Krebs on Security

AUGUST 21, 2020

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “ vishing ” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pand

Authentication 354

Authentication Access Phishing Mining 354

Data Breach Today

AUGUST 21, 2020

Joe Sullivan Accused of Making 'Hush Money' Bitcoin Payoff to Hackers The U.S. Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers.

Data breaches 312

Data breaches 312

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social and Behavioral Science [CSBS]).

Ransomware 141

Ransomware Insurance Encryption Information Security 141

Data Breach Today

AUGUST 21, 2020

The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.

Ransomware 304

Ransomware Security 304

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

AUGUST 21, 2020

Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb , researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen Group.

Ransomware 123

Ransomware Archiving Manufacturing Data breaches 123

Troy Hunt

AUGUST 21, 2020

Between still feeling a little groggy after hitting the water hard on an early wake boarding session then my camera overheating and shutting down towards the end of the live stream, this wasn't the smoothest of weekly updates, I still got across everything I needed to. I'm especially excited about those Shelly 1 units for cheaply IoT'ing existing lights and I'm hoping to have some of that up and running next week.

Cybersecurity 121

Cybersecurity 121

Data Breach Today

AUGUST 21, 2020

Diebold Nixdorf and NCR Say Unpatched Flaws Could Permit Deposit Forgery Diebold Nixdorf and NCR have issued patches for ATM software vulnerabilities that could enable a hacker with physical access to the devices to commit deposit forgery, according to the Carnegie Mellon University CERT Coordination Center.

Manufacturing 279

Manufacturing Access 279

Dark Reading

AUGUST 21, 2020

Researchers advise Amazon Web Services users running Community Amazon Machine Images to verify them for potentially malicious code.

141

141

Data Breach Today

AUGUST 21, 2020

Kaspersky: 'Transparent Tribe' Using Trojan That Now Targets Removable Devices "Transparent Tribe," a hacking group that targets military and diplomatic organizations, has updated its Crimson remote access Trojan to enable the malware to steal data from removable devices and then use these devices to spread to other systems, according to new research from Kaspersky.

Military 278

Military IT Access 278

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Threatpost

AUGUST 21, 2020

The university said that it paid $457,000 to retrieve a decryption key after a ransomware attack encrypted student and faculty data on its servers.

Ransomware 130

Ransomware Encryption IT Personal data 130

Data Breach Today

AUGUST 21, 2020

Malware Used to Plant Cryptominers and Launch DDoS Attacks Lucifer, a botnet that has been infecting Windows devices with cryptominers and using compromised systems for distributed denial-of-service attacks, now has the ability to compromise Linux-based systems as well, according to Netscout's ATLAS Security Engineering & Response Team.

Security 179

Security 179

Security Affairs

AUGUST 21, 2020

Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Mozilla announced this week that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features, and defense-in-depth measures implemented in the Firefox browser.

Access 116

Access Security IT Information Security 116

Data Breach Today

AUGUST 21, 2020

Court Ruling Hinged Primarily on Contractual Issues After a Merger A federal court's dismissal of a lawsuit filed against medical transcription company Nuance Communications in the wake of a 2017 NotPetya ransomware attack illustrates how contract terms can affect legal outcomes.

Communications 147

Communications Ransomware 147

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

AUGUST 21, 2020

The FBI and CISA issued a joint alert to warn teleworkers of an ongoing vishing campaign targeting entities from multiple US sectors. The Federal Bureau of Investigation ( FBI ) and the Cybersecurity and Infrastructure Security Agency ( CISA ) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries.

Phishing 108

Phishing Authentication Access Mining 108

Data Breach Today

AUGUST 21, 2020

HealthEngine Improperly Disclosed Personal Details, Tampered With Reviews An Australian court on Thursday announced a hefty fine against HealthEngine, an online medical appointments booking platform, for improperly sharing personal data and altering online reviews.

Personal data 147

Personal data 147

Threatpost

AUGUST 21, 2020

Threatpost editors discuss a cryptomining malware targeting AWS systems, a recent development in a lawsuit against the IBM-owned Weather Channel app, and more.

Privacy 113

Privacy IoT Data Privacy 113

Adam Levin

AUGUST 21, 2020

Carnival Corporation, the largest cruise ship company in the world, announced that it had experienced a data breach following a ransomware attack on their systems. In an 8-K filing with the Securities and Exchange Commission (SEC), the company announced that it had “detected a ransomware attack that accessed and encrypted a portion of one [their] brand’s information technology systems,” adding that the hackers responsible downloaded “certain” data files.

Data breaches 105

Data breaches Ransomware Encryption Access 105

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Dark Reading

AUGUST 21, 2020

COVID-19 won't be the last major disruption of its kind. Instead, it is a glimpse into what may be to come as digitalization continues to affect all aspects of our lives.

Cybersecurity 110

Cybersecurity IT 110

Threatpost

AUGUST 21, 2020

Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.

Data breaches 104

Data breaches Security 104

Dark Reading

AUGUST 21, 2020

Though a ransomware attempt was thwarted, the university paid to prevent the release of student PII.

Ransomware 130

Ransomware 130

Schneier on Security

AUGUST 21, 2020

Sound waves through the body are unique enough to be a biometric: "Modeling allowed us to infer what structures or material features of the human body actually differentiated people," explains Joo Yong Sim, one of the ETRI researchers who conducted the study. "For example, we could see how the structure, size, and weight of the bones, as well as the stiffness of the joints, affect the bioacoustics spectrum." [.].

IT 129

IT 129

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Dark Reading

AUGUST 21, 2020

Attackers are increasingly seeding open source projects with compromised components.

137

137

WIRED Threat Level

AUGUST 21, 2020

Prosecutors allege that former Uber security chief Joseph Sullivan covered up a major breach, in the first high-profile case of its kind.

Security 106

Security IT 106

Dark Reading

AUGUST 21, 2020

With pandemic measures continuing and political divisions deepening, security experts express concern about the security and integrity of the November election.

Security 137

Security 137

Threatpost

AUGUST 21, 2020

Malicious Community Amazon Machine Images are a ripe target for hackers, say researchers.

Cloud 121

Cloud Security 121

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

WIRED Threat Level

AUGUST 21, 2020

These tools don't just keep your accounts safe and secure. Here's how you can use them to streamline your whole online experience.

Passwords 95

Passwords Security 95

IG Guru

AUGUST 21, 2020

Check out their threat site here. The post Top Malware and Other Threats Tracked by Center for Information Security site appeared first on IG GURU.

Information Security 84

Information Security Security Information governance Cybersecurity 84

WIRED Threat Level

AUGUST 21, 2020

A new kit leaves your cryptographic destiny up to 25 cubes in a plastic box.

Passwords 113

Passwords Security 113