Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches 244

Data breaches Sales Marketing Cybersecurity 244

Data Breach Today

AUGUST 16, 2022

Darktrace Talks Follow Recent Thoma Bravo Moves to Buy SailPoint and Ping Identity Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.

Cybersecurity 289

Cybersecurity Security IT 289

IT Governance

AUGUST 16, 2022

South Staffordshire Water has announced that it has fallen victim to a cyber attack. The criminal hackers claimed to have access to the organisation’s SCADA systems, which control industrial processes at treatment plants. “It would be easy to change chemical composition for their water but it is important to note we are not interested in causing harm to people,” the group said.

Ransomware 105

Ransomware Education Government Phishing 105

Data Breach Today

AUGUST 16, 2022

Not the First Time Ineptitude - or Blatant Lying - Invalidates Criminals' Claims The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.

Ransomware 257

Ransomware 257

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Dark Reading

AUGUST 16, 2022

Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts.

Cybersecurity 101

Cybersecurity IT 101

Dark Reading

AUGUST 16, 2022

"Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says.

Government 98

Government 98

Data Breach Today

AUGUST 16, 2022

Fraud Experts Discuss the Need for Controls and Awareness Research by Dun & Bradstreet says business identity fraud jumped 254% last year. Tools can help prevent this fraud but may create greater friction, say Andrew La Marca, senior director at Dun & Bradstreet, and Ralph Gagliardi, agent in charge, High Tech Crimes Unit, Colorado Bureau of Investigation.

246

246

KnowBe4

AUGUST 16, 2022

Hardly a day goes by without a news alert about the latest HUGE data breach. It’s so commonplace today that it rarely rates showing at the top of the news. In a newspaper, the announcement of the latest breach may be on the third page. We’ve become numb to them. And that’s a big problem.

Phishing 98

Phishing Data breaches IT 98

Data Breach Today

AUGUST 16, 2022

Phone Numbers, SMS Registration Codes of Signal Users Exposed Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.

Phishing 246

Phishing Access IT 246

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

KnowBe4

AUGUST 16, 2022

Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently rebranded as Conti). BazarCall callback phishing allows threat actors to craft much more targeted social engineering attacks designed for specific victims.

Phishing 97

Phishing Ransomware 97

Data Breach Today

AUGUST 16, 2022

SIEM can play a key role in aggregating log data for compliance or auditing purposes, but when it comes to identifying threat activity in an IT environment, nothing beats XDR, which excels at using advanced techniques to pinpoint threats in high volumes of data, says Secureworks' Ryan Alban.

Compliance 243

Compliance IT 243

Dark Reading

AUGUST 16, 2022

The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.

Authentication 106

Authentication Security 106

Data Breach Today

AUGUST 16, 2022

Companies continue to struggle with prioritizing which vulnerabilities present the greatest risk to the business and need to be remediated first since vulnerability scoring is too often based on a static set of what could happen if an issue is exploited, says Qualys President and CEO Sumedh Thakar.

Risk 237

Risk 237

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

AUGUST 16, 2022

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data.

Ransomware 96

Ransomware IT 96

Data Breach Today

AUGUST 16, 2022

Analytics Firm Says FTC Is Overstepping Its Authority A lawsuit by an Idaho-based data marketing and analytics vendor against the U.S. Federal Trade Commission is the latest legal dispute spotlighting growing privacy concerns related to the tracking and collection of consumers' healthcare-related and location data.

Data Privacy 214

Data Privacy Privacy Analytics Marketing 214

Security Affairs

AUGUST 16, 2022

Zoom addressed two high-severity vulnerabilities in its macOS app that were disclosed at the DEF CON conference. Zoom last week released macOS updates to fix two high-severity flaws in its macOS app that were disclosed at the DEF CON conference. Technical details of the vulnerabilities were disclosed at the DEF CON conference by security researcher Patrick Wardle during its talk “You’re M?

Passwords 86

Passwords Access Security IT 86

Rocket Software

AUGUST 16, 2022

Team collaboration, individual performance and product accuracy are all critical for teams working within intricate industries with extensive supply chains that design and manufacture complex products (e.g., automotive, aerospace, defense, high tech). This is especially true for design teams performing manual product design data exchange (PDX). Tight deadlines and strict design specifications make end-to-end PDX operations stressful and require employees to accurately perform tedious and repetit

Manufacturing 84

Manufacturing Risk IT 84

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

AUGUST 16, 2022

Omdia Senior Analyst Hollie Hennessy goes over her first experience of DEF CON as a woman in cybersecurity.

Cybersecurity 110

Cybersecurity 110

Security Affairs

AUGUST 16, 2022

A cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to 1.6M consumers daily. South Staffordshire Water has issued a statement confirming the security breach, the company pointed out that the attack did not impact the safety and water distribution systems. South Staffordshire Water plc known as South Staffs Water is a UK water supply company owned by a privately owned utilities company serving parts of Staffordshire the West Midlands as well

Ransomware 80

Ransomware Passwords Security IT 80

Dark Reading

AUGUST 16, 2022

South Staffordshire in the UK has acknowledged it was targeted in a cyberattack, but Clop ransomware appears to be shaking down the wrong water company.

Ransomware 82

Ransomware IT 82

Security Affairs

AUGUST 16, 2022

Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm , Actinium , Armageddon , Primitive Bear , and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign.

Military 79

Military Phishing Access Government 79

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Data Protection Report

AUGUST 16, 2022

On July 27, 2022, the Office of the Information and Privacy Commissioner of Alberta ( OIPC ) released its 2022 PIPA Breach Report. [1] The report analyzes the nearly 2,000 breach reports [2] received by the OIPC during. . the ten year period since reporting was mandated in Alberta under the Personal Information Protection Act ( PIPA ) [3]. The PIPA Breach Report represents a rare and unique opportunity to obtain key insights from a leading Canadian privacy and data protection regulator regardin

Privacy 104

Privacy Risk Cybersecurity Phishing 104

Dark Reading

AUGUST 16, 2022

Just as one crop of malware-laced software packages is taken down from the popular Python code repository, a new host arrives, looking to steal a raft of data.

78

78

Schneier on Security

AUGUST 16, 2022

This is more of a demonstration than a real-world vulnerability, but researchers can use electromagnetic interference to remotely control touchscreens. From a news article : It’s important to note that the attack has a few key limitations. Firstly, the hackers need to know the target’s phone passcode, or launch the attack while the phone is unlocked.

IT 72

IT Cybersecurity 72

Threatpost

AUGUST 16, 2022

Mobile transactions could’ve been disabled, created and signed by attackers.

Security 105

Security 105

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

OpenText Information Management

AUGUST 16, 2022

Information is omnipresent and everywhere. Across our personal and professional lives, it is becoming more complex and more distributed than ever. And it is growing, exponentially. The total amount of information created, captured, copied, and consumed globally in 2010[1] was 2 zettabytes[2] of data. This figure has grown to 97 zettabytes today and is expected … The post Unlock the information advantage to combat ‘information overload’ appeared first on OpenText Blogs.

IT 64

IT Content services 64

Dark Reading

AUGUST 16, 2022

The tamper protection feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS.

77

77

OpenText Information Management

AUGUST 16, 2022

We’re excited to bring OpenText users like you back together in-person for the first time since 2019. Attending OpenText World or Enfuse in Las Vegas provides great opportunities to build and certify your product skills – let’s dig in. 1. Free certifications Once onsite, you’ll have one free exam attempt to get OpenText Certified to … The post Five ways OpenText World is a great place to build skills and community appeared first on OpenText Blogs.

59

59