Data Breach Today

OCTOBER 9, 2021

Profit Projections Down £25 Million, Revenue Deferrals Put At £50 Million A ransomware attack on Scottish multinational engineering firm Weir Group led to several ongoing but temporary disruptions including engineering, manufacturing and shipment rephrasing, hitting profits despite no ransom being paid.

Ransomware 203

Ransomware Manufacturing 203

Security Affairs

OCTOBER 9, 2021

Google has addressed a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. Google released security updates to address a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. The most severe vulnerability, tracked as CVE-2021-37977, is an after-free issue in Garbage Collection that could lead to arbitrary code execution.

Security 112

Security Information Security IT 112

Troy Hunt

OCTOBER 9, 2021

A lot of cyber things this week: loads of data breach (or "scrape", In LinkedIn's case) incidents, Windows 11 upgrade experiences and then bricking my house courtesy of a Home Assistant update that fundamentally changed the Tuya integration. So pretty much "same, same but different" to every other week 🙂 References I've done another podcast with 1Password ("Crocodile Shower Privacy Settings with Troy Hunt" - yep!

Data breaches 109

Data breaches Passwords Privacy Security 109

Security Affairs

OCTOBER 9, 2021

CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain containing production data. Original post @ [link]. CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain, containing what appear to be production-level database access credentials, as well as addresses to development endpoints. Sky, a subsidiary of Comcast, is Europe’s largest media company, boasting a 12% market share and a revenue of approximately £13.4 billion in 20

IoT 104

IoT Access Ransomware Education 104

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

WIRED Threat Level

OCTOBER 9, 2021

Plus: Twitch hack fallout, Russian phishing, and more of the week’s top security news.

Phishing 103

Phishing Security 103

WIRED Threat Level

OCTOBER 9, 2021

A federal judge ruled that the content-delivery service doesn't "contribute" to copyright infringement.

Security 74

Security 74

Security Affairs

OCTOBER 9, 2021

Security expert Dhiraj Mishra published an NMAP script for the CVE-2021-41773 Path Traversal vulnerability affecting Apache Web Server version 2.4.49. Security researcher Dhiraj Mishra released an NMAP script for the CVE-2021-41773 path traversal vulnerability affecting Apache Web Server version 2.4.49. We have reproduced the fresh CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49.

Security 119

Security IT Cybersecurity Information Security 119