Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties.

Insurance 284

Insurance Financial Services Mining Access 284

Data Breach Today

JULY 23, 2020

Latest Attacks Use Amplification Techniques The FBI is warning of an increase in distributed denial-of-service attacks using amplification techniques that are targeting U.S. organizations. The bureau notes that it's seen an uptick in attack attempts since February.

IT 259

IT 259

Security Affairs

JULY 23, 2020

Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services due to a ransomware attack that targeted its internal network and some production systems. “We are currently experiencing an outage that affects Garmin.com and Garmin Connect,” reads a statement published by the company on its website. “This outage also

Ransomware 132

Ransomware IT Data breaches Security 132

Data Breach Today

JULY 23, 2020

Researchers: Recently Uncovered Hacking Group Has Been Operating Since 2014 An hacking group that appears to have ties to the government of China has been targeting victims in India and Hong Kong, according to the security firm Malwarebytes.

Government 240

Government Security 240

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Threatpost

JULY 23, 2020

The flaw exists in Cisco's network security Firepower Threat Defense (FTD) software and its Adaptive Security Appliance (ASA) software.

Security 136

Security IT 136

Security Affairs

JULY 23, 2020

Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint,NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in.NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack of check of the source markup of XML file input, it could be exploited by an attacker to run arbitrary code in the context of the process wh

Security 107

Security IT Information Security 107

Data Breach Today

JULY 23, 2020

Company Could Be Fined $1,000 for Each Violation of State Cybersecurity Law The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co., which has been accused of exposing hundreds of millions of documents that contained customers' mortgage and personal data.

Insurance 231

Insurance Financial Services Personal data Cybersecurity 231

Threatpost

JULY 23, 2020

Garmin's services, websites and customer service have all been down since Wednesday night.

Ransomware 144

Ransomware Cloud Security 144

Data Breach Today

JULY 23, 2020

Social Media Company Says Fraudsters Accessed Information on These Accounts A Dutch lawmaker's Twitter account is among 36 that had some personal data compromised earlier this month when hackers targeted 130 verified accounts and launched a cryptocurrency scam. The politician told Reuters his direct messages were accessed.

Personal data 221

Personal data Access 221

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The notorious Lazarus Group is using a new multi-platform malware framework, dubbed MATA, in attacks aimed at organizations worldwide, to deploy Kaspersky researchers observed that MATA was used by the threat actors to distribute ransomware (i.e.

Ransomware 100

Ransomware Encryption IoT Authentication 100

Data Breach Today

JULY 23, 2020

Nationally Chartered Banks Can Be Custodians of Cryptographic Keys for Wallets Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.

130

130

Dark Reading

JULY 23, 2020

A Black Hat presentation will discuss how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.

Encryption 100

Encryption Security 100

WIRED Threat Level

JULY 23, 2020

Abusers can use shared accounts to stalk and harass victims, and plans aren’t always easy to escape.

Risk 112

Risk Privacy Security 112

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

OpenText Information Management

JULY 23, 2020

The past few months have posed significant challenges for organizations around the globe as we adjust to new and remote ways of working. At OpenText™, we quickly shifted to a new work reality while continuing to innovate and deliver quality products and services to our customers. In April 2020, we committed to delivering quarterly updates … The post Delivering innovation when our customers need it most appeared first on OpenText Blogs.

IT 78

IT 78

Threatpost

JULY 23, 2020

The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.

Access 96

Access IoT Security 96

Schneier on Security

JULY 23, 2020

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial Machine Learning is booming with ML researchers increasingly targeting commercial ML systems such as those used in Facebook, Tesla, Microsoft, IBM, Google to demonstrate vulnerabilities.

Paper 102

Paper Risk Security 102

Threatpost

JULY 23, 2020

Privacy commissioners worldwide urged video conferencing systems like Microsoft, Cisco and Zoom to adopt end-to-end encryption, two-factor authentication and other security measures.

Privacy 76

Privacy Authentication Encryption Security 76

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

JULY 23, 2020

Twilio says attackers accessed its misconfigured cloud storage system and altered a copy of the JavaScriptSDK it shares with customers.

Cloud 91

Cloud Security Access IT 91

Threatpost

JULY 23, 2020

COVID-19 has changed the face of cybercrime, as the latest malware statistics show.

Ransomware 108

Ransomware Encryption IoT Cloud 108

Dark Reading

JULY 23, 2020

Open source software for creating deepfakes is getting better and better, to the chagrin of researchers

93

93

PerezBox

JULY 23, 2020

What does the selling process consist of? This seems to be one of the most common questions I get when I talk to other Founders. This article is designed for. Read More. The post The Selling Process appeared first on PerezBox.

72

72

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

JULY 23, 2020

Developers, governments, and regulators must work with the cybersecurity industry to apply rigorous standards to contact-tracing apps to make sure that the societal impact of COVID-19 doesn't extend into personal privacy.

Privacy 70

Privacy Data Privacy Cybersecurity Government 70

Collibra

JULY 23, 2020

On July 16, 2020 the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield as an adequate framework for regulating exchanges of personal data between the European Union and United States. This decision introduces greater complexities to those managing data privacy because many multinational organizations relied on the Privacy Shield for cross-border data transfers.

Personal data 59

Personal data Data Privacy Privacy Compliance 59

Dark Reading

JULY 23, 2020

Intruders had access to direct messages associated with 36 accounts in last week's attack, social media giant discloses.

Access 85

Access 85

Adam Levin

JULY 23, 2020

The U.S. Justice Department has accused two Chinese hackers of conducting a massive campaign of intellectual property theft, including Covid-19 vaccine research. In the indictment filed in early July and unsealed earlier this week, the Justice Department accused Li Xiaoyu and Dong Jiazhi of stealing terabytes of research and data over the last several years.

Access 52

Access Security Government 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

JULY 23, 2020

The service has reportedly hired a security firm after 17 million user records were found on a public hacking forum.

Data breaches 76

Data breaches Security 76

Information Governance Perspectives

JULY 23, 2020

Resolving Disputes During & Post COVID-19 Online Dispute Resolution (ODR) Leads the Way – Session 2. It was a pleasure providing an overview of collaboration and videoconferencing tools including CourtCall , Zoom , GoogleMeet, and Microsoft Teams for Execusummit Online earlier this month. Here are slides from the deck, a link to the presentation , and a transcript of my prepared remarks.

Cybersecurity 52

Cybersecurity Passwords Risk IT 52

Dark Reading

JULY 23, 2020

Here are the trends and topics that'll capture the limelight at next month's virtual event.

Cybersecurity 83

Cybersecurity 83