Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel.

Security 112

Security Information Security IT 112

Hunton Privacy

FEBRUARY 18, 2022

On February 15, 2022, the French Data Protection Authority (the “CNIL”) published its enforcement priority topics for 2022. Each year, the CNIL conducts numerous investigations in response to complaints, data breach notifications and ongoing events, or based on previously established enforcement priorities. For 2022, the CNIL indicated that it will focus on three major strategic priorities: Direct Marketing.

Cloud 108

Cloud Data breaches GDPR Marketing 108

Security Affairs

FEBRUARY 18, 2022

Iran-linked TunnelVision APT group is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. Researchers from SentinelOne have observed the potentially destructive Iran-linked APT group TunnelVision is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. TunnelVision’s TTPs overlap with the ones associated with Iran-linked nation-state actors Phosphorus , Charming Kitten and Nemesis Kitten.

Ransomware 110

Ransomware Security IT Information Security 110

Collibra

FEBRUARY 18, 2022

Metadata management is a cross-organizational agreement on how to define informational assets for converting data into an enterprise asset. As data volumes and diversity grow, metadata management is even more critical to derive business value from the gigantic amounts of data. . What is Metadata? Managing metadata begins with defining metadata correctly.

Metadata 98

Metadata IT Government Sales 98

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

FEBRUARY 18, 2022

Google introduces Privacy Sandbox on Android aimed at leading to more private advertising solutions for mobile users. Google announced Privacy Sandbox on Android to limit user data sharing and prevent the use of cross-app identifiers. The company states that the Privacy Sandbox technologies are still in development. “Privacy Sandbox on Android will strengthen privacy, while providing tools app developers need to support and grow their businesses.

Privacy 98

Privacy Data collection Security IT 98

Record Nations

FEBRUARY 18, 2022

A paperless office is no longer a pipe dream. With advancements in technology, like the cloud or document management systems, reducing your paper output is more achievable than ever. While it may be impossible for some industries to eliminate paper entirely, there are a number of ways it can be significantly reduced. Top 5 Reasons […]. The post 5 Reasons a Paperless Office Makes Sense appeared first on Record Nations.

Paper 97

Paper Cloud IT 97

Dark Reading

FEBRUARY 18, 2022

Security teams need an adversary-focused approach that automates security controls and compliance and provides visibility into the cloud environment.

Cloud 103

Cloud Compliance Security 103

Security Affairs

FEBRUARY 18, 2022

Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe?Commerce and?Magento Open Source. Positive Technologies researchers have created a working PoC exploit for the recently patched CVE-2022-24086 vulnerability affecting its Commerce and Magento Open Source products. An attacker could use the exploit to achieve remote code execution from an unauthenticated user.

Authentication 91

Authentication Cybersecurity Security IT 91

eSecurity Planet

FEBRUARY 18, 2022

Steganography, derived from Greek words meaning “covered” and “writing,” has been used for centuries to hide secret messages inside regular documents. In cybersecurity, steganography mainly consists of hiding malicious payloads or secret information inside seemingly harmless files such as images, PDFs, audios, videos, and many other document types. While steganography is often considered something of a joke in capture-the-flag (CTF) events and other cybersecurity defense activities, it can happe

Artificial Intelligence 124

Artificial Intelligence Encryption Cybersecurity Communications 124

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

FEBRUARY 18, 2022

Government crackdowns may destabilize Russian crime rings and strengthen their ties to Chinese allies.

Marketing 117

Marketing Ransomware Government 117

IG Guru

FEBRUARY 18, 2022

In an email sent to members, AIIM announced on February 10, 2022, they were going to implement the following: We trust you. We know that, if you care enough about the Information Management practice to keep current with your CIP designation, you’ll naturally be engaging in continuing education and networking activities. AIIM has tons of […]. The post AIIM Announces New CEU Tracking and Recertification Updates for the CIP appeared first on IG GURU.

Education 75

Education Records Management Information governance Government 75

Dark Reading

FEBRUARY 18, 2022

A new study shows that organizations continued to take an inordinately long time to fix vulnerabilities and fixed fewer known issues in their environments last year than in 2020.

Security 80

Security 80

Threatpost

FEBRUARY 18, 2022

Researchers said a Jan. 27 attack that aired footage of opposition leaders calling for assassination of Iran’s Supreme Leader was a clumsy and unsophisticated wiper attack.

Government 63

Government Security 63

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

FEBRUARY 18, 2022

Priorities are shifting, with growing emphasis on endpoint detection and response (EDR) software and multifactor authentication (MFA), a recent survey of IT professionals shows.

Authentication 70

Authentication IT 70

Threatpost

FEBRUARY 18, 2022

Adobe updated its recent out-of-band security advisory to add another critical bug, while researchers put out a PoC for the one it emergency-fixed last weekend.

Security 65

Security IT 65

Dark Reading

FEBRUARY 18, 2022

The sooner we discover sources of risk, the better equipped we will be to create effective mitigations for them.

Cloud 92

Cloud Risk Security 92

Privacy and Cybersecurity Law

FEBRUARY 18, 2022

On January 28, the California Attorney General (AG) announced his office was initiating an investigative sweep of businesses that operate loyalty programs and do not adequately provide a notice of financial incentive, as required under the California Consumer Privacy Act of 2018 (CCPA). This announcement by the AG is significant because it marks the first time the AG has publicly announced a targeted enforcement effort under the CCPA since releasing a general list of enforcement case examples th

Privacy 52

Privacy Compliance B2B Retail 52

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

FEBRUARY 18, 2022

The country was hit by a DDoS attack earlier this week, but some say that doesn't rise to the level of "cyberattack." Here's why they're wrong.

77

77

Threatpost

FEBRUARY 18, 2022

An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders.

Authentication 68

Authentication Security 68

Dark Reading

FEBRUARY 18, 2022

The Cybersecurity & Infrastructure Security Agency (CISA) says this "living repository" is a mix of popular open source and free tools and services from both the private and public sectors.

Cybersecurity 61

Cybersecurity Security 61

eDiscovery Law

FEBRUARY 18, 2022

Key Insight: Plaintiff moved for spoliation sanctions against defendants relying on (1) an inadvertently disclosed email between defendant and his counsel discussing the preservation of emails, and (2) defendants did not produce a “mirror image” of the emails produced by third parties. Plaintiff contended the content of the email between defendant and his counsel is […].

40

40

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

FEBRUARY 18, 2022

New enhancements and capabilities help enterprises embrace cloud-native technologies.

Cloud 66

Cloud 66

Hunton Privacy

FEBRUARY 18, 2022

On February 8, 2022, BTI Consulting Group honored Hunton partners Aaron Simpson and Lisa Sotto as BTI Client Service All-Stars for 2022. Aaron and Lisa join a select group of lawyers identified as client service leaders by corporate counsel at the world’s leading organizations. Lisa, also recognized as a Super All-Star, breaks BTI records by being nominated by six clients, the highest number of nominations so far.

IT 81

IT 81

Schneier on Security

FEBRUARY 18, 2022

There’s a lot of fishing going on : The number of Chinese-flagged vessels in the south Pacific has surged 13-fold from 54 active vessels in 2009 to 707 in 2020, according to the SPRFMO. Meanwhile, the size of China’s squid catch has grown from 70,000 tons in 2009 to 358,000. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Security 83

Security 83