Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identi

IT 326

IT Archiving Personal data Access 326

Data Breach Today

JUNE 18, 2020

Latest Named Victims Include Engineering Firm, Furniture Manufacturer, Pet Spa The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.

Ransomware 277

Ransomware Manufacturing IT 277

Security Affairs

JUNE 18, 2020

79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices. Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models.

Security 142

Security Communications IT Information Security 142

Data Breach Today

JUNE 18, 2020

Program, Which Could Become Global, Designed to Evaluate Security of Connected Devices An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices. The effort, slated to start in September, could expand globally.

IoT 259

IoT Manufacturing Security 259

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Dark Reading

JUNE 18, 2020

The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?

Cybersecurity 131

Cybersecurity 131

Security Affairs

JUNE 18, 2020

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009.

Phishing 107

Phishing Financial Services Personal data Security 107

Data Breach Today

JUNE 18, 2020

Researchers Suspect North Korean Hackers Behind Cyberespionage Campaign A cyberespionage campaign that targeted aerospace and defense firms in Europe and the Middle East likely was the work of a hacking group with ties to North Korea, according to security firm ESET. Attackers also attempted a BEC-style scheme.

Security 219

Security 219

Security Affairs

JUNE 18, 2020

In April the information technologies services giant Cognizant Technology suffered a ransomware attack, now it has confirmed also a data breach. In April the information technologies services giant Cognizant Technology was hit by Maze Ransomware operators. Cognizant is an American multinational corporation that provides IT services, it is one of the largest IT managed services company in the world with over $16 billion in revenue.

Data breaches 97

Data breaches Ransomware Encryption Security 97

Data Breach Today

JUNE 18, 2020

Popular Apps Too Susceptible to Hacking, Positive Technologies Warns Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.

Security 188

Security 188

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Threatpost

JUNE 18, 2020

Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.

Healthcare 97

Healthcare Financial Services Government Communications 97

Data Breach Today

JUNE 18, 2020

How do the recently identified "Ripple20" TCP/IP code flaws potentially impact medical devices? And what steps can healthcare organizations take to help mitigate the risks? Elad Luz of the security research firm CyberMDX, which helped study the vulnerabilities, offers an analysis.

Risk 175

Risk Security 175

Dark Reading

JUNE 18, 2020

We've got questions for you on black infosec, burnout, vulnerabilities, COVID-19, and much more. Send us your video responses and we'll play them in our News Desk broadcast during Black Hat Virtual.

96

96

Data Breach Today

JUNE 18, 2020

Defendants Allegedly Oversaw Schemes for Years, Causing Millions in Losses Several Nigerian nationals have been indicted for their alleged involvement in business email compromise campaigns from 2015 to 2017 that targeted U.S. businesses.

175

175

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

JUNE 18, 2020

Drupal released security updates to patch several security issues, including a flaw that could allow an attacker to execute arbitrary PHP code. Drupal released security updates to address multiple security vulnerabilities, including a “critical” flaw tracked as CVE-2020-13664 that could be exploited by an attacker to execute arbitrary PHP code.

CMS 92

CMS Security Access IT 92

Data Breach Today

JUNE 18, 2020

CEOs, CISOs on Identity, Visibility and Defending in the New Threat Landscape Digital transformation may have occurred over a weekend in March, but the effects will be felt - and secured - for years to come. How will global enterprises in 2021 validate identities, defend networks without perimeters and secure a permanent remote workforce? A panel of CEOs and CISOs shares strategies.

Digital transformation 147

Digital transformation Security Cybersecurity IT 147

Threatpost

JUNE 18, 2020

Darren James, product specialist with Specops Software, warned that password resets, for example, are a particularly vexing issue for sysadmins, as they can often lockout end-users from their accounts.

Passwords 91

Passwords Security 91

Security Affairs

JUNE 18, 2020

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe.

Military 90

Military Communications Libraries Encryption 90

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

JUNE 18, 2020

Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections.

Phishing 103

Phishing Security 103

Dark Reading

JUNE 18, 2020

A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.

Security 116

Security 116

IBM Big Data Hub

JUNE 18, 2020

A colleague recently shared a great quote with me from a mainframe CTO expounding on which platform is the “blue ribbon” winner for managing data across mainframe, IBM i, UNIX and Windows.

Cloud 82

Cloud 82

Schneier on Security

JUNE 18, 2020

The Washington Post is reporting on an internal CIA report about its "Vault 7" security breach: The breach -- allegedly committed by a CIA employee -- was discovered a year after it happened, when the information was published by WikiLeaks, in March 2017. The anti-secrecy group dubbed the release " Vault 7 ," and U.S. officials have said it was the biggest unauthorized disclosure of classified information in the CIA's history, causing the agency to shut down some intelligence operations and aler

IT 110

IT Security Cybersecurity 110

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

IT Governance

JUNE 18, 2020

Hi, my name is Dom and I work as a front-end developer for Vigilant Software (a sister company of IT Governance) where I spend my day crafting the user interface for our products CyberComply and Cyber Security Portal. My job was advertised as being for a CSS and JavaScript Wizard – but I’m still waiting for my pointy hat! Developers are notorious for buying books and never reading them, trusting that the information will seep into their brain by some form of osmosis.

Government 75

Government IT Security 75

Dark Reading

JUNE 18, 2020

Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging.

113

113

Threatpost

JUNE 18, 2020

The June campaign was targeted and aimed at stealing online banking credentials.

Phishing 101

Phishing Security 101

Dark Reading

JUNE 18, 2020

Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.

Cybersecurity 81

Cybersecurity 81

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Threatpost

JUNE 18, 2020

High-severity flaws plague Cisco's Webex collaboration platform, as well as its RV routers for small businesses.

IT 84

IT Security 84

Dark Reading

JUNE 18, 2020

CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.

Security 73

Security 73

Threatpost

JUNE 18, 2020

The malware has boosted its anti-detection capabilities in a new email campaign.

IT 96

IT Security 96