Data Breach Today
FEBRUARY 28, 2023
Attackers Exploited Vulnerability in Third-Party Software for Access The situation at LastPass keeps getting worse: the company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
Dark Reading
FEBRUARY 28, 2023
The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
FEBRUARY 28, 2023
Agency Confirms Sensitive Law Enforcement Information Compromised Hackers maliciously encrypted a system belonging to the U.S. Marshals Service, compromising and exfiltrating sensitive data law enforcement data. "The system was disconnected shortly and the Department of Justice initiated a forensic investigation," said an agency spokesman.
Dark Reading
FEBRUARY 28, 2023
The biggest dilemmas in running a modern cybersecurity team are not all about software, said CISOs from HSBC, Citi, and Sepio.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 28, 2023
The Technologies You Need to See Into Those Dark Corners A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
FEBRUARY 28, 2023
Beijing Looks for Enterprise Software Zero Days A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. The Chinese government is up-levelling their capabilities," said Adam Meyers, senior vice president of intelligence at CrowdStrike.
WIRED Threat Level
FEBRUARY 28, 2023
New details reveal that Beijing-backed hackers targeted the Association of Southeast Asian Nations, adding to a string of attacks in the region.
Data Breach Today
FEBRUARY 28, 2023
Case Involved Use of a Patient's Name to Overbill Medicaid A case before the U.S. Supreme Court may limit federal prosecutors' ability to bring charges of aggravated identity theft. A Texas man convicted of overbilling Medicaid argued Monday he's not also guilty of identity theft since he had a patient's permission to submit the bill.
Hunton Privacy
FEBRUARY 28, 2023
On February 28, 2023, the European Data Protection Board (“EDPB”) issued its Opinion 5/2023 on the European Commission Draft Implementing Decision on the adequate protection of personal data under the EU-US Data Privacy Framework (the “Opinion”). In the Opinion, the EDPB recognized substantial improvements in the proposed EU-U.S. Data Privacy Framework (“DPF”) when compared to Privacy Shield, whilst also stating that a number of aspects of the DPF need to be clarified, developed or further detai
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
FEBRUARY 28, 2023
Johri Replaces Emmanuel Benzaquen, Who Has Led the App Security Company Since 2006 For the first time in its 17-year history, application security vendor Checkmarx will have a new leader. The company has tapped Sandeep Johri, the longtime chief executive at software testing vendor Tricentis, to serve as its new CEO less than two years after being acquired by Hellman & Friedman.
Security Affairs
FEBRUARY 28, 2023
US CISA added an actively exploited vulnerability in the ZK Java Web Framework to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability, tracked as CVE-2022-36537 (CVSS score: 7.5), in the ZK Java Web open-source framework to its Known Exploited Vulnerabilities Catalog. An attacker can exploit the flaw to retrieve sensitive information through specially crafted POST requests sent to the component AuUploader. “Z
Data Breach Today
FEBRUARY 28, 2023
Prosecutors Indicted 80 People for Scheme in 2019 and Have Convicted 21 A leader of an international crime network that attempted to launder more than $25 million in fraudulently obtained funds, including through business email compromise, received a sentence of more than a decade in prison. Valentine Iro, 34, pleaded guilty to conspiracy to engage in money laundering.
Security Affairs
FEBRUARY 28, 2023
Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom. Since December 2022, Cisco Talos researchers have been observing an unidentified financially motivated threat actor deploying two new malware, the MortalKombat ransom
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
FEBRUARY 28, 2023
Brian Ahern Plans to Infuse CyberMaxx's MDR Tool With Offensive Security Expertise CyberMaxx has landed the former CEO of cloud security vendor Threat Stack to bring offensive and defensive cybersecurity services together on one platform. The Nashville-based firm has tasked Brian Ahern with creating managed detection and response bundles with offensive and defensive capabilities.
KnowBe4
FEBRUARY 28, 2023
An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Schneier on Security
FEBRUARY 28, 2023
CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack—using power consumption—against an implementation of the algorithm that was supposed to be resistant against that sort of attack. The algorithm is not “broken” or “cracked”—despite headlines to the contrary—this is just a side-channel attack.
KnowBe4
FEBRUARY 28, 2023
BlackBerry has published a report on a threat actor, Blind Eagle, also known as APT-C-36, which has been operating against targets in Ecuador and Colombia since at least 2019. Its most recent activity has been directed at organizations in Colombia. “On Feb. 20, the BlackBerry Research and Intelligence team witnessed a new campaign where the threat actor impersonated a Colombian government tax agency to target key industries in Colombia, including health, financial, law enforcement, immigration,
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 28, 2023
Gmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that Gmail client-side encryption (CSE) is now available for all Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. In December, Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta users can send and receive encrypted emails within their domain and outside of their domain.
WIRED Threat Level
FEBRUARY 28, 2023
Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more.
Dark Reading
FEBRUARY 28, 2023
Unknown attackers made off with a raft of PII, the Justice Department says — but witnesses in the protection program are still safe.
Security Affairs
FEBRUARY 28, 2023
The U.S. Marshals Service (USMS) was the victim of a ransomware attack, it is investigating the theft of sensitive information. The U.S. Marshals Service (USMS) announced that a ransomware attack has impacted “a stand-alone USMS system.” The US bureau is investigating the theft of sensitive information following the security breach. The infection occurred on February 17, 2023, once discovered the infection the Marshals Service disconnected the system from the network and the Justice
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
FEBRUARY 28, 2023
Separate attacks on two subsidiaries of an Asian conglomerate reflect a surge of cyber-espionage activity in the region in the last 12 months.
OpenText Information Management
FEBRUARY 28, 2023
Welcome to the February 2023 edition of our regular e-Invoicing newsletter. Our Hot Topics section is going to focus on a new service available from OpenText professional services – the e-Invoicing Readiness Check – which can assist companies in preparation for the impending French e-Invoicing and e-Reporting reform. In “Compliance news and updates” we bring … The post February 2023: E-Invoicing & VAT compliance updates appeared first on OpenText Blogs.
Dark Reading
FEBRUARY 28, 2023
The data protection capability is now available across multiple Workspace applications: Gmail, Calendar, Drive, Docs, Slides, Sheets, and Meet.
OpenText Information Management
FEBRUARY 28, 2023
We are quickly approaching the point where the majority of the workforce is millennials and GenZ. In the United States, post millennials are the most ethnically and racially diverse generation ever. The conversations and requirements for creating empowered talent has changed over the years, and for the better. Employees are looking to work for a … The post Building an <i>Us</i>topia: A Conversation on Tech & Equity with Dr.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Dark Reading
FEBRUARY 28, 2023
The opportunistic "SCARLETEEL" attack on a firm's Amazon Web Services account turns into targeted data theft after the intruder uses an overpermissioned service to jump into cloud system.
OpenText Information Management
FEBRUARY 28, 2023
OpenText™ EnCase™ Forensic software is one of the longest established digital forensic platforms on the market. It has been the primary tool of choice for many investigations and has a long track record of withstanding cross-examination in courts of law and tribunals. In this latest ‘EnCase Forensics tips and tricks’ blog, we are going to … The post The EnCase Evidence Viewer appeared first on OpenText Blogs.
Dark Reading
FEBRUARY 28, 2023
Marcus Hutchins, who set up a "kill switch" that stopped WannaCry's spread, later pled guilty to creating the infamous Kronos banking malware.
Expert insights. Personalized for you.
269 
Let's personalize your content