Data Breach Today
AUGUST 12, 2022
Scam Uses 'Secure Message' Theme and Trojan to Harvest Credentials A "secure message-themed" phishing campaign targeting healthcare providers aims to lure recipients to an Evernote notepad website in an attempt by hackers to harvest security credentials, federal authorities warn, saying the scheme puts entities at risk for potential data security compromises.
KnowBe4
AUGUST 12, 2022
Cyberattacks via SMS messaging are on the rise, and are having such an impact, the Federal Communications Commission has released an advisory on Robotext phishing attacks (or smishing).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
AUGUST 12, 2022
Regulator Urges Adoption of Web Authentication MFA The U.S. Consumer Financial Protection Bureau is warning lenders they can be liable for data breaches for causing consumers "substantial injury." To avoid liability, the bureau recommends that banks implement multifactor authentication and especially Web Authentication.
Dark Reading
AUGUST 12, 2022
Duston Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
AUGUST 12, 2022
Also: Supply Chain Attack on NHS; Sanction of Crypto Mixer In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
AUGUST 12, 2022
The Changes Security Leaders Expect to See in Technology and the Threat Landscape Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
Schneier on Security
AUGUST 12, 2022
Twitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information. In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter’s systems. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted em
Data Breach Today
AUGUST 12, 2022
Popular: Using Initial Access Brokers, Mediation as a Service, Healthcare Hits Ransomware-wielding attackers continue to seek new ways to maximize profits with minimal effort. Top tactics spotted recently by experts include continuing to partner with initial access brokers and botnet operators and testing new monetization models, such as "mediation as a service.
Dark Reading
AUGUST 12, 2022
Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
KnowBe4
AUGUST 12, 2022
Using a mix of compromised social media accounts, social engineering , call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.
Troy Hunt
AUGUST 12, 2022
It was all a bit last minute today after travel, office works and then a quick rebuild of desk and PC before doing this livestream (didn't even have time to comb my hair!) So yes, I took a shortcut with the description of this video, but it all worked out well in the end IMHO with plenty of content that wasn't entirely data breach related, but yeah, that does seem to be a bit of a recurring theme in these vids.
Threatpost
AUGUST 12, 2022
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
Security Affairs
AUGUST 12, 2022
The U.S. State Department announced a $10 million reward for information related to five individuals associated with the Conti ransomware gang. The U.S. State Department announced a $10 million reward for information on five prominent members of the Conti ransomware gang. The government will also reward people that will provide details about Conti and its affiliated groups TrickBot and Wizard Spider.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
AUGUST 12, 2022
Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites.
Dark Reading
AUGUST 12, 2022
Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.
WIRED Threat Level
AUGUST 12, 2022
FBI agents reportedly searched Mar-a-Lago for “nuclear documents.” That can fall into one of these four categories.
Dark Reading
AUGUST 12, 2022
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Schneier on Security
AUGUST 12, 2022
My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no one has described this taxonomy of access control before Ittay Eyal laid it out in this paper. The paper is about cryptocurrency wallet design, but the ideas are more general. Ittay points out that a key—or an account, or anything similar—can be in one of four states: safe Only the user has access, loss No one has
Dark Reading
AUGUST 12, 2022
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.
WIRED Threat Level
AUGUST 12, 2022
The popular video meeting app makes it easy to keep the software up to date—but it also introduced vulnerabilities.
Outpost24
AUGUST 12, 2022
Threat Actor of the Month - GhostSec. 12.Aug.2022. Florian Barre. Fri, 08/12/2022 - 08:04. Threat Intelligence. Teaser. This month we’re introducing you to GhostSec, a hacktivist group with ties to the Anonymous collective.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Jamf
AUGUST 12, 2022
In the last of our three-part series on hiring people with disabilities, we tackle how to retain these valuable employees. We'll cover resources, how to plan for accommodations in your business, and how to learn which will be best for each individual.
Outpost24
AUGUST 12, 2022
Threat Actor of the Month - August 2022. 12.Aug.2022. Florian Barre. Fri, 08/12/2022 - 08:04. Gerard, Jacobo, from Threat Context. Threat Intelligence. Teaser. This month we’re introducing you to GhostSec, a hacktivist group with ties to the Anonymous collective.
Docuware
AUGUST 12, 2022
Large global manufacturers were among the earliest adopters of digital document management solutions. Today, companies of every size are facing strong competitive pressure, supply chain woes and a rapidly changing regulatory landscape. Manufacturers need to be innovative to get their products to market faster, compete in global markets and become low-cost producers while delivering superior quality and customer service.
IG Guru
AUGUST 12, 2022
Check out the post here.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Krebs on Security
AUGUST 12, 2022
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationw
Data Breach Today
AUGUST 12, 2022
Cyberspace Solarium Commission Co-Chairs Send Letter to HHS Calling for More Action The co-chairs of Congress' Cyberspace Solarium Commission request an "urgent briefing" with Biden administration officials to discuss the state of cybersecurity in the healthcare and public health sector and call for actions to address rising cyberthreats.
Schneier on Security
AUGUST 12, 2022
I think the U is forced : SQUID consists of five steps: Stop, Question, Understand, Imagine, and Decide. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Expert insights. Personalized for you.
283 
Let's personalize your content