Tue.Oct 20, 2020

article thumbnail

Bitcoin 'Mixer' Fined $60 Million

Data Breach Today

FinCEN: Helix and Coin Ninja Sites Violated Anti-Money Laundering Laws The Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.

IT 261
article thumbnail

Death of the Information Governance Salesman

AIIM

Before we start, let’s take a minute to address the big elephant in the room. You’re probably thinking, “ Where are you going with this sales angle, Sean? I work with records and information, and my job is all about managing, protecting, and storing it. I don’t sell a thing! ”. Well, what we’re going to cover today will show you that you ARE, in fact, in the business of selling when it comes to Information Governance – it’s just a slightly different model than we’re all used to.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

6 Russians Indicted for Destructive NotPeyta Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.

Military 337
article thumbnail

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

6 Takeaways: Russian Spies Accused of Destructive Hacking

Data Breach Today

Experts Say Day of Reckoning Overdue; How Might Moscow Respond? U.S. officials have accused the Russian government of behaving "maliciously or irresponsibly" by taking steps such as crashing Ukraine power grids in the dead of winter and causing more than $10 billion in damages via NotPetya malware. But why make the accusations now? And how might Moscow respond?

More Trending

article thumbnail

Trickbot Rebounds After 'Takedown'

Data Breach Today

CrowdStrike: Botnet's Activity Has Already Picked Up The recent "takedown" of Trickbot by Microsoft and others had only a temporary effect; the botnet's activity levels have already rebounded, according to Crowdstrike and other security firms.

Security 261
article thumbnail

Ransomware Attacks Show Little Sign of Slowing in 2021

Dark Reading

Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.

article thumbnail

Tom Kellermann on the Price of Digital Transformation

Data Breach Today

Analysis of Latest Global Incident Response Threat Report VMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes "the perfect storm" for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means - and how these trends should inform our defensive strategies.

article thumbnail

Cybersecurity Visuals

Schneier on Security

The Hewlett Foundation just announced its top five ideas in its Cybersecurity Visuals Challenge. The problem Hewlett is trying to solve is the dearth of good visuals for cybersecurity. A Google Images Search demonstrates the problem: locks, fingerprints, hands on laptops, scary looking hackers in black hoodies. Hewlett wanted to go beyond those tropes.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Cybersecurity's Inconvenient Truth: The Nation-State Threat

Data Breach Today

Curry, Kellermann and King on Why You Should Be Outraged by Adversaries' Cyber Assaults Has the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.

article thumbnail

Facebook: A Top Launching Pad For Phishing Attacks

Threatpost

Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.

Phishing 104
article thumbnail

The Cybersecurity Maturity Model Certification: Are You in Compliance?

Dark Reading

Not only can this framework help companies remain solvent, but it will also protect critical information from getting into the wrong hands.

article thumbnail

Google’s Waze Can Allow Hackers to Identify and Track Users

Threatpost

The company already patched an API flaw that allowed a security researcher to use the app to find the real identity of drivers using it.

Security 120
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers

Dark Reading

Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.

128
128
article thumbnail

U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya

Security Affairs

The U.S. DoJ announced charges against six Russian intelligence officers for their role in several major cyberattacks carried out over the last years. The U.S. Department of Justice announced charges against six members of Russia’s GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. The defendants are Yuriy Sergeyevich Andrienko, aged 32, Sergey Vladimirovich Detistov, 35, Pavel Valeryevich Frolov, 28, Anatoliy Sergeyevich Kovalev,

Military 104
article thumbnail

What are adaptive supply chains?

OpenText Information Management

The COVID-19 pandemic painfully demonstrated the vulnerabilities of global supply chains. The learning must be that companies must restructure their operations to create far greater levels of supply chain resilience. The simple truth is supply chain disruptions will persist and take many different forms. Adaptive supply chains use cloud-based supply chain technologies to ensure business … The post What are adaptive supply chains?

Cloud 101
article thumbnail

NSA details top 25 flaws exploited by China-linked hackers

Security Affairs

The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the wild.

MDM 102
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Mobile Browser Bugs Open Safari, Opera Users to Malware

Threatpost

A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched.

Phishing 124
article thumbnail

Ransomware attackers donate stolen money to charity

IT Governance

A criminal hacking group that extorted millions of dollars in a series of cyber attacks is now donating money to charity. The DarkSide crooks said they wanted to “make the world a better place”, after posting receipts for $10,000 in Bitcoin donations to The Water Project and Children International. The move has dumbfounded the cyber security community, with the BBC describing it as a “strange and troubling development, both morally and legally”.

article thumbnail

How Automation can help you in Managing Data Privacy

Security Affairs

The global data privacy landscape is changing and everyday we can see new regulations emerge. These regulations are encouraging organizations to be better custodians of the consumers data and create a healthier space for data privacy. In order to do so organizations will need to rework their operations and revamp their processes in order to comply with these regulations.

article thumbnail

Confronting Data Risk in the New World of Work

Threatpost

With Stanford research showing that nearly half of the U.S. labor force is now working from home full-time, insider threats are a much more difficult problem.

Risk 104
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Trickbot Tenacity Shows Infrastructure Resistant to Takedowns

Dark Reading

Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.

132
132
article thumbnail

Ransomware Group Makes Splashy $20K Donation to Charities

Threatpost

Cybercriminal gang Darkside sent $20K in donations to charities in a ‘Robin Hood’ effort that’s likely intended to draw attention to future data dumps, according to experts.

article thumbnail

Building the Human Firewall

Dark Reading

Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?

article thumbnail

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

Threatpost

Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.

Phishing 106
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Businesses Rethink Endpoint Security for 2021

Dark Reading

The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?

article thumbnail

Office 365 OAuth Attack Targets Coinbase Users

Threatpost

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth.

Access 97
article thumbnail

European countries can’t collect everyone’s Internet traffic and location data all the time, top court rules via Fortune

IG Guru

Read more about this ruling here. The post European countries can’t collect everyone’s Internet traffic and location data all the time, top court rules via Fortune appeared first on IG GURU.

Risk 98