Data Breach Today
JANUARY 19, 2021
Open-Source Development Project Asking Members to Reset Passwords OpenWRT, an open-source project that develops operating systems, firmware and other software for connected and embedded devices, is investigating a data breach after a hacker gained access to an administrator account and apparently was able to access usernames and email addresses for community members.
AIIM
JANUARY 19, 2021
We're so excited to announce that registration for The AIIM Conference 2021 for records and information professionals is now live! This year, join us as we "Go Big, and Stay Home!" That's right, this year's event will be virtual and delivered to a screen near you. AIIM21 is set for April 27-29th, 2021. The sky is no longer the limit for this year's virtual event to bring together the world's top records and informations professionals to meet, learn, and have fun!
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 19, 2021
Researchers: Backdoor Is Fourth Malware Variant Used During Attacks Symantec Threat Intelligence says it's uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets.
Security Affairs
JANUARY 19, 2021
The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts from Symantec revealed that threat actors behind the SolarWinds supply chain attack leveraged a malware named Raindrop for lateral movement and deploying additional payloads. Raindrop is the fourth malware that was discovered investigating the SolarWinds attack after the SUNSPOT backdoor, the Sunburst / Solorigate backdoor and the Teardrop tool. .
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JANUARY 19, 2021
But Across Europe, Total Fines and Breach Reports Continue to Vary Widely by Country Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JANUARY 19, 2021
Company Will Enforce Domain Controller Settings to Block Connections Microsoft is alerting customers that starting Feb. 9, it will enforce domain controller settings within Active Directory to block connections that could exploit the unpatched Zerologon vulnerability in Windows Server. Microsoft has been warning about the urgency of patching the flaw for months.
Dark Reading
JANUARY 19, 2021
Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor.
Data Breach Today
JANUARY 19, 2021
Hackers Attempt to Collect VPN Credentials The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.
Schneier on Security
JANUARY 19, 2021
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points. SUNSPOT is StellarParticle’s malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product. SUNSPOT monitors running processes for those involved in compilation of the Orion product and replaces one of the source files to include the SUNBURST backdoor code.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JANUARY 19, 2021
Tipster Alleges Woman Planned to Pass Laptop to Russian Friend Police have arrested Riley June Williams of Pennsylvania, who a tipster alleges stole a laptop or hard drive belonging to House Speaker Nancy Pelosi. But is the tipsters claim that she had planned to pass the device to a friend in Russia credible?
Dark Reading
JANUARY 19, 2021
Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor.
Data Breach Today
JANUARY 19, 2021
A Substantial Settlement Could Build Data Security Momentum British Airways could face a substantial compensation payout as a result of an ongoing group lawsuit over its 2018 data breach, the first of its kind under GDPR. So, the lawsuit - and others that follow in breach cases - could create more momentum for data security enhancements and cyber insurance.
Security Affairs
JANUARY 19, 2021
Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed today that SolarWinds hackers also breached its systems and gained access to its email. Malwarebytes joins the club of security firms that were hit by Solarwinds attackers, after FireEye , Microsoft , and CrowdStrike.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
DLA Piper Privacy Matters
JANUARY 19, 2021
This year has been extraordinary in many different ways. The third annual DLA Piper GDPR fines and data breach survey which we launched today reflects how the current circumstances have affected the privacy landscape across the 31 European countries surveyed. The report includes key GDPR metrics compiled from data from the 27 EU Member States plus the UK, Norway, Iceland and Liechtenstein.
Threatpost
JANUARY 19, 2021
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
Hunton Privacy
JANUARY 19, 2021
On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The Guidelines complement the initial Guidelines on personal data breach notification under the EU General Data Protection Regulation (“GDPR”) adopted by the Article 29 Working Party in February 2018.
IG Guru
JANUARY 19, 2021
January 10, 2021 by Patricia C. Franks It’s (finally) 2021—do you know where your data is? In the early days of the pandemic, this was a question that surely crossed the minds of most employees who needed access to data to perform their work. While it’s natural to look for the latest publication on a […]. The post Book Review: Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success appeared first on IG GURU.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
JANUARY 19, 2021
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
Security Affairs
JANUARY 19, 2021
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) that warns of ongoing vishing attacks aimed at stealing corporate accounts and credentials from US and international-based employees.
Threatpost
JANUARY 19, 2021
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.
Dark Reading
JANUARY 19, 2021
Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Data Matters
JANUARY 19, 2021
On 11 January 2021, the UK Financial Conduct Authority (FCA) published the 66th edition of its Market Watch newsletter. The newsletter sets out the FCA’s expectations for firms on recording telephone conversations and electronic communications when alternative working arrangements are in place, including increased homeworking in light of the COVID-19 pandemic.
Dark Reading
JANUARY 19, 2021
Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.
Threatpost
JANUARY 19, 2021
Users of the Linux-based open-source firmware—which include developers from commercial router companies--may be targeted by phishing campaigns, administrators warn.
Dark Reading
JANUARY 19, 2021
Building security into the software development life cycle creates more visibility, but CISOs still need stay on top of any serious threats on the horizon, even if they are largely unknown.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
JANUARY 19, 2021
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.
Rocket Software
JANUARY 19, 2021
The past year has dramatically shifted how businesses operate, moving many to full-time remote or hybrid work environments. Unfortunately, the speed at which this change took place meant that many businesses were unprepared, relying on systems that weren’t optimized for a new work environment. . Luckily, Rocket is prepared to help. For over 30 years, we’ve been helping modernize IT infrastructures for businesses that rely on legacy systems, improving access, integration, and security.
National Archives Records Express
JANUARY 19, 2021
This post comes from Michael Horsley and Kevin De Vorsey. As a reminder, we are calling attention to the proposed digitization regulations for permanent records which were posted on the Federal Register for public review and comment. Comments are due on or before February 1, 2021. To make a comment, please follow the instructions in the Federal Register notice.
Expert insights. Personalized for you.
315 
Let's personalize your content