The Last Watchdog

FEBRUARY 3, 2020

Less than 48 hours after the killing of Iran’s General Qasem Soleimani, the U.S. Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” Related: Cyber warfare enters Golden Age In fact, strategic cyber operations essentially pitting Russia and Iran against the U.S. and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes

Energy and Utilities 263

Energy and Utilities Access Cybersecurity Passwords 263

Data Breach Today

FEBRUARY 3, 2020

Lessons Learned from WannaCry and Other Attacks The National Institute of Standards and Technology has unveiled a pair of draft practice guidelines that offer updated advice and best practices on how to protect the confidentiality, integrity and availability of data in light of increasing threats from ransomware and other large-scale cyber events.

Ransomware 217

Ransomware 217

Jamf

FEBRUARY 3, 2020

This year's global education technology show Bett has a lot of gadgets and flash. But do they actually impact education?

Education 121

Education 121

Data Breach Today

FEBRUARY 3, 2020

Prosecutors Back Down After Misunderstanding Led to Arrests Iowa prosecutors have dropped all charges against two penetration testers who were contracted to test the electronic and physical security of three judicial facilities, only to be arrested for trespassing. The case highlights how a lack of communication before penetration tests can have serious consequences.

Communications 195

Communications Security 195

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

WIRED Threat Level

FEBRUARY 3, 2020

With his "Google Maps Hack," artist Simon Weckert draws attention to the systems we take for granted—and how we let them shape us.

Privacy 112

Privacy Security 112

WIRED Threat Level

FEBRUARY 3, 2020

EKANS appears to be the work of cybercriminals, rather than nation-state hackers—a worrying development, if so.

Ransomware 111

Ransomware Security 111

Data Breach Today

FEBRUARY 3, 2020

Group Using HTML Redirectors to Deliver Malware After a hiatus, TA505 - a sophisticated APT group that has targeted financial companies and retailers in several countries, including the U.S. - has returned with a campaign that uses HTML redirectors to deliver malicious Excel documents, according to Microsoft and other security researchers.

Retail 147

Retail Security 147

Security Affairs

FEBRUARY 3, 2020

Apple researcher discovered an important vulnerability ( CVE-2019-18634 ) in ‘ sudo’ utility that allows non-privileged Li nux and m acOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘ sudo ‘ utility, tracked as CVE-2019-18634 , that allows non-privileged Linux and macOS users to run commands as Root.

Passwords 86

Passwords Security IT Access 86

Data Breach Today

FEBRUARY 3, 2020

Cyber Threats to Medical Technology has Never Been Greater Securing medical devices properly is of crucial importance. However, before this goal can be completely achieved, there are several challenges to overcome.

Security 140

Security 140

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

FEBRUARY 3, 2020

Hackers have already compromised more than 2,300 Linear eMerge E3 building access systems exploiting a severe vulnerability that has yet to be fixed. L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices.

Access 83

Access Passwords Risk Retail 83

Schneier on Security

FEBRUARY 3, 2020

Interesting research -- " Phantom Attacks Against Advanced Driving Assistance Systems ": Abstract : The absence of deployed vehicular communication systems, which prevents the advanced driving assistance systems (ADASs) and autopilots of semi/fully autonomous cars to validate their virtual perception regarding the physical environment surrounding the car with a third party, has been exploited in various attacks suggested by researchers.

Paper 98

Paper Communications 98

Security Affairs

FEBRUARY 3, 2020

Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them. The alert was launched by a senior p olice officer, cyber criminals are p lanting so-called “sleepers” in cleaning companies so that they can gau physical access IT infrastructure and hack them. The police are urging organizations to bolster their physical security processes.

Security awareness 79

Security awareness Access Privacy Security 79

Dark Reading

FEBRUARY 3, 2020

One CTO tells us about his belated pursuit of a foundational infosecurity certification -- why he wanted it and what it took.

IT 80

IT 80

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

FEBRUARY 3, 2020

TVEyes was brought down after its core server and engineering workstations were infected with a ransomware attack, company CEO confirmed. TVEyes is a company that manages a popular platform for monitoring TV and radio news broadcasts, it is used worldwide by PR agencies and newsrooms. On Thursday night, a ransomware attack hit the company network causing an outage of its multimedia messaging and data feed services (i.e.

Ransomware 62

Ransomware IT Security Information Security 62

Dark Reading

FEBRUARY 3, 2020

There's been a sharp increase in scans for vulnerable Nortek Linear Emerge E3 systems, SonicWall says.

Access 89

Access 89

Threatpost

FEBRUARY 3, 2020

The tricky trojan evolves yet again, remaining one of the most advanced vehicles for delivering malware.

71

71

Dark Reading

FEBRUARY 3, 2020

Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps.

68

68

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

FEBRUARY 3, 2020

Popular trojan is sneaking its way onto PCs via malspam campaign that uses three levels of encryption to sneak past cyber defenses. Cryptography Malware.

Encryption 56

Encryption IT 56

Dark Reading

FEBRUARY 3, 2020

Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.

Phishing 65

Phishing 65

The Texas Record

FEBRUARY 3, 2020

This could be you. We are excited to announce that we will be hosting local government classes on: March 18 – 19, 2020 May 6 – 7, 2020. Each class is $20 per person, per day. Class size is limited to 24 people so register today ! Classes are being held at the Lorenzo de Zavala Archives and Library building, 1201 Brazos St., Austin, TX 78701.

Records Management 53

Records Management Government Libraries Archiving 53

DXC Technology

FEBRUARY 3, 2020

Are your meetings like the weather? You know, everyone complains about them, but no one seems to be able to do anything about it. We’ve all endured long, boring meetings that feel endless. And we’ve all struggled through an exhausting, frantic week overfilled with back-to-back meetings. The higher your job title, the more time you […].

IT 53

IT 53

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

FEBRUARY 3, 2020

A new extortion attack has targeted hundreds of users affected by the Ashley Madison breach over the past week.

Data breaches 63

Data breaches Phishing Security 63

Information Management Resources

FEBRUARY 3, 2020

The European Union has accepted there is no escape from facial recognition, but is seeking to ensure any roll-out that includes U.S. and Chinese players will abide by European values like strict personal privacy.

Privacy 50

Privacy Data Privacy 50

Threatpost

FEBRUARY 3, 2020

Researchers were able to fool popular autopilot systems into perceiving projected images as real - causing the cars to brake or veer into oncoming traffic lanes.

Security 50

Security 50

Dark Reading

FEBRUARY 3, 2020

Although the ransomware is unsophisticated, the malware does show that some crypto-attackers are targeting certain industrial control products.

Ransomware 67

Ransomware 67

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

IG Guru

FEBRUARY 3, 2020

A piece written by Executive Director of NAID & PRISM, Bob Johnson, shines a light on two people who made a difference in the RIM industry. Check it out here. The post NAID & PRISM International 2020 Conference: Saying Good-Bye to Two People Who Made a Big Difference appeared first on IG GURU.

IT 52

IT Information governance Government 52

Dark Reading

FEBRUARY 3, 2020

While device-aware two-factor authentication is no panacea, it is more secure than conventional SMS-based 2FA. Here's why.

Authentication 54

Authentication Security IT 54

The Security Ledger

FEBRUARY 3, 2020

The U.S. Department of Homeland Security warned of critical vulnerabilities in a range of products by GE. We speak with Elad Luz, the head of research at CyberMDX, which discovered the holes. The post Episode 174: GE’s Very Bad Day – Unpacking the MDHex Vulnerabilities appeared first on The Security Ledger. Related Stories Spotlight Podcast: Building Resilience into the IoT with Rob Spiger Episode 170: Cyber Monday is for Hackers Episode 172: Securing the Election Supply Chain.

IoT 40

IoT Risk Cybersecurity Security 40