Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The hackers also claim they are selling on the dark web roughly 2 billion records Data Viper collated from numerous breaches and data leaks, including data from several companies that likely either do not know they have been hacked or have not yet publicly disclosed an intrusion.

Sales 342

Sales Marketing e-Discovery Passwords 342

Data Breach Today

JULY 13, 2020

Not Yet Clear How Many of Firm's Healthcare Clients Were Affected Some 275,000 individuals served by a variety of healthcare sector organizations had data exposed as a result of a breach at Houston-based billing and debt collection vendor Benefit Recovery Specialists Inc. A breach at another debt collection vendor last year wound up affecting more than 20 million individuals.

274

274

Security Affairs

JULY 13, 2020

Experts from Cyble discovered the availability on the darkweb of records of over 45 million travelers to Thailand and Malaysia from multiple countries. Experts from threat intelligence firm have discovered the availability on the darkweb of records of over 45 million travelers to Thailand and Malaysia from multiple countries. Records of 45 Million+ travelers to Thailand and Malaysia Leaked on #Darkweb (Blog Link) [link] #infosec #leaks #CyberSecurity pic.twitter.com/zHOujQ8CMm — Cyble (@Au

Data breaches 142

Data breaches Authentication Passwords Cybersecurity 142

Data Breach Today

JULY 13, 2020

Yet Another Alleged Hacker Unmasked After Making OPSEC Mistakes To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.

Security 249

Security 249

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Security Affairs

JULY 13, 2020

Security experts at threat intelligence firm Cyble have identified a credible actor selling personal details of approximately 40,000 US citizens. Security experts at threat intelligence firm Cyble Experts have discovered the availability on the darkweb of personal details of approximately 40,000 US citizens along with their social security numbers (SSNs).

Sales 116

Sales Data breaches Phishing Authentication 116

Threatpost

JULY 13, 2020

A new BEC threat group is heralding more sophisticated email scams that target organizations without DMARC and squeeze as much money out of victims as possible.

Security 114

Security 114

Data Breach Today

JULY 13, 2020

Meanwhile, Amazon Sends Mixed Signals to Employees About Use of Social Media App Wells Fargo, the fourth largest bank in the U.S., has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The news comes after Amazon sent mixed signals to its employees about use of the social media app.

Security 209

Security IT 209

PerezBox

JULY 13, 2020

A Virtual Private Networks (VPN) allows a component from a trusted zone to be accessed from an untrusted zone. This technology is enable a user to access company data from. Read More. The post You Don’t Need a VPN appeared first on PerezBox.

Access 105

Access Security 105

Data Breach Today

JULY 13, 2020

Small IoT Makers Need to Specify Support Terms for Cloud-Enabled Devices Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.

IoT 162

IoT Cloud 162

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

JULY 13, 2020

Malware authors are implementing the capability to check if their malicious code is running in the Any.Run malware analysis service. Vxers are implementing the capability to check if their malware is running in the Any.Run interactive online malware sandbox to prevent them from being analyzed by experts. Every time malware is uploaded to the platform, the service will create a Windows virtual machine with an interactive remote desktop, and execute the file within this environment.

Passwords 103

Passwords IT Security Information Security 103

Threatpost

JULY 13, 2020

Exploitation of the bug can allow an attacker to lift sensitive information, delete files, execute code, carry out sabotage and more.

Security 116

Security 116

Security Affairs

JULY 13, 2020

Hacker claims to have stolen more than 8,200 databases from the US cyber security firm Night Lion Security. Hacker claims to have stolen more than 8,200 databases from the US cyber security firm Night Lion Security. The hacker is using the moniker “NightLion,” which is the name of the hacked company. The databases are the back-end behind the DataViper a data leak monitoring service managed by the popular researcher Vinny Troia.

Security 96

Security Data breaches Access IT 96

Gimmal

JULY 13, 2020

In early 2018, Microsoft released Retention Labels for Office 365 (now Microsoft 365) to allow "labels" to be place on content in SharePoint, OneDrive, and Exchange. Users with an E3/G3 license can manually use these labels to give the file or email a retention period in which the item will be automatically deleted. Organizations with E5/G5 license, or the E5 Compliance add on can also automatically apply content to these same locations using keywords, metadata, or trainable classifiers.

Metadata 91

Metadata Compliance Records Management Archiving 91

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Hunton Privacy

JULY 13, 2020

In a case that has garnered widespread interest, the Court of Justice of the European Union (“CJEU”) will deliver its judgment in the Schrems II case ( case C-311/18 ) on July 16, 2020, determining the validity of the controller–to-processor Standard Contractual Clauses (“SCCs”) as a cross-border data transfer mechanism under the EU General Data Protection Regulation (“GDPR”).

Personal data 88

Personal data Privacy GDPR Risk 88

Threatpost

JULY 13, 2020

A data-stealing module in a recent sandboxed sample triggers browser-based fraud alerts for Trickbot victims -- and shows something of the inner working of the malware's operators.

86

86

IBM Big Data Hub

JULY 13, 2020

Overlooking the European Parliament buildings in Strasbourg, France, lies a very unique factory. But don’t waste time searching the city proper for evidence of its operation. Strolling through Strasbourg streets, you wouldn’t hear the hum of machinery or sense any vibrations under your feet. This is a very unique factory indeed. This is the Cognitive Factory, the largest in the world.

IT 82

IT 82

Threatpost

JULY 13, 2020

Insider-threat security experts unravel the new normal during this time of remote working, and explain how to protect sensitive data from this escalating risk.

Risk 91

Risk Security Artificial Intelligence Cloud 91

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

JULY 13, 2020

With employees likely to continue to spend much, if not all, of their time working from home, companies are focusing more on technologies to boost the security of their now-distributed workplace.

Security 112

Security 112

Threatpost

JULY 13, 2020

Traditional financial crime and cyberattacks are converging, requiring new skills and approaches to the problem, officials said.

Government 99

Government Security 99

Dark Reading

JULY 13, 2020

These oft-forgotten devices contain serious vulnerabilities that allow attackers to hack OT systems remotely, researchers will reveal at Black Hat USA next month.

88

88

Threatpost

JULY 13, 2020

From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that with an adaptive security model.

Security 74

Security 74

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

JULY 13, 2020

The most attractive targets for data theft are businesses perceived as most likely to pay to prevent exposure of their information.

Ransomware 94

Ransomware 94

Schneier on Security

JULY 13, 2020

A personal account of someone who was paid to buy products on Amazon and leave fake reviews. Fake reviews are one of the problems that everyone knows about, and no one knows what to do about -- so we all try to pretend doesn't exist.

101

101

Dark Reading

JULY 13, 2020

A paramedic turned cybersecurity expert shares his experiences in both fields, highlights their similarities, and explains how they can learn from each other.

Cybersecurity 82

Cybersecurity 82

Hunton Privacy

JULY 13, 2020

On July 13, 2020, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it levied a €16,729,600 fine on telecoms provider Wind Tre S.p.A. (“Wind Tre”) for several unlawful data processing activities, mostly related to direct marketing. The Garante indicated that it had already issued a prohibitory injunction against Wind Tre for similar infringements in the past, prior to the EU General Data Protection Regulation.

Marketing 52

Marketing Personal data Communications Privacy 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

JULY 13, 2020

To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.

Cybersecurity 82

Cybersecurity 82

Adam Shostack

JULY 13, 2020

The EFF has filed an amicus brief on the Computer Fraud and Abuse Act: Washington, D.C.—The Electronic Frontier Foundation (EFF) and leading cybersecurity experts today urged the Supreme Court to rein in the scope of the Computer Fraud and Abuse Act (CFAA)—and protect the security research we all rely on to keep us safe—by holding that accessing computers in ways that violate terms of service (TOS) does not violate the law.

Computer and Electronics 52

Computer and Electronics Cybersecurity Access Security 52

Dark Reading

JULY 13, 2020

The Russian national was convicted of hacking into accounts at LinkedIn, Dropbox, and Formspring.

87

87