Krebs on Security

MAY 19, 2021

Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating. Even so, plenty of people willingly abandon a mobile number without considering the potential fallout to their digital identities when those digits invariably get reassigned to someone el

Authentication 339

Authentication Passwords Financial Services Risk 339

Data Breach Today

MAY 19, 2021

'It Was the Right Thing to Do for the Country' Colonial Pipeline Co.'s CEO, Joseph Blount, said Wednesday that he authorized the payment of a $4.4 million ransom just hours after the company was hit by a DarkSide ransomware attack, telling The Wall Street Journal, "It was the right thing to do for the country.

Ransomware 318

Ransomware IT 318

Hunton Privacy

MAY 19, 2021

On May 12, 2021, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) imposed a €525,000 fine on Locatefamily.com for failure to comply with the obligation imposed under Article 27 of the EU General Data Protection Regulation (“GDPR”) to appoint a representative in the EU. Locatefamily.com is an online platform that publishes contact details (including telephone numbers and addresses) of individuals.

Personal data 114

Personal data GDPR Risk IT 114

Data Breach Today

MAY 19, 2021

Niloo Howe and David Cole on the Impact of Pandemic and Protests on Privacy The COVID-19 pandemic created unique conditions for technology and surveillance practices to erode global privacy. In this discussion of their RSA Conference keynote, Niloo Howe and David Cole share their research, case studies and analysis.

Privacy 284

Privacy 284

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Threatpost

MAY 19, 2021

Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.

IoT 120

IoT Security 120

Threatpost

MAY 19, 2021

Attackers sent 52M malicious messages leveraging the likes of Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage in Q1 2021.

Phishing 122

Phishing Cloud Security 122

Data Breach Today

MAY 19, 2021

Wang and Geers of Very Good Security on Whether Crypto Can Be the New Reserve Cryptocurrency is gaining traction worldwide. But is it ready to displace the U.S. dollar as the world's reserve currency? Kathy Wang and Kenneth Geers of Very Good Security bring this topic to the RSA Conference stage and share exclusive insights in this panel discussion.

Security 272

Security IT 272

Threatpost

MAY 19, 2021

The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft's Patch Tuesday release last week.

Security 113

Security 113

Data Breach Today

MAY 19, 2021

Dragos: Oldsmar City Employee Visited Rigged Site, But There's No Connection to Incident Investigators at industrial cybersecurity specialist Dragos say an employee of the water treatment plant in Oldsmar, Florida, where a cyberattack was thwarted, had visited an infected website the same day, but that apparently played no role in the security incident.

Cybersecurity 261

Cybersecurity Security 261

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

MAY 19, 2021

Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the wild. Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities , tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild.

Security 107

Security Access Cybersecurity Information Security 107

Data Breach Today

MAY 19, 2021

Customers Apparently Not Affected, Monday.com Says Monday.com, which sells an online workflow management platform, reports that the Codecov supply chain attackers gained access to its source code.

Access 242

Access IT 242

Threatpost

MAY 19, 2021

The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities.

IoT 115

IoT Security 115

Data Breach Today

MAY 19, 2021

Federal Officials, Legal Expert Debate the Issue at RSA 2021 Since the supply chain attack that targeted SolarWinds was uncovered in December 2020, some members of Congress have been pushing for a nationwide data breach notification law. In a panel discussion at RSA Conference 2021, federal officials and a legal expert offered insights on what such a law might require.

Data breaches 233

Data breaches 233

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

MAY 19, 2021

Security researchers identified five vulnerabilities in the infotainment system in Mercedes-Benz cars, four of them are remotely exploitable. Security researchers with Tencent Security Keen Lab identified five vulnerabilities, tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars.

Security 107

Security Cybersecurity Information Security 107

Data Breach Today

MAY 19, 2021

A CEO and CISO Discuss Challenges and Collaboration How has the shift to remote working and multi-cloud environments affected the Security Operations Center, or SOC? Gene Yoo, CEO of Resecurity, and Bob Schlotfelt, CISO of the Los Angeles County Employees Retirement Association, discuss the state of the SOC today and essential steps to consider when outsourcing security services.

Cloud 202

Cloud Security 202

WIRED Threat Level

MAY 19, 2021

If clicking crosswalks makes your blood boil, you’re not alone. Fortunately, there are some tips that make solving those challenges way less frustrating.

Security 101

Security 101

Security Affairs

MAY 19, 2021

Conti ransomware also breached the network of Ireland’s Department of Health (DoH) but the ransomware failed to encrypt the systems. Last week, Conti ransomware gang targeted the Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack. The Health Service Executive opted to shut down its infrastructure as a precaution to avoid the threat from spreading.

Ransomware 92

Ransomware Encryption File names IoT 92

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

OpenText Information Management

MAY 19, 2021

Over the past 15 months, the global pandemic shone a spotlight on the role of data in the public sector. Data was critical not only in responding to the pandemic, various lockdowns, and assessing symptoms linked to the virus and ultimately the vaccination rollout, but it was also key in directing the public and keeping … The post The future of public services must be data-driven appeared first on OpenText Blogs.

Digital transformation 78

Digital transformation IT Government 78

Dark Reading

MAY 19, 2021

A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.

Passwords 96

Passwords IT 96

Schneier on Security

MAY 19, 2021

Good investigative reporting on how Apple is participating in and assisting with Chinese censorship and surveillance.

Privacy 94

Privacy 94

Dark Reading

MAY 19, 2021

Research underscores the acceleration of attack activity and points to a growing concern that defenders can't keep pace.

99

99

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Threatpost

MAY 19, 2021

Customers panic and question parent company Anker’s security and privacy practices after learning their home videos could be accessed and even controlled by strangers due to a server-upgrade glitch.

Privacy 72

Privacy Access Security IoT 72

Dark Reading

MAY 19, 2021

Investigation shows threat actors began probing SolarWinds' network in January 2019, according to Sudhakar Ramakrishna.

96

96

IG Guru

MAY 19, 2021

Check out the 119 page report here. Some information required to download report. The post Verizon’s Data Breach Investigations Report (DBIR) 2021 Available appeared first on IG GURU.

Data breaches 70

Data breaches Information governance Risk Compliance 70

HID Global

MAY 19, 2021

Critical Infrastructure Requires a Stronger Security Standard. jbelles. Wed, 05/19/2021 - 07:55.

Security 96

Security 96

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

MAY 19, 2021

And what's needed to stop it: Better information sharing among private organizations and with law enforcement agencies.

Ransomware 91

Ransomware IT 91

OpenText Information Management

MAY 19, 2021

The latest announcement by OpenText™ of Cloud Editions includes some great updates across the OpenText enterprise applications ecosystem. Check out the latest updates below. April 2021: What’s new in OpenText Enterprise Applications CE 21.2 Update 1: Core for SAP SuccessFactors – integration to SAP SuccessFactors Onboarding and Recruiting models OpenText™ Core for SAP® SuccessFactors® CE 21.2 now supports … The post What’s new in OpenText Enterprise Applications appeared first on Ope

Cloud 64

Cloud Content services 64

Dark Reading

MAY 19, 2021

Incident response cases and research show how the red-team tool has become a become a go-to for attackers.

87

87