Data Breach Today
MARCH 24, 2021
Investigation Continues; Law Enforcement Notified Insurance provider CNA reported Tuesday it was victimized over the weekend by a "cybersecurity attack" that caused a network disruption and impacted certain systems, including corporate email.
Security Affairs
MARCH 24, 2021
Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. After the public disclosure of ProxyLogon vulnerabilities, multiple threat actors started targeting vulnerable Microsoft Exchange servers exposed online. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 24, 2021
MalwareHunter Team Finds Updated Capabilities The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunter Team report.
Schneier on Security
MARCH 24, 2021
It’s not yet very accurate or practical, but under ideal conditions it is possible to figure out the shape of a house key by listening to it being used. Listen to Your Key: Towards Acoustics-based Physical Key Inference. Abstract: Physical locks are one of the most prevalent mechanisms for securing objects such as doors. While many of these locks are vulnerable to lock-picking, they are still widely used as lock-picking requires specific training with tailored instruments, and easily raise
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 24, 2021
Malware Spreads Via Indiscriminate Port Scanning The developers behind the Purple Fox fileless downloader malware have upgraded their operation and are using worm capability to target internet-facing devices running Windows, the security firm Guardicore Labs reports.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 24, 2021
Attack Code 'Rudimentary and Amateurish’ But Still a Threat Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
Security Affairs
MARCH 24, 2021
Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Were such detailed personally identifiable information (PII) to fall in the wrong hands, it could have been used in the execution of a wide range of cyber threats.
Data Breach Today
MARCH 24, 2021
Client Says Third-Party Administrator Paid for Promise to Destroy Exfiltrated Data A third-party claims administrator of health and social services programs for the elderly apparently paid a ransom to Netwalker attackers about a month before global law enforcement officials disrupted the gang in January.
Security Affairs
MARCH 24, 2021
Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco has addressed a critical arbitrary program execution issue, tracked as CVE-2021-1411 , that affects several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco Jabber delivers instant messaging, voice and video calls, voice messaging, desktop sharing, conferencing, and presence. .
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MARCH 24, 2021
Incident Raises Cybersecurity Questions, Experts Say A phishing attack that targeted a unit of the California State Controller’s Office, exposing Social Security numbers and other sensitive information, should raise questions about the type of security deployed by the agency and prompt a fresh examination of its cybersecurity plans, some security experts say.
Security Affairs
MARCH 24, 2021
Microsoft revealed that 92% of all on-premises Microsoft Exchange servers exposed online affected by the ProxyLogon vulnerabilities are now patched. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues collectively tracked as ProxyLogon (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild.
Data Breach Today
MARCH 24, 2021
Tim Zimmerman Says Organizations Need IoT Security Policies What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
DLA Piper Privacy Matters
MARCH 24, 2021
Authors: Carolyn Bigg , Venus Cheung. Operators of e-commerce platforms, websites and apps in China, and those using third party e-commerce, social media or livestreaming platforms to sell their products and services in China, must update their operations, services and systems in advance of wide-ranging new rules. The Measures for the Supervision and Administration of Online Transactions (“Measures”) will come into force on 1 May 2021.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
MARCH 24, 2021
Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.
Threatpost
MARCH 24, 2021
The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations.
Daymark
MARCH 24, 2021
Properly securing assets is a constant challenge for IT. Staying one step ahead of the bad actors is a never-ending job and with a well-known shortage of IT security professionals, it’s critical that those of us responsible for protecting systems, networks and data are smart about deploying tools that will help remediate or minimize cybersecurity risks.
Threatpost
MARCH 24, 2021
A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Hunton Privacy
MARCH 24, 2021
On March 12, 2021, the Cyberspace Administration of China released Provisions on the “Scope of Necessary Personal Information Required for Common Types of Mobile Internet Applications” (the “Provisions”) (available here in Chinese ). The Provisions generally are consistent with the draft version previously issued for public comments on December 1, 2020 and include additional details, as well as new provisions relating to ticketing applications ( e.g. , those for purchasing seats at performances)
Dark Reading
MARCH 24, 2021
Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.
Jamf
MARCH 24, 2021
UK senior account leaders at Jamf teamed up with the Executive Leaders Network for a roundtable discussion on what’s in store for 2021.
WIRED Threat Level
MARCH 24, 2021
The company’s investigation into a Chinese espionage campaign took researchers beyond Facebook’s own platforms.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
IG Guru
MARCH 24, 2021
Check out the press release here. The post Defense Commissary Agency’s Rollout Of Feith RMA IQ Receives Prestigious DoD CIO Award appeared first on IG GURU.
Dark Reading
MARCH 24, 2021
Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.
Threatpost
MARCH 24, 2021
CEO says Apple rejected a security update needed to protect human-rights abuse evidence.
Dark Reading
MARCH 24, 2021
The company believes the attack's impact is limited to its internal IT systems and corporate websites.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
MARCH 24, 2021
Vast swathes of companies were likely compromised before patches were applied, so the danger remains.
eSecurity Planet
MARCH 24, 2021
Google Chrome is the most widely used web browser on the market by a landslide, so bugs and other vulnerabilities can spell disaster if an attempted hack is successful. Recent reports that multiple bugs in the Chrome code were being actively exploited have raised flags about the risks associated with potential zero-day attacks. As an IT admin, you should be aware of what implications the exploited vulnerability has for Chrome users in your company as well as what cybersecurity measures you can t
Dark Reading
MARCH 24, 2021
As companies hit the gas to accommodate the rapid shift to work-from-home, security fell behind. Now, it's time to close those gaps.
Expert insights. Personalized for you.
339 
Let's personalize your content