The Last Watchdog

DECEMBER 2, 2021

Ransomware attacks have reached a record high this year, with nearly 250 attacks recorded to date and months to go. As we’ve seen with major attacks like Kaseya and Colonial Pipeline, cybercriminals have continued to innovate, developing new tools and tactics to encrypt and exfiltrate data. Related: Kaseya breach worsens supply chain worries. Where previously ransomware gangs relied solely on the attack’s disruption to daily business to be enough for the victim to pay the ransom, today’s stakes

Ransomware 224

Ransomware Cybersecurity Risk Encryption 224

Krebs on Security

DECEMBER 2, 2021

In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud provider claim was a fabrication. On Wednesday, a former Ubiquiti developer was arrested and charged with stealing data and trying to extort his employer while pretending to be a whistleblower.

Cloud 284

Cloud Communications Access Marketing 284

Preservica

DECEMBER 2, 2021

It's been a busy few weeks in the world of Preservica with the Launch of Starter in the UK, announcements on training with IRMS and ARA as well as the huge news of a further £5mil investment from Gresham House Ventures to accelerate our digital preservation solutions… but this all paled in comparison to attending my first face to face conference in over two years!

Digital preservation 144

Digital preservation Records Management Digital transformation ECM 144

Security Affairs

DECEMBER 2, 2021

U.S. CISA urges to address vulnerabilities Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines.

Cybersecurity 138

Cybersecurity Authentication Risk Security 138

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Schneier on Security

DECEMBER 2, 2021

A hacker stole $31 million from the blockchain company MonoX Finance , by exploiting a bug in software the service uses to draft smart contracts. Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. MonoX updates prices after each swap by calculating new prices for both tokens.

Blockchain 133

Blockchain 133

eSecurity Planet

DECEMBER 2, 2021

Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware , steal data and evade detection, according to a report this week by security firm Proofpoint. The advanced persistent threat (APT) groups are using a technique called rich text format (RTF) template injections, which is similar to a template injection tactic that exploits Microsoft Office files.

Phishing 114

Phishing Cybersecurity Security Ransomware 114

Security Affairs

DECEMBER 2, 2021

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. The latest banned services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel.

Communications 111

Communications Access Government Security 111

Data Matters

DECEMBER 2, 2021

The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers.

Privacy 88

Privacy Cybersecurity 88

Security Affairs

DECEMBER 2, 2021

Europol identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. Europol has identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. The operation is the result of a joint effort of 27 countries, Eurojust, INTERPOL, the European Banking Federation (EBF), and the FinTech FinCrime Exchange.

Phishing 106

Phishing Risk IT Security 106

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Threatpost

DECEMBER 2, 2021

Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found.

Ransomware 120

Ransomware Access 120

Jamf

DECEMBER 2, 2021

Learn why cybersecurity in schools is crucial for student success, and how to strengthen your defenses against the threat of lost learning time and data breaches.

Education 98

Education Cybersecurity Data breaches 98

Dark Reading

DECEMBER 2, 2021

Diversity brings more varied solutions to major challenges in cybersecurity, just as it does in every other industry.

Cybersecurity 114

Cybersecurity IT 114

WIRED Threat Level

DECEMBER 2, 2021

An attacker exploited a vulnerability in MonoX Finance's smart contract to inflate the price of its digital token and then cash out.

IT 101

IT Security 101

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Dark Reading

DECEMBER 2, 2021

Proactively updating and integrating technology, and ensuring tight collaboration between IT and security … it's simple, right? Well, not always – especially for organizations with limited resources.

Security 86

Security IT 86

Rocket Software

DECEMBER 2, 2021

Over the past couple of years, increased Zowe adoption and the push to integrate the mainframe into platform-neutral DevOps pipelines have resulted in greater use of Unix System Services (USS). With increased use of USS has come widespread acceptance of Rocket’s z/OS ports of common open-source languages and tools that are not bundled with USS such as Git, OpenSSL, cURL, Python, Bash, Make and others.

Security 85

Security Access Risk IT 85

Threatpost

DECEMBER 2, 2021

Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information.

Insurance 85

Insurance Privacy 85

IG Guru

DECEMBER 2, 2021

Be a part of the action by presenting your skills and best practices to the finest in the RIM/IG profession at ARMA International’s InfoCon 2022. Start your application today! The post Calling all InfoCon Presenters! appeared first on IG GURU.

Information governance 82

Information governance Government 82

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

DECEMBER 2, 2021

Newer top-level domains and certain hosting providers are frequent sources of malicious content, while newly registered domains and free SSL certificates are not any more likely than average to be risky, new research shows.

109

109

Threatpost

DECEMBER 2, 2021

AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem.

IT 90

IT Cloud Security 90

Dark Reading

DECEMBER 2, 2021

The breach, which compromised data such as insurance details and prescription information, took place between Oct. 9 and Oct. 17.

Insurance 95

Insurance 95

WIRED Threat Level

DECEMBER 2, 2021

The platform joins Google and others in requiring stronger protections for its most vulnerable users.

Risk 97

Risk IT Security 97

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

The Guardian Data Protection

DECEMBER 2, 2021

Regulator says safety of hundreds of individuals was jeopardised after their addresses were posted online The Cabinet Office has been fined £500,000 by the UK’s data watchdog after the postal addresses of the 2020 New Year honours recipients were disclosed online. The Information Commissioner’s Office (ICO) found officials failed to put in place “appropriate technical and organisational measures” to prevent the unauthorised disclosure of personal information in breach of data protection law.

Data breaches 73

Data breaches Privacy Security 73

eDiscovery Daily

DECEMBER 2, 2021

COVID-19 has transformed the document review process. Traditionally, document review was conducted in person by experts at review centers. As COVID-19 rates increased, fears for individual health and safety mandated the transition to remote review. Though remote review became a sudden necessity, it’s not a new concept. The transition began long before the pandemic at a slow but steady pace.

e-Discovery 72

e-Discovery Authentication Cloud Communications 72

Dark Reading

DECEMBER 2, 2021

The entertainment industry has long had to deal with the challenge of protecting their high-value content and intellectual property. Enter remote browser isolation (RBI).

64

64

Synergis Software

DECEMBER 2, 2021

This month’s employee spotlight is on Albert Lamaute (pronounced La-mote), our Manager of Project Management. Albert joined Synergis two years ago as our lead PM and oversees our Project Management team responsible for the successful execution of all projects for Synergis Software and our Engineering Design Solutions group. In his role, Albert meets with clients to kick off projects, work through the scheduling of all assignments and resources, handles issue resolution, and communicates with all

Communications 52

Communications 52

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

DECEMBER 2, 2021

Report explores cybercrime developments from the second half of 2020 through the first half of 2021.

Access 84

Access Ransomware 84

OneHub

DECEMBER 2, 2021

Finding new ways to work faster and more efficiently is a top goal for most employees. There’s no shortage of work productivity tips available online, but most of them focus on ways to manage your time better or improve your focus. That’s helpful information, but it does require some personal effort and discipline to reap the benefits. Sometimes you want something fast and easy to help you.

IT 52

IT 52

Dark Reading

DECEMBER 2, 2021

There's been a veritable gold rush of security vendors getting into secure access service edge. Now will any of the major IaaS vendors enter the market? Rik Turner makes the case.

Cloud 63

Cloud Marketing Access Security 63