Security Affairs

AUGUST 4, 2022

Cisco fixes critical remote code execution vulnerability, tracked as CVE-2022-20842, impacting Small Business VPN routers. Cisco addressed a critical security vulnerability, tracked as CVE-2022-20842, impacting Small Business VPN routers. The flaw resides in the web-based management interface of several Small Business VPN routers, including Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers.

Security 121

Security IT Information Security 121

Krebs on Security

AUGUST 4, 2022

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.

Passwords 280

Passwords IT 280

Data Breach Today

AUGUST 4, 2022

Verizon Business Finds That Companies Still Struggle to Secure Employee Devices The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.

Security 264

Security Information Security 264

Dark Reading

AUGUST 4, 2022

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

Security 145

Security 145

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

AUGUST 4, 2022

Ransomware Incident Knocked Out Computer Network, Email and Phones An Indiana-based neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack - and that some of the data was made available on the dark web. Russian ransomware group Hive has been implicated.

Ransomware 245

Ransomware 245

Data Breach Today

AUGUST 4, 2022

'No Evidence' That Solana Protocol of Cryptography Compromised Solana identified a common thread in the million-dollar cyberattack on its hot wallets. The exploit might come down to wallet recovery passcodes stored in plaintext on a centralized server. There is "no evidence" that the Solana protocol or its cryptography were compromised.

IT 244

IT 244

IT Governance

AUGUST 4, 2022

This week, we discuss a malware campaign targeting Facebook Business users, a breach apparently affecting 5.4 million Twitter users, a €1.1 million GDPR fine for Volkswagen, the new Digital Protection and Information Bill, and why it’s so important to maintain your cyber security through a recession. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud.

Government 105

Government IT GDPR Security 105

Data Breach Today

AUGUST 4, 2022

This edition of the ISMG Security Report analyzes the latest ransomware trends from the European Union Agency for Cybersecurity, findings from the first-ever Cyber Safety Review Board on the Log4j incident, and how security and privacy leaders are harmonizing new U.S. privacy laws.

Ransomware 243

Ransomware Privacy Cybersecurity Security 243

Dark Reading

AUGUST 4, 2022

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

Cloud 99

Cloud Risk 99

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

AUGUST 4, 2022

'Positive Energy' Op Targets North America, Europe, the Middle East and Asia Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages.

Cybersecurity 242

Cybersecurity 242

KnowBe4

AUGUST 4, 2022

As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers.

Phishing 98

Phishing IT 98

Data Breach Today

AUGUST 4, 2022

Group Published Ransomware Execution Video on Website A cyberattack that temporarily paralyzed Albania's pivot to digital government likely came from Iranian hackers. The attack occurred just days before members of the Mujahedin-e-Khalq, a group dedicated to overthrow of the Islamic Republic of Iran, were set to host a two-day conference.

Government 240

Government Ransomware 240

Dark Reading

AUGUST 4, 2022

It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.

Security 98

Security IT 98

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

AUGUST 4, 2022

Unexpected Revocation Comes After Years of Tech Industry Criticism The government of India withdrew a long-anticipated personal data protection bill from Parliament.

Government 240

Government Personal data Privacy 240

Security Affairs

AUGUST 4, 2022

A critical flaw in multiple models of DrayTek Vigor routers can allow unauthenticated, remote attackers to fully compromise affected devices. Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network.

Passwords 97

Passwords Manufacturing Access IT 97

Data Breach Today

AUGUST 4, 2022

Is a practicing cardiologist living in Venezuela also a ransomware mastermind? U.S. prosecutors claim Moises Luis Zagala Gonzalez is a cybercriminal polymath. But Zagala's wife says he is innocent and there's a reason for his predicament. "The Ransomware Files" podcast looks at the evidence.

Ransomware 227

Ransomware 227

DLA Piper Privacy Matters

AUGUST 4, 2022

On 3 August, the Indian Central Government withdrew the Personal Data Protection Bill, 2019 ( PDP Bill ). The PDP Bill, which has drawn criticism from both privacy advocates and industry stakeholders, was first published in 2018 and was to be India’s first law on the protection of personal data. A government notice stated that the decision came following a review by the Joint Parliamentary Committee ( JPC ) and its subsequent report published in December 2021, which suggested a long list of amen

Personal data 97

Personal data Government Privacy IT 97

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

KnowBe4

AUGUST 4, 2022

New data based on tracked, publicly-confirmed ransomware attacks shows that downtime – and the associated cost – is increasing at an alarming rate as nearly half of attacks see a ransom paid.

Ransomware 94

Ransomware 94

Security Affairs

AUGUST 4, 2022

An unknown threat actor is targeting Russian organizations with a new remote access trojan called Woody RAT. Malwarebytes researchers observed an unknown threat actor targeting Russian organizations with a new remote access trojan called Woody RAT. The attackers were delivering the malware using archive files and Microsoft Office documents exploiting the Follina Windows flaw ( CVE-2022-30190 ).

Archiving 92

Archiving Phishing Encryption Passwords 92

KnowBe4

AUGUST 4, 2022

Attackers are exploiting open redirects to distribute links to credential-harvesting sites, according to Roger Kay at INKY. The attackers are exploiting vulnerable American Express and Snapchat domains to launch the attacks. American Express has since fixed the vulnerability, but Snapchat’s domain remains unpatched.

Phishing 93

Phishing 93

Dark Reading

AUGUST 4, 2022

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.

93

93

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

KnowBe4

AUGUST 4, 2022

KnowBe4 is proud to be recognized by TrustRadius with the Summer Best of Awards in three categories for the Security Awareness Training software category.

Security awareness 74

Security awareness Security 74

Dark Reading

AUGUST 4, 2022

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.

Government 85

Government 85

OpenText Information Management

AUGUST 4, 2022

Government agencies around the world, including the US Food and Drug Administration (FDA), use current Good Manufacturing Practices (cGMP) as the primary way to ensure pharmaceutical quality. Implementing cGMP protects life sciences companies and consumers by helping to reduce losses and waste, avoid recalls and fines, while assuring each batch produced meets quality standards so … The post Introducing secure print controls for pharmaceutical manufacturers appeared first on OpenText Blogs.

Healthcare 68

Healthcare Manufacturing Security Government 68

Dark Reading

AUGUST 4, 2022

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

Authentication 100

Authentication Access 100

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

OpenText Information Management

AUGUST 4, 2022

In a constantly evolving landscape, how can businesses stay ahead? The future of customer experience depends on data. One of the best ways to stand out from the crowd is to know your customers – mining insights from their behaviors to improve the overall journey. Get closer to your customers with multi-channel interaction analytics in … The post Make smarter decisions with customer insights and analytics appeared first on OpenText Blogs.

Analytics 63

Analytics Customer Experience Mining Communications 63

Dark Reading

AUGUST 4, 2022

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.

Security 71

Security Communications IT 71

OpenText Information Management

AUGUST 4, 2022

Pandemic-induced disruption up-ended supply chains and value chains far and wide, as core processes failed under the weight of material shortages, logistics problems and even the remedies to increase resilience. Supply chain industries tend to be less further along in their digital journeys than other industries and have a greater incidence of manual, disjointed processes … The post How to overcome the #1 supply chain challenge in 2022: Collaboration appeared first on OpenText Blogs.

58

58