Data Breach Today
MAY 3, 2021
Proofpoint: New Code Makes 'RustyBuer' Version Harder to Detect Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the Rust programming language to help evade detection, Proofpoint reports.
The Last Watchdog
MAY 3, 2021
Encryption agility is going to be essential as we move forward with digital transformation. Refer: The vital role of basic research. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. But cryptography historically has been anything but agile; major advances require years, if not decades, of inspired theoretical research.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MAY 3, 2021
Cybereason: Attack Used Previously Undocumented PortDoor Malware An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason.
Security Affairs
MAY 3, 2021
Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses and consumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you can find some of the most common causes of data breaches. However, you will also be surprised to learn that most breaches result from inadequate data security measures.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
MAY 3, 2021
Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MAY 3, 2021
Steve Yurich, CISO of Penn National Insurance, on the Need for Frequent Scanning Effective vulnerability management requires more frequent scanning of infrastructure, says Steve Yurich, CISO at Penn National Insurance, who explains his organization's approach.
Schneier on Security
MAY 3, 2021
The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years. Identifying the person behind Bitcoin Fog serves as an illustrative example of how hard it is to be anonymous online in the face of a competent police investigation: Most remarkable, however, is the IRS’s account of tracking down Sterlin
Data Breach Today
MAY 3, 2021
Faster Detection Is Good News, But More Speed Still Needed, Mandiant Reports The average amount of time that online attackers camp out in a victim's network - so-called "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
Hunton Privacy
MAY 3, 2021
On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). The Draft DSL will be open for public comments until May 28, 2021. While the framework of this version of the Draft DSL is the same as the prior version issued on July 3, 2020, below we summarize the material changes in the second version of the Draft DSL.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
MAY 3, 2021
Permanent Fix Replaces Earlier Workaround Ivanti, parent company of Pulse Secure, published a permanent fix Monday for a zero-day vulnerability in Pulse Connect Secure VPN products that has been exploited to target U.S. government agencies, critical infrastructure providers and other companies over the last several weeks.
Dark Reading
MAY 3, 2021
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.
Data Breach Today
MAY 3, 2021
News Reports: Apparent Ransomware Attack Also Results in Diverting Emergency Patients San Diego-based Scripps Health, which operates four area hospitals, has been forced to postpone some patient care - and reportedly divert some patients seeking emergency treatment - as a result of what local news outlets say is a ransomware attack.
Security Affairs
MAY 3, 2021
Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. Pulse Secure has addressed a zero-day vulnerability ( CVE-2021-22893 ) in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited by threat actors in attacks against defense firms and govt agencies.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
DXC Technology
MAY 3, 2021
Banks are finding exciting new ways to turn their data into valuable insights. To succeed in this new data-driven world, banks of all sizes are turning to the cloud. Cloud-based solutions provide the optimal storage and tools needed to manage vast data requirements while making data and insights easily accessible for analytics and the business. […].
Threatpost
MAY 3, 2021
It's coming in emails disguised as DHL Support shipping notices and is apparently getting prepped for leasing on the underground.
Security Affairs
MAY 3, 2021
Security researcher released technical details and a PoC code for a high-severity vulnerability in Microsoft Exchange Server reported by the NSA. A security expert released technical details and proof-of-concept exploit (PoC) code for the high-severity vulnerability CVE-2021-28482 in Microsoft Exchange that could be exploited by remote attackers to execute arbitrary code on vulnerable systems.
IG Guru
MAY 3, 2021
Greetings from the ICRM Mentoring Committee, Since the ICRM began offering a mentoring program for all exam parts in 2020, we have seen a tremendous growth in the number of individuals requesting mentors for their certification process. This unprecedented interest has left us with a need for new mentors to meet this demand. As the […]. The post ICRM Announces Members of Mentor Committee and Calls for Mentors appeared first on IG GURU.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Threatpost
MAY 3, 2021
The 3+ years computer scientists spent concocting ways to defend against these supply-chain attacks against chip architecture? It's bound for the dustbin.
WIRED Threat Level
MAY 3, 2021
The company tells Apple users that tracking helps keep those platforms “free of charge,” but opting out now doesn't mean paying up later.
Dark Reading
MAY 3, 2021
As Internet-connected devices become more prevalent in organizations, security issues increase as well.
Threatpost
MAY 3, 2021
New deepfake products and services are cropping up across the Dark Web.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
Dark Reading
MAY 3, 2021
Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale?
Threatpost
MAY 3, 2021
The San Diego-based hospital system diverted ambulances to other medical centers after a suspected ransomware attack.
Data Matters
MAY 3, 2021
In March 2021, the European Commission released a proposal for the creation of a “Digital Green Certificate,” which will allow EU citizens to travel easier throughout the EU during the COVID-19 pandemic. Last week, the EU Member States agreed on some proposed changes to the proposal, including strengthening of the data privacy provisions. According to the proposal, in order to obtain a Digital Green Certificate, individuals must prove that they have been vaccinated, present a negative test resul
Dark Reading
MAY 3, 2021
Researchers suggest a few reasons why operators rewrote Buer in an entirely new language
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Jamf
MAY 3, 2021
It’s that time again; Jamf Protect is adding some new capabilities that we have heard you need to match your workflows. Today we will cover two big ones: Role-Based Access Control (RBAC) and alerts by email.
Dark Reading
MAY 3, 2021
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Security Affairs
MAY 3, 2021
Apple has released security updates to patch three zero-days in the WebKit, the Apple’s browser engine, and fixed a zero-day exploited in the wild. Apple released security updates to address four zero-day vulnerabilities impacting WebKit, which is used by multiple products of the IT giant, including iPadOS, tvOS, and watchOS. The WebKit browser engine is used by multiple products to display web content.
Expert insights. Personalized for you.
337 
Let's personalize your content