Data Breach Today
SEPTEMBER 22, 2022
$35 Million Fine From Securities and Exchange Commission Covers 5 Years of Mishaps Financial services giant Morgan Stanley will pay a $35 million fine to settle U.S. Securities and Exchange Commission charges that it failed to comply with rules requiring it to safeguard customer data as well as ensure it is disposed of properly.
WIRED Threat Level
SEPTEMBER 22, 2022
Security firm Chainguard has created a simple, open-source way for organizations to defend the cloud against some of the most insidious attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 22, 2022
Current and Former Customers' Contact Details Exposed, But No Financial Information Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.
Security Affairs
SEPTEMBER 22, 2022
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The now-patched critical security flaw was disclosed by Atlassian in early June, at the time the company warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versio
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
SEPTEMBER 22, 2022
K-12 Educational Sector Is a Target for Ransomware Gangs School is out for more than 3,000 students of a suburban Detroit district undergoing its second day of forensics analysis following a cyberattack. Students have been told not to use district-issued Chromebooks. Federal authorities have warned that school districts are targets of ransomware gangs.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 22, 2022
FBI, CISA Detail How Iran Launched Destructive Cyberattack Iranian hackers rambled across the Albanian government's network for 14 months before launching a ransomware and disk wiper attack in July, says the U.S. government. Iran exploited a Microsoft SharePoint vulnerability to gain access and then harvested credentials and exfiltrated data.
eSecurity Planet
SEPTEMBER 22, 2022
During a cyberattack, time is of the essence for both attackers and defenders. To accelerate the ransomware encryption process and make it harder to detect, cybercriminal groups have begun using a new technique: intermittent encryption. Intermittent encryption allows the ransomware encryption malware to encrypt files partially or only encrypt parts of the files.
Data Breach Today
SEPTEMBER 22, 2022
Adversaries Want to Interfere With Research at US Schools. How Can They be Stopped? Cyberattacks against universities have forced academia to implement new rules and processes to safeguard sensitive research from adversaries like China, Russia and Iran. Texas A&M set up an office in 2016 to oversee security around scholarship, and the office has worked to prevent foreign influence.
Dark Reading
SEPTEMBER 22, 2022
As ransomware attacks continue to evolve, beyond using security best practices organizations can build resiliency with extended detection and response solutions and fast response times to shut down attacks.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
SEPTEMBER 22, 2022
New S Ventures Fund Takes on CrowdStrike Fund, Backs Armorblox and Noetic Cyber SentinelOne is taking on top rival CrowdStrike in the venture arena, unveiling a $100 million fund to support security and data startups of all sizes. S Ventures will give the company broader reach in adjacent markets and enable high-value integrations that can grow over time.
KnowBe4
SEPTEMBER 22, 2022
A survey by GetApp has found that the number of organizations using phishing simulations has risen from 30% in 2019 to 70% in 2022. Despite this positive trend, however, attackers continue to increase both the sophistication and volume of their phishing emails, which has led to a significant rise in employees clicking on phishing links.
Data Breach Today
SEPTEMBER 22, 2022
Feds Also Warn the Issue Could Affect the Dose of Insulin Delivered to a Patient Federal authorities have issued urgent advisories - and Medtronic a voluntary product recall - about a cybersecurity flaw in some of the company's insulin pumps. If exploited, the flaw could result in patients receiving too little or too much insulin, which in extreme cases could result in death.
Security Affairs
SEPTEMBER 22, 2022
Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis, is a popular open source data structure tool that can be used as an in-memory distributed database, message broker or cache. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
SEPTEMBER 22, 2022
Hack Traced to Bug in Wallet Addressing Tool Whoever stole $160 million from Wintermute, the cryptocurrency trading firm's CEO, Evgeny Gaevoy, would like the money back, minus 10% that's on the house. A hack of the London-based crypto market maker rocked the company, which supplies liquidity to cryptocurrency trading.
Security Affairs
SEPTEMBER 22, 2022
More than 350,000 open source projects can be potentially affected by a 15-Year-Old unpatched Python vulnerability. More than 350,000 open source projects can be potentially affected by an unpatched Python vulnerability, tracked as CVE-2007-4559 (CVSS score: 6.8), that was discovered 15 years ago. The issue is a Directory traversal vulnerability that resides in the ‘extract’ and ‘extractall’ functions in the tarfile module in Python.
Data Breach Today
SEPTEMBER 22, 2022
Municipal Water Systems Installing Networked Control Systems Public water systems in the United States will continue connecting control systems to the internet despite the risks, members of the House Homeland Security Committee heard today. Water systems need network connectivity for remote repairs, said an official with the National Rural Water Association.
IT Governance
SEPTEMBER 22, 2022
Over the past year, the popularity of SOC 2 has surged. This has been led in part by UK several government departments deciding to use the framework as a requirement for vendors. SOC 2 is already widely adopted in the US by service organisations looking to partner with or provide services to other companies. That the framework is now also being implemented in the UK and across Europe will have downstream effects for all organisations.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
SEPTEMBER 22, 2022
An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559.
Security Affairs
SEPTEMBER 22, 2022
Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to target organizations in the cryptocurrency industry, the last victim in order of time is crypto trading firm Wintermute. The company made the headlines after that threat actors have stolen around $160 million worth of digital assets.
eSecurity Planet
SEPTEMBER 22, 2022
Every security team craves clear visibility into the endpoints, networks, containers, applications, and other resources of the organization. Tools such as endpoint detection and response (EDR) and extended detection and response (XDR) send an increasing number of alerts to provide that visibility. Unfortunately, the high storage and processing fees for traditional security information and event management (SIEM) tools often cause security teams to limit the alerts and logs that they feed into th
Dark Reading
SEPTEMBER 22, 2022
The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Jamf
SEPTEMBER 22, 2022
Our annual Jammies Awards presentation celebrates customers and partners across our geographies and product lines for their outstanding accomplishments over the past year.
HID Global
SEPTEMBER 22, 2022
How IoT and RFID use of data science to extract insights and open new opportunities that are transforming nearly every sector and industry.
eSecurity Planet
SEPTEMBER 22, 2022
Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. The researchers believe it could be used against organizations at scale, which could lead to attacks as serious as the one that hit SolarWinds two years ago. Perhaps more troubling is that the vulnerability was first disclosed 15 years ago but remains unpatched.
Schneier on Security
SEPTEMBER 22, 2022
This is an interesting attack I had not previously considered. The variants are interesting , and I think we’re just starting to understand their implications.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
SEPTEMBER 22, 2022
Attacks against mobile phones and tablets are increasing, and a WannaCry-level attack could be on the horizon.
KnowBe4
SEPTEMBER 22, 2022
Everyone should use multifactor authentication (MFA) , where they can, to protect valuable information. Everyone!
Dark Reading
SEPTEMBER 22, 2022
The decentralized finance (DeFi) platform was the victim of an exploit for a partner's vulnerable code — highlighting a challenging cybersecurity environment in the sector.
Expert insights. Personalized for you.
231 
Let's personalize your content