Thu.Feb 18, 2021

article thumbnail

Nigerian Gets 10-Year Sentence for BEC Scam

Data Breach Today

Prosecutors: Crime Operation Extorted $11 Million A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice.

IT 361
article thumbnail

What is the Value of Records and Information Management?

AIIM

What is the value of Records and Information Management? To help answer that, take a quick mental inventory of all the technologies your organization utilizes that interact in some way with organizational information. Think about technology like email, personal computers, the web, smart phones, social media, etc. Think about all of the information captured, stored, and created using those technologies.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Preparing 'Executive Action' After SolarWinds Attack

Data Breach Today

Deputy National Security Adviser Anne Neuberger Offers an Update on Investigation In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.

Security 342
article thumbnail

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. WatchDog is one of the largest and longest-lasting Monero cryptojacking operations uncovered by security experts, its name comes from the name of a Linux daemon called watchdogd.

Mining 139
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Hackers Target 'Instant Quote' Websites

Data Breach Today

New York Warns of Theft of Consumers' Information Hackers are targeting vulnerabilities in websites offering instant quotes - especially those that provide auto insurance rates - to steal consumers' information, according to an alert from the New York State Department of Financial Services.

More Trending

article thumbnail

Tips on Building a Robust Data Backup Strategy

Data Breach Today

In light of the threat of ransomware attacks, healthcare organizations need to take extra steps to ensure their systems are adequately backed up - and that those backups are protected, says Martin Littmann of Kelsey-Seybold Clinic. He'll be a speaker at ISMG's Virtual Cybersecurity Summit: Healthcare.

article thumbnail

Mac Malware Targets Apple’s In-House M1 Processor

Threatpost

A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices.

IT 118
article thumbnail

3 North Koreans Indicted for Conspiring to Steal $1.3 Billion

Data Breach Today

Federal Prosecutors Say Hackers Work for Military Intelligence Unit Three North Koreans have been indicted for allegedly taking part in a criminal conspiracy that attempted to steal or extort $1.3 billion in cryptocurrency and cash from banks and other organizations around the world, the U.S. Justice Department announced Wednesday.

Military 260
article thumbnail

Germany: Data protection authorities announce closer monitoring of data transfers to the US after Schrems II

Data Protection Report

Following the CJEU’s Schrems II ruling (case C-311/18 of July 16, 2020), transfers of personal data to the US are coming under close scrutiny by the German data protection authorities. Some German data protection authorities have announced that they will be taking a stricter approach against companies that fail to comply with the Schrems II requirements.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

PACS Flaws Put Data at Risk for 18 Months

Data Breach Today

California Medical Imaging Group Describes Data Exposure A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year.

Risk 236
article thumbnail

Exploit Details Emerge for Unpatched Microsoft Bug

Threatpost

A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.

111
111
article thumbnail

Data Breaches: ShinyHunters' Dominance Continues

Data Breach Today

Prolific Cybercrime Group Recently Tied to Breaches of E-Commerce and Dating Sites In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.

article thumbnail

Key steps on the road to LGPD compliance

Thales Cloud Protection & Licensing

Key steps on the road to LGPD compliance. madhav. Thu, 02/18/2021 - 08:05. Brazil, the largest country in both South America and Latin America, released a data privacy law bringing new business opportunities, especially in the international domain. Brazil’s Lei Geral de Proteção de Dados (LGPD) came into effect on September 18th last year. The enforcement date depends on the approval from the Congress of Brazil which is now scheduled for August 1st this year.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

The OpenSSL Project addressed three vulnerabilities

Security Affairs

The OpenSSL Project addressed three vulnerabilities, including two denial-of-service (DoS) issues and a bug in the SSLv2 rollback protection. The OpenSSL Project released security patches to address three vulnerabilities, two denial-of-service (DoS) flaws, and an incorrect SSLv2 rollback protection issue. The fist vulnerability, tracked as CVE-2021-23841, is a NULL pointer dereference issue that can be exploited to cause a crash and trigger a DoS condition.

article thumbnail

eSIM activation on cellular iPad supports remote work and learning

Jamf

With work at home, learn at home and care at home the way of the future, understanding the capabilities and how-to’s of eSIM on iPad is increasingly important.

101
101
article thumbnail

Kia Motors Hit With $20M Ransomware Attack – Report

Threatpost

DoppelPaymer ransomware gang claims credit for Kia’s outage, demands $20 million in double-extortion attack.

article thumbnail

WEIS 2021 Call for Papers

Schneier on Security

The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.

Paper 104
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams

Threatpost

The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.

article thumbnail

Apple Offers Its Closest Look Yet at iOS and MacOS Security

WIRED Threat Level

In its latest Platform Security Guide, Cupertino raised the curtain on the critical features that protect against hackers.

IT 104
article thumbnail

SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

Threatpost

Apps like eHarmony and MeetMe are affected by a flaw in the Agora toolkit that went unpatched for eight months, researchers discovered.

article thumbnail

Australian based SitePoint discloses 1M users impacted by breach via Information Management Today

IG Guru

Check out the article here. The post Australian based SitePoint discloses 1M users impacted by breach via Information Management Today appeared first on IG GURU.

Risk 83
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Apple Outlines 2021 Security, Privacy Roadmap

Threatpost

Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.

Privacy 107
article thumbnail

Data security accountability in an age of regular breaches

Dark Reading

As the number of vendors impacted by supply-chain breaches grows, one constant question remains: where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?

article thumbnail

How To Win Ediscovery Software Support From Key Stakeholders

Zapproved

Moving more ediscovery in-house can be a daunting task that requires deft navigation of your stakeholders. Here are key tips to help you make the case.

59
article thumbnail

Microsoft Azure Front Door Gets a Security Upgrade

Dark Reading

New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.

Security 104
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Happy Information Governance Day

IG Guru

Photo by Erwan Hesry on Unsplash Information Governance Day is recognized on the third Thursday of February. To learn more about the history of this day check out the wiki page. The post Happy Information Governance Day appeared first on IG GURU.

article thumbnail

Pro Tip: Say What You Know

Dark Reading

During the immediate period following a breach, it's vital to move fast - but not trip over yourself.

IT 96
article thumbnail

Episode 204: Josh Corman of CISA on securing the Vaccine Supply Chain

The Security Ledger

Joshua Corman, the Chief Strategist for Healthcare and COVID on CISA’s COVID Task Force, joins us to talk about the myriad of cyber threats facing healthcare and the vaccine distribution system and how the federal government is working to counter them. The post Episode 204: Josh Corman of CISA on securing the Vaccine Supply Chain appeared first. Read the whole entry. » Related Stories Episode 202: The Byte Stops Here – Biden’s Cyber Agenda Episode 199 COVID’s Other Legacy: Data