Krebs on Security
NOVEMBER 17, 2022
Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks of stalling their extortionists, Peter’s bosses were ready to capitulate and pay the ransom demand.
Data Breach Today
NOVEMBER 17, 2022
Video Streamer Pays 800,000 Euros to Settle Probe of Privacy and Security Practices The French data protection authority fined Discord 800,000 euros for privacy and security practices that violate the General Data Protection Regulation. Authorities said the fine might have been higher except that Discord's "business model is not based on the exploitation of personal data.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
NOVEMBER 17, 2022
Twitter is having intermittent problems with its two-factor authentication system: Not all users are having problems receiving SMS authentication codes, and those who rely on an authenticator app or physical authentication token to secure their Twitter account may not have reason to test the mechanism. But users have been self-reporting issues on Twitter since the weekend, and WIRED confirmed that on at least some accounts, authentication texts are hours delayed or not coming at all.
Data Breach Today
NOVEMBER 17, 2022
Key Initiatives Include New Task Force and Ban on Ransomware Payments to Criminals Following a spate of cyberattacks and data breaches affecting millions of Australians, the government‘s cybersecurity minister recently announced the formation of a task force that will hunt down hackers and said she is contemplating a ban on ransomware payments.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
KnowBe4
NOVEMBER 17, 2022
Researchers at Vade Secure describe a type of phishing attack dubbed “clone phishing,” in which attackers follow up a legitimate email from a trusted sender with a replica, claiming that they forgot to include a link or attachment.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
NOVEMBER 17, 2022
Researchers find current data protections strategies are failing to get the job done, and IT leaders are concerned, while a lack of qualified IT security talent hampers cyber-defense initiatives.
Data Breach Today
NOVEMBER 17, 2022
Mt. Gox Was the First Big Exchange Collapse. I Had a Front-Row Seat. After the collapse of the FTX cryptocurrency exchange, I received a small post card from Japan. The sender was Mt. Gox. Here's how I bought a bitcoin for $12, had a painful front row-row seat for the first big cryptocurrency exchange collapse plus some thoughts about cryptocurrency.
eSecurity Planet
NOVEMBER 17, 2022
Public-facing cloud storage buckets are a data privacy nightmare, according to a study released today. Members of Laminar Labs’ research team recently found that one in five public-facing cloud storage buckets contains personally identifiable information (PII) – and the majority of that data isn’t even supposed to be online in the first place.
Data Breach Today
NOVEMBER 17, 2022
Palo Alto's First Big M&A Since Early 2021 Will Help Secure Engineering Processes Palo Alto Networks will make its first major acquisition in nearly two years, scooping up application security startup Cider Security for at least $195 million. The Silicon Valley-based platform security behemoth will fork over $195 million of cash as well as replacement equity awards for Cider.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Security Affairs
NOVEMBER 17, 2022
Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. The public schools started experiencing a systems outage affecting critical operating systems on Monday, the outage occurred because they were victims of a ransomware attack detected over the weekend.
Data Breach Today
NOVEMBER 17, 2022
Department's Federated IT, Many Data Silos Complicate Security Efforts, Report Says The Department of Health and Human Services faces "significant challenges" in protecting data and technology from cyberthreats and improving how its various related entities share large volumes of critical data, including public health data, a new watchdog report says.
OpenText Information Management
NOVEMBER 17, 2022
Capture in the mailroom is not a new concept. It was first deployed in Europe in the aughts to understand the scanned contents of an envelope—to classify and route incoming mail to whomever it is addressed. It caught on in a more limited fashion in the U.S., often including integration with business process management (BPM) technology. … The post The new wave of digital mailroom automation appeared first on OpenText Blogs.
Data Breach Today
NOVEMBER 17, 2022
Palo Alto's First Big M&A Since Early 2021 Will Help Secure Engineering Processes Palo Alto Networks will make its first major acquisition in nearly two years, buying application security startup Cider Security for $300 million, Calcalist reported. Palo Alto later today will announce that it is spending $200 million in cash and $100 million worth of stock to consummate the deal.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Security Affairs
NOVEMBER 17, 2022
Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide.
eSecurity Planet
NOVEMBER 17, 2022
Speakers at last week’s MITRE ResilienCyCon conference had a surprisingly candid message for attendees: You will likely be breached at some point so focus on the controls and response capabilities your organization needs to survive a cyber attack. The conference’s focus on cyber resilience doesn’t mean that organizations should abandon core security defenses like EDR , access control and firewalls , but they should be prepared for the advanced threats that will, at some point,
IT Governance
NOVEMBER 17, 2022
Medibank faced angry questioning during its annual general meeting yesterday as shareholders sought explanations for the organisation’s response to last month’s cyber attack. The Australian health insurance giant fell victim to ransomware in October, as a result of which the personal data of 9.7 million current and former customers was compromised. In most cases, basic personal information – such as their name, date of birth, email address, phone number and gender – was exposed.
Security Affairs
NOVEMBER 17, 2022
A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. The sophisticated phishing campaign exploits the reputation of international brands and targets businesses in multiple industries, including retail, banking, travel, and energy.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
KnowBe4
NOVEMBER 17, 2022
As we enter the holiday season, we start getting bombarded with amazing offers and often take advantage of not only grabbing ourselves a bargain, but also stockpiling gifts for friends and family. During this time, not a day goes by where we do not receive a couple of packages, to the extent that we often become friendly on a first name basis with the delivery drivers.
Jamf
NOVEMBER 17, 2022
What does Jamf's purchase of ZecOps mean for Jamf solutions? And how can IT administrators take advantage of these advanced mobile security features?
Collibra
NOVEMBER 17, 2022
The Grace Hopper Celebration is the world’s largest annual gathering of women and non-binary people in technology. Named for computer science pioneer Admiral Grace Hopper, the event celebrates her legacy and the many contributions women and non-binary people have made in technology. The conference is an opportunity for attendees to develop their skill sets, experience the latest technologies, and be inspired by stories of other women and non-binary people who are leading innovation, overcoming o
Dark Reading
NOVEMBER 17, 2022
The socially engineered campaign used a legitimate domain to send phishing emails to large swaths of university targets.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
NOVEMBER 17, 2022
A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. “ Vyacheslav “Tank” Penchukov , the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Eur
Dark Reading
NOVEMBER 17, 2022
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.
WIRED Threat Level
NOVEMBER 17, 2022
Elon Musk laid off half the staff, and mass resignations seem likely. If nobody’s there to protect the fort, what’s the worst that could happen?
KnowBe4
NOVEMBER 17, 2022
A new report from the UK’s National Cyber Security Center highlights the current state of threats in the UK, with particular focus on ransomware attacks and their impact.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
NOVEMBER 17, 2022
Stop chatty apps from oversharing and eliminate a hacker backdoor — train developers on "security first" while subjecting APIs to least-privilege zero-trust policies.
KnowBe4
NOVEMBER 17, 2022
Leveraging a legitimate feature of Dynamics 365, threat actors are able to obfuscate the malicious nature of the email within content that naturally requires user interaction.
IG Guru
NOVEMBER 17, 2022
Register for the event here. Join a panel of information governance experts as they unpack and discuss the new International Standard for Information Governance (ISO 24143) from the International Organization for Standardization (ISO). Business people understand that information is a critical asset that is indispensable in supporting business outcomes.
Expert insights. Personalized for you.
300 
Let's personalize your content