Security Affairs

DECEMBER 19, 2021

Clop ransomware gang stolen confidential data from the UK police and leaked it in the dark web because the victim refused to pay the ransom. Clop ransomware operators have stolen confidential information held by some British police, according to the media the cybercriminal gang targeted the IT firm Dacoll. According to the media, the cybercriminals compromised the systems at the company, which has access to the police national computer, using a phishing attack.

Ransomware 127

Ransomware Phishing Data breaches Access 127

Troy Hunt

DECEMBER 19, 2021

In the last month, there were 1,260,000,000 occasions where a service somewhere checked a password against Have I Been Pwned's (HIBP's) Pwned Password API. 99.7% of the time, that check went no further than one of hundreds of Cloudflare edge nodes spread around the world (95% of the world's population is within 50ms of one). It looks like this: There are all sorts of amazing Pwned Passwords use cases out there.

Passwords 145

Passwords Risk Cloud Privacy 145

Security Affairs

DECEMBER 19, 2021

The TellYouThePass ransomware resurged and exploits the Apache Log4j flaw (Log4Shell) to target both Linux and Windows systems. Researchers from KnownSec 404 Team and Sangfor Threat Intelligence Team reported that the TellYouThePass ransomware resurged and is exploiting the Apache Log4j CVE-2021-44228 flaw to target both Linux and Windows systems. “On December 13, Sangfor’s terminal security team and Anfu’s emergency response center jointly monitored a ransomware called Tellyou

Ransomware 124

Ransomware Risk Security IT 124

Security Affairs

DECEMBER 19, 2021

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. TellYouThePass ransomware resurges and exploits Log4Shell in recent attacks Western Digital customers have to update their My Cloud devices to latest firmware version Apache releases the third patch to address a new Log4j flaw 1.8 Million customers

Security 57

Security Ransomware Phishing Cloud 57

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

DECEMBER 19, 2021

Security researchers devised a new attack vector exploiting the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. Researchers from cybersecurity firm Blumira devised a new attack vector that relies on a Javascript WebSocket connection to exploit the Log4Shell vulnerability on internal and locally exposed unpatched Log4j applications.

Communications 99

Communications Risk Libraries Cybersecurity 99