threa
KnowBe4
APRIL 15, 2022
The latest podcast episode of Security Masterminds features our special guest Jim Shields, Creative Director at KnowBe4. He sat down with our hosts, Erich Kron and Jelle Wieringa to discuss storytelling to improve an organization's security culture.
Security Affairs
APRIL 15, 2022
Cisco fixed a critical flaw in Cisco Wireless LAN Controller (WLC) that could allow an unauthenticated, remote attacker to take control affected devices. Cisco has released security patches to fix a critical vulnerability (CVSS score 10), tracked as CVE-2022-20695 , in Cisco Wireless LAN Controller (WLC). A remote, unauthenticated attacker could exploit the flaw to bypass authentication and log in to the device through the management interface.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
APRIL 15, 2022
Omdia Senior Analyst Hollie Hennessy says the new threat to multiple ICS and SCADA devices underscores the importance of a rapid response to IoT and OT security risks.
Security Affairs
APRIL 15, 2022
The Conti ransomware gang has claimed responsibility for the recent attack against Nordex, one of the largest manufacturers of wind turbines. The Conti ransomware gang claimed responsibility for the cyberattack that hit the manufacturer of wind turbines Nordex on March 31, 2022. Nordex Group shut down “IT systems across multiple locations and business units” as a precautionary measure to prevent the threat from spreading across its networks.
Dark Reading
APRIL 15, 2022
Upgrading and fixing the vulnerability in the Spring Framework doesn't seem to have the same level of urgency or energy as patching the Log4j library did back in December
Security Affairs
APRIL 15, 2022
A new powerful crimeware called ZingoStealer was released for free by a threat actor known as Haskers Gang. ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The threat actors were also offering their own crypter, dubbed ExoCrypt for 300 Rubles (~$3 USD), to evade detection.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
APRIL 15, 2022
IT professionals worry most about cloud security, but other questions arise about training, functionality, and performance.
Security Affairs
APRIL 15, 2022
Threat actors are targeting Ukrainian government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite (CVE-2018-6882). Ukraine’s CERT (CERT-UA) warns of threat actors that are targeting government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite ( CVE-2018-6882 ). “Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x be
Threatpost
APRIL 15, 2022
Connections that show the cybercriminal teams are working together signal shifts in their respective tactics and an expansion of opportunities to target victims.
Security Affairs
APRIL 15, 2022
Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s security initiatives. While you may disagree, data breach studies show that employees and negligence are the most typical causes of security breaches, yet these prevalent issues are least discussed. According to a recent industry report from Shred-It, an information security provider, 47% of top business executives believe that employee error, such as
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
APRIL 15, 2022
Chemical companies are the latest to be targeted by the well-known North Korean group, which has targeted financial firms, security researchers, and technology companies in the past.
Adapture
APRIL 15, 2022
Application visibility and reporting is a valuable tool for improving application performance. The visibility that older methods of logging and agent-based monitoring provide is limited and outdated. Modern application visibility and reporting solutions give IT teams the data they need to make better decisions around networks and applications. The Importance of Application Visibility and Reporting Without access to the right up-to-date data, organizations are making blind decisions around their
Jamf
APRIL 15, 2022
Identity and access management (IAM) tools are critical to making sure that the right users can access the right applications and data. Learn about some of the key Apple IAM integrations available in the Jamf Marketplace.
National Archives Records Express
APRIL 15, 2022
Our office has posted a vacancy announcement for a Supervisory IT Specialist for our Oversight and Reporting Systems Analysis Team (ACOS). This announcement will be open until Monday, April 25, 2022. The incumbent is responsible for supervising, managing, and planning a wide range of information system analysis projects including the evaluation and audit of Federal agencies electronic records systems.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
APRIL 15, 2022
The analysis of a recent sample SunnyDay ransomware revealed some similarities with other ransomware, such as Ever101, Medusa Locker, Curator, and Payment45. Segurança-Informatica published an analysis of a recent sample of SunnyDay ransomware. As a result of the work, some similarities between other ransomware samples such as Ever101, Medusa Locker, Curator, and Payment45 were found.
Data Breach Today
APRIL 15, 2022
The Biden Administration Should Also Directly Assist Identity Theft Victims Identity experts urge the Biden administration to accelerate the deployment of mobile driver's licenses and ensure identity theft victims get direct assistance. These are among the four items experts say must be added to an upcoming Executive Order focused on preventing and detecting identity theft.
Schneier on Security
APRIL 15, 2022
Beautiful video shot off the California coast. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Expert insights. Personalized for you.
280 
Let's personalize your content