Data Breach Today
JANUARY 4, 2021
Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020.
Schneier on Security
JANUARY 4, 2021
From an interview with an Amazon Web Services security engineer: So when you use AWS, part of what you’re paying for is security. Right; it’s part of what we sell. Let’s say a prospective customer comes to AWS. They say, “I like pay-as-you-go pricing. Tell me more about that.” We say, “Okay, here’s how much you can use at peak capacity.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JANUARY 4, 2021
Judge Cites WikiLeaks Founder's Health as Reason for Denying Extradition A British judge has denied a Justice Department request to extradite WikiLeaks founder Julian Assange to the U.S. to face criminal charges related to hacking government computers and then publishing classified information. U.S. prosecutors plan to appeal.
Schneier on Security
JANUARY 4, 2021
The NSA has just declassified and released a redacted version of Military Cryptanalytics , Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros D. Callimahos and William F. Friedman, were released decades ago — I believe repeatedly, in increasingly unredacted form — and published by the late Wayne Griswold Barker’s Agean Park Press.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JANUARY 4, 2021
Researchers Say Recently Uncovered Malware Targets Windows and Linux Researchers at the security firm Intezer have detected a new Golang-based worm that is targeting Windows and Linux servers with monero cryptomining malware.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JANUARY 4, 2021
Researchers Say Flaw Affects VPN Gateways, AP Controllers and Firewalls A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the security firm Eye Control. Users are urged to patch the flaw.
OpenText Information Management
JANUARY 4, 2021
As the cyberattack story continues to unfold around the SUNBURST and SUPERNOVA malware distributed through a compromised SolarWinds software update, more private and public sector organizations from around the world are coming forward to disclose how they were affected by the breach. In response, cybersecurity experts are simply recommending that all SolarWinds customers presume they … The post SolarWinds: Threat hunt to contain and eradicate appeared first on OpenText Blogs.
Data Breach Today
JANUARY 4, 2021
New regulatory provisions that allow healthcare systems to make donations of cybersecurity technology and services to physician practices could help greatly bolster security in the sector, says attorney Julie Kass of law firm Baker Donelson.
Security Affairs
JANUARY 4, 2021
Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups. The experts attribute the attacks to the Chinese cyberespionage group APT27 (aka Emissary Panda , TG-3390 , Bronze Union , and Lucky Mouse ).
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JANUARY 4, 2021
Forrester's Chase Cunningham on Implementation of Zero Trust Framework The year 2020 saw the zero trust conversation evolve from 'what is it' to 'how to achieve a zero trust architecture', says Chase Cunningham, principal analyst, serving security and risk professionals at Forrester. What further evolution can we expect in 2021?
IT Governance
JANUARY 4, 2021
What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded? We logged 134 security incidents in December, which accounted for 148,354,955 breached records. That brings the total for 2020 to more than 20 billion. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below.
Data Protection Report
JANUARY 4, 2021
On Christmas Eve, the EU and UK announced that a Trade and Cooperation Agreement ( TCA ) had been finalised. With it, came a sigh of relief from data protection practitioners everywhere. This is because the TCA provides an extension period, of a sort, to allow the European Commission time to conclude its adequacy assessment of the UK. Without this, EEA-UK data transfers would otherwise have been restricted at the end of the Brexit transition period.
Jamf
JANUARY 4, 2021
This document describes the steps to create a method of onboarding devices using Automated Device Enrollment from Apple (formerly DEP), Jamf Pro, and Jamf Connect to make a customized experience for end users.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
JANUARY 4, 2021
Several Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt to 'choke off' its business.
Security Affairs
JANUARY 4, 2021
At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach. Apex Laboratory, Inc. is a clinical laboratory that has been providing home laboratory services to homebound and Nursing Home patients in the NY Metropolitan Area for over 20 years. The at-home laboratory services provider Apex Laboratory disclosed a ransomware attack, the hackers also stole some patient in the incident that took place on July 25, 2020. “On July 25, 2020, Apex Lab
WIRED Threat Level
JANUARY 4, 2021
The ruling is based not on whether the Wikileaks founder violated the Espionage Act, but on the implications of subjecting him to the US carceral state.
Dark Reading
JANUARY 4, 2021
Microsoft says there is no increase in security risk; however, experts say access to source code could make some steps easier for attackers.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
JANUARY 4, 2021
Researcher uses an old unCAPTCHA trick against latest the audio version of reCAPTCHA, with a 97 percent success rate.
Dark Reading
JANUARY 4, 2021
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.
Threatpost
JANUARY 4, 2021
Over 500,000 leaked credentials tied to the top two dozen leading gaming companies are for sale online.
Hunton Privacy
JANUARY 4, 2021
The global privacy and cybersecurity team at Hunton Andrews Kurth has authored multiple chapters of the 2021 Data Protection & Privacy guide by Lexology’s Getting the Deal Through. Partner Aaron P. Simpson and practice chair Lisa J. Sotto served as contributing editors of the ninth edition of the annual guide, which provides summary and analysis in key areas of law, practice and regulation for 150 jurisdictions across the globe.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
JANUARY 4, 2021
The combined entity will have a portfolio of security tools designed to identify security risk and recover from incidents.
Thales Cloud Protection & Licensing
JANUARY 4, 2021
Luna HSM 7 Certified for eIDAS Protection. sparsh. Mon, 01/04/2021 - 08:02. Thales Luna Hardware Security Module (HSM) v.7.7.0, our flagship product, is certified in accordance with Common Criteria (CC) at EAL4+ level against the electronic IDentification, Authentication and Trust Services (eIDAS) Protection Profile (PP) EN 419 221-5. Next to the CC certification, Luna HSM 7 has also received eIDAS certification as both a Qualified Signature and Qualified Seal Creation Device (QSCD).
Dark Reading
JANUARY 4, 2021
The wireless carrier has suffered a data breach for the fourth time since 2018.
Threatpost
JANUARY 4, 2021
The cyberattack incident is the wireless carrier's fourth in three years.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Jamf
JANUARY 4, 2021
With macOS Big Sur, a device enrolled in Jamf Pro, a FileVault recovery key escrowed in the Jamf Pro server, additional users created on that device with Jamf Connect automagically receive a SecureToken to unlock the device.
Threatpost
JANUARY 4, 2021
Apex Laboratory patient data was lifted and posted on a leak site.
Dark Reading
JANUARY 4, 2021
Six resolutions for forward-looking cyber-risk leaders.
Expert insights. Personalized for you.
333 
Let's personalize your content