Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control.

IT 362

IT Authentication Passwords Access 362

Data Breach Today

JUNE 19, 2020

Researchers Find Extensions Could Steal Credentials and Security Tokens Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.

Security 306

Security 306

IT Governance

JUNE 19, 2020

Cyber criminals have many tricks up their sleeves when it comes to compromising sensitive data. They don’t always rely on system vulnerabilities and sophisticated hacks. They’re just as likely to target the an organisation’s employees. The attack methods they use to do this are known as social engineering. What is social engineering? Social engineering is a collective term for ways in which fraudsters manipulate people into performing certain actions.

IT 139

IT Phishing Sales Security 139

Data Breach Today

JUNE 19, 2020

Creating Cloud-Hosted Attack Infrastructures a Common Practice, Academic Researchers Find Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.

Cloud 298

Cloud Security 298

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

erwin

JUNE 19, 2020

Despite the similarities in name, there are a number of key differences between an enterprise architecture and solutions architecture. Much like the differences between enterprise architecture (EA) and data architecture, EA’s holistic view of the enterprise will often see enterprise and solution architects collaborate. And as with data architecture , a solution architect’s focus is narrower.

Digital transformation 130

Digital transformation Government Cloud IT 130

Security Affairs

JUNE 19, 2020

A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information. A vulnerability in Cisco Webex Meetings client for Windows, tracked as CVE-2020-3347 , could be exploited by local authenticated attackers to gain access to sensitive information. “A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system.” r

Authentication 109

Authentication Access Security IT 109

Data Breach Today

JUNE 19, 2020

Teleconference Company Describes Series of Security Measures Zoom will begin beta testing an end-to-end encryption feature in July that it plans to make available at no charge to all who use the paid or free version of its teleconference platform. It's also rolling out other new security features.

Encryption 247

Encryption Security IT 247

Security Affairs

JUNE 19, 2020

New AcidBox Malware employed in targeted attacks leverages an exploit previously associated with the Russian-linked Turla APT group. Palo Alto Networks researchers analyzed a new malware, dubbed AcidBox, that was employed in targeted attacks and that leverages an exploit previously associated with the Russian-linked Turla APT group. The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizati

Security 107

Security Government IT Information Security 107

Data Breach Today

JUNE 19, 2020

Indictment Describes Hacking of HR Database at Medical Center in Pittsburgh Authorities have arrested a suspect accused of hacking the University of Pittsburgh Medical Center's human resources database in 2014 and stealing personally identifiable information from 65,000 employees, which was then used for tax fraud.

Data breaches 232

Data breaches 232

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Threatpost

JUNE 19, 2020

A former Defense Intelligence Agency analyst leaked classified information to two journalists - one of whom he was dating - shedding light on insider threats.

Government 106

Government 106

Data Breach Today

JUNE 19, 2020

Centralized Approach Dropped, Allowing Rebuilt App to Use Apple and Google APIs Britain's failure to contain COVID-19 - despite Prime Minister Boris Johnson promising a "world-beating" effort - now includes a failed digital contact-tracing app. A new version, built to work with Apple and Google APIs, may be released by winter. Really, what's the rush?

204

204

Threatpost

JUNE 19, 2020

An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.

Security 124

Security 124

Data Breach Today

JUNE 19, 2020

The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. Also featured: A ransomware risk management update; tips on disaster planning.

Risk 185

Risk Ransomware Security 185

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

erwin

JUNE 19, 2020

Despite the similarities in name, there are a number of key differences between an enterprise architecture and solutions architecture. Much like the differences between enterprise architecture (EA) and data architecture, EA’s holistic view of the enterprise will often see enterprise and solution architects collaborate. And as with data architecture , a solution architect’s focus is narrower.

Digital transformation 94

Digital transformation Government Cloud IT 94

Data Breach Today

JUNE 19, 2020

A CISO Offers Insights on Need for Systems Integration Approach Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.

IT 175

IT 175

WIRED Threat Level

JUNE 19, 2020

Their CEOs have pledged support for reform amid the George Floyd protests—while their lawyers are fighting to preserve law enforcement’s advantage in court.

Privacy 98

Privacy Security 98

Data Breach Today

JUNE 19, 2020

Cybercrime Expert Andrew Gould on the Need to Report Newly Found Breaches When organizations eventually allow employees to return to their offices after the COVID-19 crisis subsides, they may discover "more network intrusions, data exfiltration and data breaches," says U.K. cybercrime expert Andrew Gould, who implores organizations to report these incidents to authorities.

Data breaches 162

Data breaches Security 162

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

JUNE 19, 2020

A state-based actor is launching cyber attacks against government, public services and businesses, Australia ‘s prime minister said. Australia ‘s prime minister Scott Morrison said that a “state-based actor” is targeting government, public services, and businesses. Warning Australians of “specific risks” and an increased frequency of attacks, The Australian government is working on “specific risks” related to a significant increase in the number of

Government 89

Government Risk Education Passwords 89

Data Breach Today

JUNE 19, 2020

What You Need to Know for Modern, Distributed Security Best Practices View this webinar to learn ways to use identity-driven security to mitigate both immediate and long-term risk of common cyberattacks, such as phishing.

Phishing 162

Phishing Access Risk Security 162

WIRED Threat Level

JUNE 19, 2020

A series of WikiLeaks disclosures that exposed a trove of the intelligence organization's secrets could have been avoided, a task force found.

Security 100

Security 100

IBM Big Data Hub

JUNE 19, 2020

As companies progress on their Journey to AI , there is considerable focus on what needs to be available to build AI driven applications. The rungs of the AI ladder, which are best described as Collect, Organize, Analyze, Infuse, and Modernize are designed to strengthen a company’s use of AI. However, the individual impact of AI on each rung should not be overlooked.

87

87

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Schneier on Security

JUNE 19, 2020

Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries.

Phishing 103

Phishing Government 103

IBM Big Data Hub

JUNE 19, 2020

A survey of end-users of Data Integration and Integrity (DII) software conducted by IDC in 2019 found that dynamic data movement, also known as data replication, is best served by stand-alone or platform tools, not custom code.

Access 86

Access IT 86

Schneier on Security

JUNE 19, 2020

Today is the second day of the thirteenth Workshop on Security and Human Behavior. It's being hosted by the University of Cambridge, which in today's world means we're all meeting on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself.

Security 98

Security Paper IT 98

IBM Big Data Hub

JUNE 19, 2020

Today, we are pleased to announce the general availability of IBM Cloud Pak for Data V3.0. Over the past two years we have advanced our platform from a collection of mostly IBM data services to a robust end-to-end data & AI solution that serves, along with the other IBM Cloud Paks. With V3.0, we take pride in progressing our clients' ability to work with data and AI to new heights.

Cloud 72

Cloud 72

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Troy Hunt

JUNE 19, 2020

All my things are breaking ?? Mic broke, PC broke, boat shed handle broke, fridges (both of them) broke, fireplace broke, roof broke. and that's just the stuff I could remember in the live stream. But in happier news, listening back to that video now I'm really happy with the audio quality of the new mic and I reckon that once the pop filter is installed the sound will be spot on.

Passwords 67

Passwords Data breaches IT 67

OpenText Information Management

JUNE 19, 2020

With the recent increase in remote and home-based workers, organizations must now manage key applications and secure their remote workforce in a rapid and cost-effective way. Better availability Your remote employees need access to the same information, the same applications and the same (or better) functionality as their office-based colleagues. By migrating your OpenText™ Information … The post Empower your remote workforce with OpenText Anywhere on Microsoft Azure appeared first on Open

Access 63

Access Security Cloud Cybersecurity 63

Security Affairs

JUNE 19, 2020

IBM recently fixed a high-severity issue in its Maximo asset management solution that could facilitate attacks on corporate networks. IBM recently addressed a high-severity issue, tracked as CVE-2020-4529 , in its Maximo asset management solution that could facilitate attacks on making lateral movements within corporate networks. Maximo is designed to assist an organisation in managing its assets.

Authentication 90

Authentication Access Passwords IT 90