Security Affairs

JANUARY 14, 2022

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning. Microsoft Defender allows users to exclude locations on their machines that should be excluded from scanning by the security solution.

Access 142

Access Security IT Information Security 142

Dark Reading

JANUARY 14, 2022

Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery.

Cybersecurity 145

Cybersecurity Authentication Access 145

Security Affairs

JANUARY 14, 2022

German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by Lorenz ransomware. Hensoldt, a multinational defense contractor, confirmed that some of its UK subsidiary’s systems were infected with Lorenz ransomware. This week a Hensholdt spokesperson confirmed the security breach to BleepingComputer explaining that a small number of mobile devices in its UK subsidiary has been affected.

Ransomware 120

Ransomware Archiving Encryption Cybersecurity 120

Schneier on Security

JANUARY 14, 2022

I don’t even know what I think about this. Researchers have developed a malware detection system that uses EM waves: “ Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.” Abstract : The Internet of Things (IoT) is constituted of devices that are exponentially growing in number and in complexity.

IoT 118

IoT IT Security Paper 118

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Security Affairs

JANUARY 14, 2022

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. and Europe. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. and Europe. The operation was conducted by the SBU Cyber ??Department together with the Cyber ??Police Department and National Police Investigators with the support of the competent authorities of the United States and Great Britain.

Ransomware 115

Ransomware Sales Encryption Government 115

Security Affairs

JANUARY 14, 2022

Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string of attacks against large organizations, such as Kaseya and JBS USA. The FSB claims to have identified all members of the REvil gang and monitored their operations.

Ransomware 105

Ransomware Government Encryption Security 105

Threatpost

JANUARY 14, 2022

Researchers discovered vulnerabilities that can allow for full site takeover in login and e-commerce add-ons for the popular website-building platform.

Risk 114

Risk Security 114

Dark Reading

JANUARY 14, 2022

An attack discovered on Dec. 4, 2021, forced the Maryland Department of Health to take some of its systems offline.

Ransomware 129

Ransomware IT 129

Threatpost

JANUARY 14, 2022

As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be afraid” was scrawled on the Foreign Ministry site.

Military 108

Military Government Security 108

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

National Archives Records Express

JANUARY 14, 2022

Archivist of the United States David Ferriero has announced that he will be retiring in mid-April 2022. The Office of the Chief Records Officer would like to thank David for his leadership and wish him the very best in his retirement. For more, please read his post over on the AOTUS blog.

98

98

The Security Ledger

JANUARY 14, 2022

Host Paul Roberts speaks with Marc Blackmer of ShardSecure about that company’s new approach to protecting data at rest, which relies on fragmenting and scattering data to make it impossible to steal. The post Spotlight: ShardSecure on Protecting Data At Rest Without Encryption appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen.

Encryption 98

Encryption Cloud Marketing Data breaches 98

Security Affairs

JANUARY 14, 2022

Threat actors defaced multiple Ukrainian government websites after talks between Ukrainian, US, and Russian officials hit a dead this week. Threat actors have defaced multiple websites of the Ukrainian government on the night between January 13 and January 14. The attacks were launched after talks between Ukrainian, US, and Russian officials hit a dead end on Thursday.

Government 101

Government CMS Personal data Education 101

Jamf

JANUARY 14, 2022

It's easy for IT admins to setup and deploy Apple devices with the new Apple Configurator app for iPhone paired with Jamf MDM and Apple School Manager or Apple Business Manager.

MDM 96

MDM IT 96

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The nation-state actor is considered a group that operates under the control of the notorious North Korea-linked Lazarus APT group.

Archiving 97

Archiving Passwords IT Security 97

Schneier on Security

JANUARY 14, 2022

This is a current list of where and when I am scheduled to speak: I’m giving an online-only talk on “Securing a World of Physically Capable Computers” as part of Teleport’s Security Visionaries 2022 series, on January 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3, 2022.

Security 93

Security IT 93

Dark Reading

JANUARY 14, 2022

Timing of the move has evoked at least some skepticism from security experts about the country's true motives.

Ransomware 118

Ransomware Security 118

Threatpost

JANUARY 14, 2022

The country's FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil's infrastructure.

Ransomware 105

Ransomware Security IT Government 105

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

WIRED Threat Level

JANUARY 14, 2022

Over a dozen alleged members of the notorious ransomware group have been arrested, but the Kremlin's critics are wary of the underlying motivation.

Ransomware 97

Ransomware Security 97

Threatpost

JANUARY 14, 2022

Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers.

Access 92

Access Security 92

IG Guru

JANUARY 14, 2022

Check out the article here. The post How AI transformed Rembrandt’s ‘The Night Watch’ — down to the ‘pin-sharp particles of pigment’ via The Hill appeared first on IG GURU.

81

81

Dark Reading

JANUARY 14, 2022

The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.

98

98

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

DXC Technology

JANUARY 14, 2022

It’s easy to see just how important — and dangerous — the Log4j vulnerability is. What’s harder is devising an effective response. As you may know, Log4j is an open-source, Java-based logging utility and library. Developed by the Apache Foundation, its use is pervasive but not usually overt — being embedded in many Java servers, […]. The post Log4j is everywhere.

IT 59

IT Libraries Security 59

Threatpost

JANUARY 14, 2022

UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing what’s next.

Marketing 74

Marketing Privacy Security 74

Jamf

JANUARY 14, 2022

Apple TV is easy to set up and scale for digital signage that can transform organizations, especially when paired with Jamf and Carousel Digital Signage. Learn how outdoor lifestyle retailer Camping World successfully implemented digital signage across verticals, and review some ideas about how it can help you regardless of your industry or sector.

Retail 52

Retail IT 52

Collibra

JANUARY 14, 2022

Today, businesses collect and process large volumes of data. The concern of protecting this data, especially personal data , has been around for quite some time. The sheer volume of data and the increased proliferation of cloud technology has brought this concern to the fore again. When GDPR (General Data Protection Regulation) came into effect in 2016, organizations took time to understand and plan their compliance efforts.

Compliance 52

Compliance Government GDPR Personal data 52

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

eSecurity Planet

JANUARY 14, 2022

Distributed denial of service (DDoS) attacks can cripple an organization, a network, or even an entire country, and they show no sign of slowing down. DDoS attacks may only make up a small percentage of security threats, but their consequences can be devastating. The country of Estonia was brought offline a few years back by a DDoS attack. Over the past year or so, Google, Amazon and Microsoft have been subjected to massive DDoS incursions.

Cloud 116

Cloud IoT Analytics Security 116

Krebs on Security

JANUARY 14, 2022

The Russian government said today it arrested 14 people accused of working for “ REvil ,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops a

Ransomware 303

Ransomware Government Personal data Encryption 303

eSecurity Planet

JANUARY 14, 2022

The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked. News stories repeatedly note that the organizations impacted by breaches had often failed to install high-priority security patches from the likes of Microsoft Exchange , Fortinet , and other well-known names.

Ransomware 101

Ransomware Compliance Risk Cloud 101