Rocket Software

APRIL 7, 2022

Businesses are seeing a sharp increase in data production year over year, while the number of places data is stored grows exponentially. This explosion of data and the ways we protect data comes in combination with constant changes in the market—economic, technological, and shifts in buyer behavior to name a few. Such an unpredictable landscape makes a strong data infrastructure an imperative, so that businesses can maintain uninterrupted focus on their pursuits of goals and ROI.

IT 52

IT Cloud Archiving Compliance 52

Data Breach Today

APRIL 7, 2022

Three Aspects of Governance that Need Consideration If an organization doesn’t know who is accessing what, how can they be trusted to make sure a bad actor isn’t gaining access to data, assets, or systems they shouldn’t?

Access 260

Access Government Cybersecurity 260

Krebs on Security

APRIL 7, 2022

The U.S. Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups.

Marketing 247

Marketing Energy and Utilities Ransomware Blockchain 247

Data Breach Today

APRIL 7, 2022

Revised Draft Guidance Lists Security Asks for Premarket Medical Device Submissions The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.

Cybersecurity 259

Cybersecurity Risk Security 259

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

Hunton Privacy

APRIL 7, 2022

On February 28, 2022, the Emirate of Dubai enacted Law No. 4 of 2022 on the Regulation of Virtual Assets (“ VAL ”) and established the Dubai Virtual Assets Regulatory Authority (“ VARA ”). By establishing a legal framework for businesses related to virtual assets, including crypto assets and non-fungible tokens ( NFTs ), this landmark law reflects Dubai’s vision to become one of the leading jurisdictions for entrepreneurs and investors of blockchain technology.

IT 145

IT Blockchain Financial Services Personal data 145

Security Affairs

APRIL 7, 2022

Experts discovered a vulnerability, tracked as CVE-2022-22292, which can be exploited to compromise Android 9, 10, 11, and 12 devices. Researchers from mobile cybersecurity firm Kryptowire discovered a vulnerability, tracked as CVE-2022-22292 , in Android 9, 10, 11, and 12 devices. The vulnerability resides in the pre-installed Phone app that executes with system privileges on Samsung devices.

Cybersecurity 129

Cybersecurity Security Access Information Security 129

Data Breach Today

APRIL 7, 2022

Also: Analyzing the Okta Breach; Fraud Trends With Digital Onboarding In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.

Privacy 243

Privacy Information Security Cybersecurity Risk 243

Troy Hunt

APRIL 7, 2022

Supporting national governments has been a major cornerstone of Have I Been Pwned for the last 4 years. Today, I'm very happy to welcome the 31st government on board, Serbia! The National CERT and the Gov-CERT of the Republic of Serbia now has free and complete access to query their government domains via API. Visibility into the exposure of government departments in data breaches remains a valuable service I'm glad to see continuing to be taken up by national CERTs.

Government 118

Government Data breaches Access 118

Data Breach Today

APRIL 7, 2022

This edition discusses the latest episode of "The Ransomware Files," which covers the REvil ransomware gang's 2021 attack on Kaseya. It also examines how healthcare entities can prepare for potential spillover attacks from the hybrid Russia-Ukraine war and highlights from ISMG's Chicago Summit.

Ransomware 243

Ransomware IT 243

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Protection Report

APRIL 7, 2022

A third regulator has recently entered into a proposed consent that includes a $500,000 fine based in part on a company’s over-retention of personal data for longer than it was needed. The first regulator was the French data protection authority, the CNIL, in 2021, which we wrote about here. The second regulator was the New York Attorney General in January of 2022, which we described here.

Privacy 113

Privacy Compliance Insurance Data collection 113

Data Breach Today

APRIL 7, 2022

EDR Vendors Face 'an Existential Crisis' as Businesses Increasingly Use the Cloud CrowdStrike, Microsoft and Trend Micro sit atop the Forrester Wave for endpoint detection and response as vendors grapple with business data increasingly moving to the cloud. This has forced EDR providers to build out full-fledged Extended Detection and Response platforms that protect cloud data.

Cloud 241

Cloud 241

Hunton Privacy

APRIL 7, 2022

On April 7, 2022, the European Data Protection Board (the “EDPB”) released a statement on the announcement of a new Trans-Atlantic Data Privacy Framework (the “Statement”). A new framework for transfers of personal data between the EU and the U.S. has been needed since the previous EU-U.S. Privacy Shield framework was annulled by the Court of Justice of the European Union (“CJEU”) in the Schrems II judgment in July 2020.

Privacy 105

Privacy Personal data Data Privacy Security 105

KnowBe4

APRIL 7, 2022

New insights into the state of data security show a clear focus on the weakest part of your security stance – your users – and organizations doing little to address it.

Cybersecurity 103

Cybersecurity Security IT Security awareness 103

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

Dark Reading

APRIL 7, 2022

Risk increases as the lines between physical and digital supply chains blur and the computing footprint expands.

Risk 123

Risk 123

KnowBe4

APRIL 7, 2022

Last month, Latvian and Lithuanian police – in conjunction with Europol – coordinated a raid on 3 call centers responsible for an international effort to defraud victims worldwide.

93

93

Threatpost

APRIL 7, 2022

Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds.

Access 92

Access 92

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778 , that affects the BN_mod_sqrt() function used when certificate parsing.

Libraries 92

Libraries Cybersecurity Authentication Cloud 92

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

KnowBe4

APRIL 7, 2022

A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It’s not clear who the attackers were, but they used an old version of a road safety operations website belonging to Russia’s Ministry of Internal Affairs, which helped the emails to bypass authentication checks.

Phishing 86

Phishing Authentication 86

Security Affairs

APRIL 7, 2022

VMware fixed critical vulnerabilities in multiple products that could be exploited by remote attackers to execute arbitrary code. VMware has addressed critical remote code vulnerabilities in multiple products , including VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products.

Authentication 87

Authentication Risk Cloud Cybersecurity 87

Schneier on Security

APRIL 7, 2022

The Justice Department announced the disruption of a Russian GRU-controlled botnet: The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. government has previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation

Manufacturing 86

Manufacturing Government Access Security 86

WIRED Threat Level

APRIL 7, 2022

The proposal would stop the biggest platforms from giving themselves an advantage over the little guys. Who's afraid of a little competition?

Security 97

Security 97

Advertisement

While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.

Artificial Intelligence

Security Affairs

APRIL 7, 2022

Recently discovered malware loader Colibri leverages a trivial and efficient persistence mechanism to deploy Windows Vidar data stealer. Malwarebytes researchers observed a new loader, dubbed Colibri, which has been used to deploy a Windows information stealer tracked as Vidar in a recent campaign. The Colibri Loader first appeared in the threat landscape in August 2021 when it was advertised in the underground forums.

Cybersecurity 84

Cybersecurity IT Security Information Security 84

IG Guru

APRIL 7, 2022

Check out the post here. The post AWS Announces Data Transfer Price Reduction for AWS PrivateLink, AWS Transit Gateway, and AWS Client VPN services appeared first on IG GURU.

Information governance 82

Information governance Government Information Security Security 82

Dark Reading

APRIL 7, 2022

Collaboration between the two firms will help organizations better identify and protect against complexity cyberthreats, chief executives from both companies said.

IT 84

IT 84

John Battelle's Searchblog

APRIL 7, 2022

Caveat: This will likely be one of my longish, link-heavy Thinking Out Loud pieces, so I invite you all to pour yourselves a glass of your favorite adult beverage or rustle up a fine cannabis pairing, should you care to indulge… As The Recount prepares for a major launch this spring, I found myself again contemplating the state of digital marketing – a subject I’ve written about extensively over the years.

Marketing 72

Marketing IT Risk Sales 72

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

APRIL 7, 2022

Trendy restaurant tables now feature QR codes that lead to menus, payment apps, and CISO nightmares.

92

92

Threatpost

APRIL 7, 2022

Huntress Labs R&D Director Jamie Levy busts the old “Macs don’t get viruses” myth and offers tips on how MacOS malware differs and how to protect against it.

IT 67

IT Security 67

Dark Reading

APRIL 7, 2022

Members of BlackMatter, and possibly REvil, have likely resurfaced in the new ransomware-as-a-service group ALPHV, whose primary tool is the BlackCat malware.

Ransomware 90

Ransomware 90