Krebs on Security
AUGUST 14, 2020
R1 RCM Inc. [ NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc. , Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide.
Data Breach Today
AUGUST 14, 2020
Alert From NSA and FBI Warns of Drovorub Malware Used by 'Fancy Bear' Group An alert from U.S. National Security Agency and the FBI warns of a recently discovered Russian-deployed malware variant called Drovorub that's designed to target Linux systems, creating a backdoor into targeted networks to exfiltrate data.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
AUGUST 14, 2020
Maze ransomware operators have leaked online the unencrypted files allegedly stolen from Canon during a recent ransomware attack. According to an internal memo obtained by ZDNet last week, the recent outage suffered by Canon was caused by a ransomware attack, at the same time Maze ransomware operators were taking the credit for the incident. The memo also reveals that the company has hired an external security firm to investigate the incident.
Data Breach Today
AUGUST 14, 2020
ClearSky: Operation 'DreamJob' Lures Defense Workers With Fake Job Opportunities Hackers with suspected ties to North Korea's government are conducting a cyber espionage campaign that's circulating "job opportunity" spear-phishing emails targeting employees of defense contractors, according to the security firm ClearSky.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Threatpost
AUGUST 14, 2020
The XCSSET suite of malware also hijacks browsers, has a ransomware module and more -- and uses a pair of zero-day exploits.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Troy Hunt
AUGUST 14, 2020
It's an extra early one this week and on review, I do look a bit. dishevelled! I run through a whole bunch of things from this week's Twitter timeline and there's some great audience questions this week too so thanks very much everyone for the engagement. Next we'll do it at the other end of the day again and I'm sure there'll be a heap of new stuff to cover before then.
Data Breach Today
AUGUST 14, 2020
With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance.
Threatpost
AUGUST 14, 2020
The photo-sharing app retained people’s photos and private direct messages on its servers even after users removed them.
Data Breach Today
AUGUST 14, 2020
Assistant Attorney General Says China Could Use Data Gathered for Intelligence Purposes China could collect the personal data on Americans through the social media apps TikTok and WeChat for intelligence-gathering purposes, a senior Justice Department official says in explaining why the White House wants to ban these apps.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Threatpost
AUGUST 14, 2020
Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.
Data Breach Today
AUGUST 14, 2020
Leaked Materials Prompt Questions About Test Integrity and Access to Exam Questions Who watches the penetration-testing testers? Questions are circulating over how some organizations train their employees for the CREST pen-testing certification after some leaked internal documents appeared to contain material from past tests.
Dark Reading
AUGUST 14, 2020
Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.
Data Breach Today
AUGUST 14, 2020
Legislation Based on Cyberspace Solarium Commission's Recommendations A bipartisan group of federal lawmakers has proposed providing $28 billion to state and local governments to bolster their cybersecurity and IT infrastructures.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Schneier on Security
AUGUST 14, 2020
The NSA and FBI have jointly disclosed Drovorub, a Russian malware suite that targets Linux. Detailed advisory. Fact sheet. News articles. Reddit thread.
Data Breach Today
AUGUST 14, 2020
Sophos Describes How Model Enables Low-Skilled Hackers to Target Vulnerable Small Businesses A new study from Sophos describes how the Dharma ransomware-as-a-service model offers low-skilled hackers the ability to profit from attacks on unprotected small businesses.
Security Affairs
AUGUST 14, 2020
China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. A China-linked APT group, tracked by Kaspersky as CactusPete (aka Karma Panda or Tonto Team ), was observed using an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe.
Data Breach Today
AUGUST 14, 2020
The latest edition of the ISMG Security Report analyzes why Barclays is being investigated for allegedly spying on its employees. Also featured: How the pandemic is affecting CISOs; an FBI assessment of nation-state threats to U.S. election.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
AUGUST 14, 2020
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
Threatpost
AUGUST 14, 2020
The recently patched flaws could be abused by an unauthenticated, remote attackers to take over vulnerable websites.
Dark Reading
AUGUST 14, 2020
Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.
Schneier on Security
AUGUST 14, 2020
This is a current list of where and when I am scheduled to speak: I'm giving a keynote address at the Cybersecurity and Data Privacy Law virtual conference on September 9, 2020. The list is maintained on this page.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
AUGUST 14, 2020
The malware's developers have turned to dynamic link libraries (DLLs) to hide their work.
Adam Levin
AUGUST 14, 2020
Unsubscribe links in the footers of unwanted emails present an ideal trap for hackers. In the latest episode of Third Certainty, Adam Levin explains how to deal with unwanted and unsolicited emails without compromising cybersecurity. The post The Dangers of Unsubscribe Links – Third Certainty #25 appeared first on Adam Levin.
Adapture
AUGUST 14, 2020
Your data center is full of individual solutions, many of which are incompatible. The complexity of the technology industry means that organizations are often running operations across dozens of tools from different OEMs that come with a plethora of varying dashboards, inconsistent integration, and inconsistent patching and maintenance demands. For cybersecurity professionals, gathering data across all your endpoints is a logistical nightmare.
Preservica
AUGUST 14, 2020
First published on Nextgov. The COVID-19 global pandemic has simultaneously and exponentially increased the production of electronic government records and the demand for online access to public records and information. Unprecedented volumes of official records dealing directly with the government’s pandemic response and recovery efforts—unemployment claims, small business loan applications, public health advisories and executive orders, press releases and statistics—must be captured, protected
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Rippleshot
AUGUST 14, 2020
We hear many common pain points from fraud analysts and managers. “I don’t know what fraud risks are coming my way…I worry about the high-dollar events I can’t see coming…fraud analysis takes too long…I miss too much fraud until after it happens…I can’t do my job without an entire team of fraud analysts.”. The list goes on and on — and these pain points escalate when big fraud events hit.
Adapture
AUGUST 14, 2020
Your data center is full of individual solutions, many of which are incompatible. The complexity of the technology industry means that organizations are often running operations across dozens of tools from different OEMs that come with a plethora of varying dashboards, inconsistent integration, and inconsistent patching and maintenance demands. For cybersecurity professionals, gathering data across [ ] The post Cisco SecureX: Cisco’s New Integrated Cybersecurity Solution appeared first o
Dark Reading
AUGUST 14, 2020
Clever wordplay on sandcastles, sandboxes, zero trust. and granular controls. And the winners are.
Expert insights. Personalized for you.
358 
Let's personalize your content