Thu.Apr 09, 2020

article thumbnail

UK and US Security Agencies Sound COVID-19 Threat Alert

Data Breach Today

Fraudsters and APT Gangs Hit Remote Workers With Phishing, Spyware, Ransomware Cybercrime groups and nation-state hacking gangs are continuing to exploit the COVID-19 pandemic to further their aims, U.K. and U.S. security agencies warn in a joint alert. While overall attack levels haven't increased, they say, "the frequency and severity of COVID-19-related cyberattacks" looks set to surge.

Security 347
article thumbnail

How Do I Tame My Information Chaos? 3 Ways to Address it Head-On

AIIM

Before we get into how to tame your Information Chaos, let’s take a step back and look at WHY so many of us are experiencing it. These days, business information can come from anywhere, anytime, and in any form. Match this up with a growing volume and variety of the information we’re creating, and you can see how it can quickly get out of hand and become unmanageable without some strategies in place.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CISO Conversations: 'Moving at the Speed of Medicine'

Data Breach Today

Cris Ewell of UW Medicine on the Challenge of Responding to COVID-19 Washington state was the initial epicenter of the COVID-19 outbreak in the U.S., and Cris Ewell was at the heart of the crisis as CISO of UW Medicine. He shares his insights and lessons learned from supporting caregivers and a remote workforce during the pandemic.

256
256
article thumbnail

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

The Last Watchdog

There’s no stopping the Internet of Things now. Related: The promise, pitfalls of IoT Companies have commenced the dispersal of IoT systems far and wide. Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers. And fantastic new IoT-enabled services will spew out of the other end.

IoT 167
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Faces of Fraud 2020: COVID-19's Impact

Data Breach Today

Panel Discussion on Detecting and Defending Against Emerging Threats The cyberthreat and fraud landscape is ever-changing, and attackers are upping the game with more advanced attacks. The COVID-19 pandemic has accelerated socially engineered schemes, such as phishing and virus-related scams. CISO Stephen Fridakis and consultant Rocco Grillo discuss how to ramp up defenses.

Phishing 239

More Trending

article thumbnail

Russia Used Fake US Documents for Disinformation: Report

Data Breach Today

'Operation Pinball' Used Social Media Posts, Forged Diplomatic Letters, Recorded Future Says A recent disinformation campaign that apparently originated in Russia used forged U.S. diplomatic documents and social media to spread false stories in Eastern Europe and Asia, according to a new research report, which warns that these tactics could be used against the U.S. in the run-up to the fall election.

242
242
article thumbnail

Data Intelligence for Disaster Planning and Business Continuity in the Face COVID-19 or Other Crises

erwin

COVID-19 has presented businesses with a new and immediate set of challenges that reinforce the need for data intelligence to inform disaster planning and business continuity. The coronavirus epidemic and its impacts are sharp and severe. And while its duration is uncertain, it is likely to permanently change the way businesses and societies function.

Metadata 132
article thumbnail

Latest Botnet Offers DDoS Attacks on Demand

Data Breach Today

Researchers at Bitdefender Describe Capabilities of 'Dark Nexus' The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch DDoS attacks on demand, according researchers at Bitdefender.

Access 222
article thumbnail

Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials

Threatpost

Emails purporting to be a Cisco "critical security advisory" are actually part of a phishing campaign trying to steal victims' Webex credentials.

Phishing 136
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Australian Signals Directorate (ASD) is hacking crooks behind Coronavirus-themed attacks

Security Affairs

The Australian government will use any means to crack down on cybercriminals exploiting the coronavirus outbreak, including hacking back. While the number of Coronavirus-themed attacks continues to increase, law enforcement agencies are spending a significant effort to detect and neutralize them. The Australian Signals Directorate (ASD) announced it will employ its offensive cyber capabilities against threat actors behind COVID19-themed attacks.

Access 120
article thumbnail

Schneier on Hacking Society

Dark Reading

How the hacker mindset and skill set could play a role in improving and securing societal systems, according to renowned security technologist Bruce Schneier.

Security 123
article thumbnail

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

Travelex reportedly paid a $2.3 million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. The UK-based currency exchange Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve. . The London-based company, which operates more than 1,500 stores globally, suffered the attack on December 31, 2019, The hackers infected the system at the company with a piece of the Sodinokibi ransomware that shut down operations a

article thumbnail

Microsoft Buys Corp.com

Schneier on Security

A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as " namespace collision ," a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. Windows computers on an internal corporate network validate other things on that network using a Microsoft innovation called Active Directory , which is th

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

German foreign ministry limits the use of Zoom over security concerns

Security Affairs

The German foreign ministry has restricted the use of the video conferencing service Zoom due to concerns about security vulnerabilities recently discovered. During Coronavirus pandemic video conferencing services have become a precious instrument for the people that worked or studied from home. Zoom is one of the most popular video conferencing platforms, but recently privacy and security issues have raised a heated debate on its usage.

Security 107
article thumbnail

California AG Issues Significant Changes to Draft CCPA Regulations as of March 2020

Data Protection Report

On February 7, 2020, and again on March 11, 2020, the Office of the Attorney General (OAG) issued revisions to the proposed California Consumer Privacy Act (CCPA) regulations, and there are some surprises in both the additions and in the deletions. For the CCPA regulations to become effective on July 1, the final regulation text must be filed with the Secretary of State by May 29.

Paper 98
article thumbnail

The Rise and Spread of a 5G Coronavirus Conspiracy Theory

WIRED Threat Level

From an interview with an obscure Belgian doctor to apparent arson attacks in the UK, the unfounded claim that the pandemic is linked to 5G has spread unlike any other.

article thumbnail

Recap of Objective by the Sea v3.0

Jamf

Last month, the third annual " Objective by the Sea " (OBTS) conference was held in Maui and Jamf had multiple speakers. Read our recap of this great conference.

98
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

COPPA Guidance for EdTech Companies and Schools During the Coronavirus

Hunton Privacy

On April 9, 2020, the Federal Trade Commission (“FTC”) issued guidance under the Children’s Online Privacy Protection Act (“COPPA”) for operators of educational technology (“EdTech”) used both in school settings and for virtual learning. The FTC’s guidance stresses that, while COPPA generally requires companies that collect personal information online from children under age 13 to provide notice of their data collection and use practices, and obtain verifiable parental consent, in the educationa

article thumbnail

Google and Mozilla address serious flaws in Firefox and Chrome browsers

Security Affairs

Google and Mozilla released new versions of Chrome and Firefox browsers to addressed several high-severity vulnerabilities. Mozilla has released Firefox version 75 that includes six security patches for the desktop, and two patches targeting to address vulnerabilities in the Android app. “With today’s release, a number of improvements will help you search smarter, faster.” reads the announcement.

Risk 88
article thumbnail

Google launches COVID-19 page and search portal with safety tips, official stats and more, US only for now via TechCrunch

IG Guru

Check out the article here and the portal Google created here. The post Google launches COVID-19 page and search portal with safety tips, official stats and more, US only for now via TechCrunch appeared first on IG GURU.

article thumbnail

Cabinet Office at risk of further data breaches, review concludes

The Guardian Data Protection

Series of recommendations are made following leak of New Year honours list details A government department admonished for publishing honours list details in error is at “significant risk” of making further and bigger personal data breaches, a review has found. The Cabinet Office apologised after the home addresses of celebrities and military figures named in the 2020 New Year honours list were inadvertently posted online.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit

Threatpost

The online videoconferencing service added Alex Stamos to the team and has also formed an expert advisory board to grapple with the pains of its COVID-19 growth spurt.

article thumbnail

No STEM, No Problem: How to Close the Security Workforce Gap

Dark Reading

Those who work well with others, learn quickly, and possess a proactive mindset toward the work can make great employees, even if their backgrounds aren't rooted in cybersecurity.

article thumbnail

Copycat Site Serves Up Raccoon Stealer

Threatpost

Visitors to the fake site expecting antivirus offerings will instead encounter the Fallout exploit kit and a possible malware infection.

article thumbnail

What’s new in OpenText InfoArchive Cloud Edition (CE) 20.2?

OpenText Information Management

Over the last several releases, OpenText™ has invested heavily in advancing InfoArchive as the modern information archiving platform for long-term compliance of critical enterprise and customer data. In each of the last several releases, OpenText has focused on improvements to cloud-based deployments, compliance, operational excellence, and various user and administrative improvements.

Cloud 70
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Cloudflare Axes Google reCAPTCHA Due to Privacy, Price

Threatpost

Cloudflare's CEO said it is replacing Google's reCAPTCHA tool with hCaptcha due to pricing, privacy and availability concerns.

Privacy 90
article thumbnail

Zoom, Microsoft & NTT Data Leaders Share Work-from-Home Security Tips

Dark Reading

Tech leaders encourage organizations to maintain security awareness training and offer advice on how to protect their information.

article thumbnail

‘Unbreakable’ Smart Lock Draws FTC Ire for Deceptive Security Claims

Threatpost

Tapplock catches heat for patched vulnerabilities -- because of its claims that its smart locks can't be hacked.