Data Breach Today
SEPTEMBER 2, 2021
OpenSSL v1.1.1k and Below Are Affected by the Vulnerabilities Several companies that use the OpenSSL cryptography library toolkit are reportedly scrambling and releasing security advisories to their users following patching of two vulnerabilities that were first fixed and disclosed to users on Aug. 24.
AIIM
SEPTEMBER 2, 2021
What happens when information comes to the end of its lifecycle and no longer remains relevant, useful, or valuable? Or, what about when a record’s retention schedule comes to an end? If we keep everything forever, we’ll quickly run into issues like storage costs and other negatives like findability and increased risks. There’s a better way - read on as we explore the importance of Disposition.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 2, 2021
Biometric Databases Could Be Used to Identify Individuals Who Assisted NATO Forces As the last U.S. military flight lifted off Tuesday evening from the airport in Kabul, Afghanistan, what's been left behind reportedly includes a vast trove of biometric data that could be used to identify - including for interrogation or execution - individuals who assisted the occupying NATO forces.
Thales Cloud Protection & Licensing
SEPTEMBER 2, 2021
Executive Order About Cybersecurity Urging Zero Trust Adoption. divya. Thu, 09/02/2021 - 07:09. During the 2021 Thales Crypto Summit , which brings together a group of experts to speak about cryptographic and key management to keep organizations secure, President Biden’s Executive Order (EO) was a key point of discussion. Aimed at “Improving the Nation’s Cybersecurity”, the EO was issued on May 12, 2021, which is the starting point by which many of the requirements and due dates are measured.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 2, 2021
NSC Adviser Anne Neuberger Says Organizations Should Take Precautions While there is currently a lack of specific cyberthreats, Deputy National Security Adviser Anne Neuberger urges organizations, especially those in critical infrastructure, to take precautions over the Labor Day weekend, as threat groups have taken advantage of previous holidays to conduct attacks.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 2, 2021
Cryptocurrency Exchange Offering Some Affected Users $100 Worth of Bitcoin Cryptocurrency exchange Coinbase faces potential user trust challenges after a system error led it to send out false automated security alerts to about 125,000 customers indicating their two-factor authentication settings had been changed.
DLA Piper Privacy Matters
SEPTEMBER 2, 2021
By James Clark and Anna Ward, DLA Piper UK LLP. The Age Appropriate Design Code (“ Code ”), a new statutory Code of Practice published by the UK Information Commissioner’s Office (“ ICO ”), enters into force today (2 September 2021) following a one year transition period. The Code seeks to regulate the provision of online services to children, providing influential guidance to businesses regarding how to build such services in a way that complies with UK data protection law.
Data Breach Today
SEPTEMBER 2, 2021
Company Directed to Delete All Secretly Stolen Data The Federal Trade Commission has, for the first time ever, banned a company and its CEO from the surveillance business in the U.S. Stalkerware service provider company SpyFone and its CEO, Scott Zuckerman, were banned for allegedly harvesting and sharing data through a hidden backdoor.
The Guardian Data Protection
SEPTEMBER 2, 2021
Messaging app calls €225m fine for breaking data protection rules ‘entirely disproportionate’ Ireland ’s data privacy watchdog has slapped WhatsApp with a record €225m (£193m) fine for violating EU data protection rules. The Dublin-based Data Protection Commission (DPC) announced the decision on Thursday after a three-year investigation into the messaging app, which is owned by Facebook.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
SEPTEMBER 2, 2021
Sophos: Methods Include 'Intermittent Encryption' The operators of LockFile ransomware have adopted new techniques, including "intermittent encryption," to help evade detection, according to cybersecurity firm Sophos.
Security Affairs
SEPTEMBER 2, 2021
Cisco released patches for a critical authentication bypass issue in Enterprise NFV Infrastructure Software (NFVIS) for which PoC exploit code is available. Cisco announced the availability of security patches for a critical authentication bypass flaw ( CVE-2021-34746 ) in Enterprise NFV Infrastructure Software (NFVIS) for which proof-of-concept exploit code is already available.
Threatpost
SEPTEMBER 2, 2021
A design flaw involving Google Timeline could allow someone to track another device without installing a stalkerware app.
Security Affairs
SEPTEMBER 2, 2021
Threat actors are actively exploiting a recently patched vulnerability in Atlassian’s Confluence enterprise collaboration product. Threat actors were spotted exploiting the CVE-2021-26084 vulnerability in Atlassian’s Confluence enterprise collaboration product a few days after it was patched by the vendor. Last week, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
SEPTEMBER 2, 2021
David Stewart, CEO, Approov, discusses the top mobile attack routes the bad guys use and the best defenses organizations can deploy against them.
Security Affairs
SEPTEMBER 2, 2021
Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks. A set of 16 security flaws in commercial Bluetooth stacks, collectively tracked as BrakTooth , can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks.
Threatpost
SEPTEMBER 2, 2021
An attacker breached the site of famed street artist Banksy to host a fraudulent NFT auction but then gave back the money.
Security Affairs
SEPTEMBER 2, 2021
Google announced the release of Chrome 93 that addresses 27 security vulnerabilities, 19 issues were reported through its bug bounty program. Google announced the release of Chrome 93 for Windows, Mac and Linux that addresses a total of 27 flaws, including 19 vulnerabilities that were reported through its bug bounty program. Google paid over $130,000 in bounty rewards for the issues addressed with the Chrome 93.0.4577.63. release. “The Chrome team is delighted to announce the promotion of
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
SEPTEMBER 2, 2021
IoT vulnerabilities turned the remote into a listening device, researchers found, which impacted 18 million Xfinity customers.
The Security Ledger
SEPTEMBER 2, 2021
In this Spotlight podcast we’re joined by Benjamin Fabre of DataDome to discuss the evolving risks to organizations as e-commerce shifts from web pages to mobile applications and APIs. The post Spotlight: E-Commerce’s Bot and Mouse Game appeared first on The Security Ledger with Paul F. Roberts. Related Stories Episode 223: CISA Looks To Erase The Security Poverty Line Spotlight: Securing the Great Resignation with Code 42 Encore Podcast: Is Autonomous Driving Heading for a Crash?
Threatpost
SEPTEMBER 2, 2021
The BrakTooth set of security vulnerabilities impacts at least 11 vendors' chipsets.
Security Affairs
SEPTEMBER 2, 2021
Cyber Defense Magazine September 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with 161 pages of excellent content. Cyber Defense eMagazine for September 2021 Published monthly by Cyber Defense Magazine, this resource shares a wealth of information to help you stay one step ahead of the next cyber threat. In this Edition: – Most Innovative and Socially Conscious Technologies at Black Hat – How Trustworthy is Your Cyber Defense?
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Threatpost
SEPTEMBER 2, 2021
Users should be careful whose pics they view and should, of course, update their apps.
ForAllSecure
SEPTEMBER 2, 2021
I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. In that conversation, one analyst shared that companies that implement fuzz testing programs never rip them out. Why? They’re just too valuable. This is a bold statement, especially in the world of application security where strategies are around tool augmentation and diversification, leading to frequent rotation of tools within product security pr
Threatpost
SEPTEMBER 2, 2021
There's proof-of-concept code out for the near-maximum critical – rated at 9.8 – authentication bypass bug, but Cisco hasn't seen any malicious exploit yet.
Adam Shostack
SEPTEMBER 2, 2021
Hey you! Out there beyond the wall, breaking bottles in the hall, you haven’t removed this feed from your RSS reader! If you add this feed there’s a training discount on my next open training course, kicking off October 11.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Threatpost
SEPTEMBER 2, 2021
The FTC's first spyware ban nixes a company whose "slipshod" security practices led to exposure of thousands of victims' illegally collected personal data.
Adam Shostack
SEPTEMBER 2, 2021
Soon, soon we’ll turn off the lights, migrate these posts, and have everything at our shiny new blog at [link]. And if you’re seeing this in an RSS feed, please update to [link]. And by the way, you’ll know you’re in the right place when you see new content about threat modeling and the JoHari Window, and also secret training discounts.
HID Global
SEPTEMBER 2, 2021
Open Banking Insight – A Singapore Perspective. emonreal. Thu, 09/02/2021 - 09:53.
Expert insights. Personalized for you.
320 
Let's personalize your content