Data Breach Today
FEBRUARY 8, 2021
CEOs and CISOs on Threats Targeting Known and Unknown Assets In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
Krebs on Security
FEBRUARY 8, 2021
Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 8, 2021
Big Step Back: Move Carries Steep Bureaucratic and Usability Costs After being hit by SolarWinds hackers, the Administrative Office of the U.S. Courts instructed the nation's district courts to restrict the filing of sensitive information to hard copy or "secure electronic devices." But will this defense create an even bigger bureaucratic fallout than the attack itself?
DXC Technology
FEBRUARY 8, 2021
We rang in 2020 with all the expectations that cloud computing would continue its progression as a massive catalyst for digital transformation throughout the enterprise. What we didn’t expect was a worldwide health crisis that led to a huge jump in cloud usage. Cloud megadeals have heralded a new era where cloud is a key […].
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 8, 2021
Firm Must Implement Security Improvements Following Exposure of Records A finalized Federal Trade Commission settlement specifies security improvements that SkyMed, a company that provides medical emergency travel services, must implement following the leaking of 130,000 membership records.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 8, 2021
Investigation Follows Report of Data for Sale on Darknet Reacting to news reports that some of the more than 220 million personal records on Brazilians that have been offered for sale on the darknet appear to be associated with Experian's Serasa subsidiary, the credit reporting firm says its investigation has turned up no evidence its systems have been compromised.
Security Affairs
FEBRUARY 8, 2021
Microsoft implements alerts for ‘nation-state activity’ in the Defender for Office 365 dashboard, to allow organizations to quickly respond. Since 2016 , Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The new security alert will notify companies when their employees are being targeted by state-sponsored attacks.
Data Breach Today
FEBRUARY 8, 2021
Researchers Warn of Yet Another Way to Boost Attacks Researchers with NetScout are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify DDoS attacks. The FBI has also warned about increases in DDoS attacks that use these types of amplification techniques.
Adam Levin
FEBRUARY 8, 2021
An Android app with over 10 million installations spread malware to its users in a recent update. Barcode Scanner is an app available in the Google Play store for Android devices. A December 2020 update infected users with a Trojan-style malware that bombards users with unwanted advertising. The app has been a popular download among Android users for several years and before the most recent update had never engaged in questionable practices.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
FEBRUARY 8, 2021
Officials Halted Dangerous Change in Level of Lye in System A hacker breached a Florida city's water treatment network on Monday, increasing the amount of lye that would be added to the water to a dangerous level. Officials caught the change immediately and reversed it. Reuters reports the system was accessed using the TeamViewer remote access software.
Threatpost
FEBRUARY 8, 2021
In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.
Security Affairs
FEBRUARY 8, 2021
Pinellas Sheriff revealed that attackers tried to raise levels of sodium hydroxide, by a factor of more than 100, in the Oldsmar’s water supply. The scenario described by Pinellas Sheriff Bob Gualtieri is disconcerting, an attacker attempted to raise levels of sodium hydroxide, also known as lye, by a factor of more than 100, in Oldsmar’s water supply.
Schneier on Security
FEBRUARY 8, 2021
Hackers are exploiting zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat affects the SonicWall SMA 100 series devices. We are working closely with SonicWall to investigate this in more depth.” In Monday’s update, SonicWall representatives said the company’s engineering team confirmed that the submission by NCC Group included a “critical zero-day” in the SMA 100 s
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
FEBRUARY 8, 2021
Cybercriminals devised a new phishing technique that leverages the Morse code to hide malicious URLs and bypass defense. Experts spotted a new targeted phishing campaign that leverages a new obfuscation technique based on the Morse code to hide malicious URLs in an email attachment and bypass secure mail gateways and mail filters. The Morse code encodes each letter and number in a series of dots and dashes.
Threatpost
FEBRUARY 8, 2021
About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection.
Security Affairs
FEBRUARY 8, 2021
Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google last week announced the OSV ( Open Source Vulnerabilities ), a vulnerability database and triage infrastructure for open source projects. The database aims at helping both open source maintainers and consumers of open source projects.
IG Guru
FEBRUARY 8, 2021
Photo from LinkedIn Nick announced his departure via LinkedIn here. The post Nick Inglis, the developer of Information Governance Implementation Model (IGIM), announces departure from ARMA International appeared first on IG GURU.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 8, 2021
The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. Good news for the victims of the Ziggy ransomware, the ransomware operators have shut down their operations and released the victims’ decryption keys. The victims can now recover their encrypted files without needing to pay the ransom.
Schneier on Security
FEBRUARY 8, 2021
It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator : ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company’s official API (api.bignox.com) and file-hosting servers (res06.bignox.com). Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users. […].
Security Affairs
FEBRUARY 8, 2021
Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten , also tracked as APT-C-50, is an Iran-linked APT group that has been active at least since 2018. In 2018, researchers at security firm CheckPoint uncovered an extensive surveillance operation conducted by Domestic Kitten aimed at specific groups of domestic individuals that were considered a threat to the Iranian regime. “In this in
WIRED Threat Level
FEBRUARY 8, 2021
The attacker upped sodium hydroxide levels in the Oldsmar, Florida, water supply to extremely dangerous levels.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
FEBRUARY 8, 2021
Security researchers examine how and when Emotet's operators may resurface, and the threats that could evolve in the meantime.
Threatpost
FEBRUARY 8, 2021
Remote work continues to fueling a spike in phishing and cyberattacks, particularly in the U.S.
Dark Reading
FEBRUARY 8, 2021
Attackers are using legitimate enterprise tools to execute attacks and carry out malicious actions. Security teams must take action now.
Threatpost
FEBRUARY 8, 2021
A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
FEBRUARY 8, 2021
An open source plug-in purportedly introduced tracking and malicious download code to infect nearly 2 million users, reports say.
National Archives Records Express
FEBRUARY 8, 2021
As part of our Federal Electronic Records Modernization Initiative (FERMI) , we are working to make it easier for Federal agencies to obtain electronic records management (ERM) services and solutions that will meet their needs. Agencies often request sample procurement documents from other agencies, such as Statements of Objectives, Statements of Work, Requests for Information, and Requests for Proposals.
Dark Reading
FEBRUARY 8, 2021
Remote access interface breached at Florida utility; attacker detected raising level of sodium hydroxide in water.
Expert insights. Personalized for you.
358 
Let's personalize your content