Data Breach Today
MARCH 30, 2022
Popular Game Axie Infinity's Blockchain Security Breached Via Hacked Private Keys Ronin Network, which powers the popular NFT game Axie Infinity, announced it was the victim of a security breach that amounted to around $615 million in stolen funds. The company tweeted that the attacker's wallet had been connected to Binance and that an investigation is currently underway.
Hunton Privacy
MARCH 30, 2022
On March 25, 2022, the U.S. District Court for the Northern District of Illinois approved a $1.1 million settlement with TikTok Inc. (“TikTok”) to resolve claims that TikTok collected children’s data and sold it to third parties without parental consent. The plaintiffs sued TikTok in 2019, alleging that TikTok did not seek verifiable parental consent prior to collecting personal information of children under 13 on the popular video platform in violation of the Children’s Online Privacy Protectio
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 30, 2022
Nonprofit Managed Care Provider Allegedly Hit by Hive Ransomware An apparent ransomware attack and alleged data theft by the Hive cybercriminal group has left Partnership HealthPlan of California struggling to recover its IT services for more than a week. The nonprofit says it is unable to receive or process treatment authorization requests.
KnowBe4
MARCH 30, 2022
A new report suggests that everything from endpoints, to passwords, to training, to security policies, to a lack of awareness is all contributing to much higher risk of cyberattack.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MARCH 30, 2022
Targets Are a Small Set of Specific Organizations Primarily in South Asia Sophos says it has provided a fix to a critical RCE bug known to be actively exploited primarily in South Asia. Sophos says no customer action is needed if the "Allow automatic installation of hotfixes" feature is enabled, but versions close to their end of life need manual configuration.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 30, 2022
About 30,000 Modems Knocked Offline as Russian Forces Began Invasion of Ukraine Communications company Viasat says it's been replacing about 30,000 broadband modems to restore service for customers in central Europe affected by a Feb. 24 attack that disrupted part of its satellite communications network and left modems unable to connect.
CGI
MARCH 30, 2022
The tragic humanitarian and economic crisis resulting from Russia’s invasion of Ukraine will have both long- and short-term impacts on the energy supply chain as nations reevaluate their energy security and sovereignty postures.
Data Breach Today
MARCH 30, 2022
Security Affairs
MARCH 30, 2022
The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked tens of gigabytes of stolen data. The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked roughly 70 Gb of stolen data. The gang claims that the company has implemented poor security practices that allowed them to hack their infrastructure. “For anyone who is interested about the poor security practices in use at Globant.com. i will expose the admin credentials for ALL there devops platforms
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
KnowBe4
MARCH 30, 2022
A new report reviewing ransomware activity in 2021 shows an impressive uptick in the number of targeted attacks in Q4 of 2021 to 772 as more players join (or rejoin) the game.
IG Guru
MARCH 30, 2022
Check out the article here. The post Ice Miller Cybersecurity Law Snapshot: Biden Signs into Law Critical Infrastructure Ransomware Payment and Cyber Incident Reporting appeared first on IG GURU.
Schneier on Security
MARCH 30, 2022
The malicious uses of these technologies are scary : Police reportedly arrived on the scene last week and found the man crouched beside the woman’s passenger side door. According to the police, the man had, at some point, wrapped his Apple Watch across the spokes of the woman’s passenger side front car wheel and then used the Watch to track her movements.
Security Affairs
MARCH 30, 2022
SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances. SonicWall has released security updates to address a critical vulnerability ( CVE-2022-22274 ) that impacts multiple firewall appliances that could be exploited by an unauthenticated, remote attacker to execute arbitrary code and trigger a denial-of-service (DoS) condition.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
WIRED Threat Level
MARCH 30, 2022
Lapsus$ and the group behind the SolarWinds hack have utilized prompt bombing to defeat weaker MFA protections in recent months.
Security Affairs
MARCH 30, 2022
The US CISA and the Department of Energy issued guidance on mitigating attacks against uninterruptible power supply (UPS) devices. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy published joint guidance on mitigating cyber attacks against uninterruptible power supply (UPS) devices. The US agencies warn of threat actors gaining access to a variety of internet-connected uninterruptible power supply (UPS) devices by exploiting default credentials.
WIRED Threat Level
MARCH 30, 2022
What happens when an old satellite is no longer in use but can still broadcast? Hacker shenanigans, that's what.
Dark Reading
MARCH 30, 2022
Smart-city security breaches have potentially very serious consequences — they can be economically devastating and even life-threatening, if handled wrong.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
MARCH 30, 2022
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers' DevOps platforms – to its hit list.
OpenText Information Management
MARCH 30, 2022
Corporate mergers and acquisitions are high-stakes, high-stress situations. While the vast majority of mergers raise no serious competition concerns, some proposed transactions—especially high-profile strategic mergers and acquisitions that are over a certain size and meet specific criteria1— and are subject to close scrutiny by the United States Antitrust Division of the Department of Justice or … The post Beating the bad odds of an antitrust investigation appeared first on OpenText Blogs
Dark Reading
MARCH 30, 2022
Info-Tech Research Group has released a new research blueprint to help organizations plan the components necessary to build a cloud security architecture.
OpenText Information Management
MARCH 30, 2022
They’re faster – fact or fiction? I was recently having a conversation with a customer at an industry forensics event. We were discussing what tools his team has in their investigation toolkits and why. I think it’s safe to say we all agree having multiple tools in your toolkit is a good thing. After all, … The post Putting OpenText EnCase Forensic to the test appeared first on OpenText Blogs.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MARCH 30, 2022
As environments grow noisier, it becomes easier for attackers to intentionally create distractions.
Threatpost
MARCH 30, 2022
The so-called 'Spring4Shell' bug has cropped up, so to speak, and could be lurking in any number of Java applications.
Dark Reading
MARCH 30, 2022
An interactive static analyzer gives developers information on potential risks arising from user inputs while they code. This could be a game-changer.
Threatpost
MARCH 30, 2022
The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
MARCH 30, 2022
Whether compromising misconfigured cloud infrastructure or taking advantage of free-tier cloud development platforms, attackers see a vast pool of workloads to use for cryptomining.
Thales Cloud Protection & Licensing
MARCH 30, 2022
How to Prevent and Protect Against Supply Chain Attacks. madhav. Wed, 03/30/2022 - 04:32. Recent high profile attacks show that the bad guys don’t hack into organizations, they simply log in. This is especially true of supply chain attacks where credential compromise continues to be the most predominant vector of attack that bad actors use in order to gain access into target networks that are often interconnected.
Threatpost
MARCH 30, 2022
A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin.
Expert insights. Personalized for you.
246 
Let's personalize your content