The Guardian Data Protection

JANUARY 6, 2022

Data privacy watchdog says websites make it difficult for users to refuse cookies France’s data privacy watchdog has fined Google and Facebook a combined €210m (£176m) for hampering users’ ability to stop the companies tracking their online activity. The Commission Nationale de l’Informatique et des Libertés (CNIL) said on Thursday it had fined Google a record €150m for making it difficult for internet users to refuse cookies – small text files that build up a profile of a person’s web activity

Data Privacy 100

Data Privacy Privacy IT 100

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it.

Mining 324

Mining Computer and Electronics Blockchain Marketing 324

The Last Watchdog

JANUARY 6, 2022

Cyber threats continue to gain momentum and there are still not enough ways to counter it. Related: Why the ‘Golden Age’ of cyber espionage is upon us. The global threat intelligence market size was estimated at $10.9 billion in 2020 and will grow to $16.1 billion by 2025. Yet, according to the study by the Ponemon Institute, the number of insider leaks has increased by 47 percent in 2020 compared to 2018.

Access 266

Access Marketing Metadata Information Security 266

Security Affairs

JANUARY 6, 2022

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s Eve festivities as a lure.

Phishing 133

Phishing Archiving IT Security 133

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Hunton Privacy

JANUARY 6, 2022

Stephen Mathias from Kochhar & Co. reports that on December 16, 2021, the Indian Joint Parliamentary Committee (the “JPC”) submitted its report on India’s draft Data Protection Bill (the “Bill”). The Bill is now likely to be passed by Parliament in its next session, beginning in February 2022, and likely will enter into force in the first half of 2022.

Personal data 129

Personal data Data breaches Government GDPR 129

eSecurity Planet

JANUARY 6, 2022

About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Third-party security, ransomware , artificial intelligence (AI) and decentralized finance (DeFi) are some of the threats you can expect to see more of this year – with the potential for far worse results than we’ve seen in the past. Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers.

Ransomware 124

Ransomware Cybersecurity Artificial Intelligence Risk 124

Security Affairs

JANUARY 6, 2022

NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. The New York State Office of the Attorney General (NY OAG) has warned 17 companies that roughly 1.1 million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve botnets trying stolen login credentials usually obtained through phishing attacks and data breaches.

Retail 123

Retail Passwords Data breaches Phishing 123

Dark Reading

JANUARY 6, 2022

A handful of malicious tools that emerged last year showed threat actors may be getting more serious about attacking Apple macOS and iOS environments.

130

130

Threatpost

JANUARY 6, 2022

ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch.

Cloud 115

Cloud Security 115

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

JANUARY 6, 2022

Attackers use the comment feature in Google Docs to email victims and lure them into clicking malicious links.

Phishing 144

Phishing 144

Security Affairs

JANUARY 6, 2022

VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the hypervisor. VMware released security updates to address a heap-overflow vulnerability, tracked as CVE-2021-22045, in its Workstation, Fusion and ESXi products. VMware has addressed the vulnerability with the release of ESXi670-202111101-SG, ESXi650-202110101-SG, Workstation 16.2.0, and Fusion 12.2.0.

Cloud 110

Cloud Access Security IT 110

Threatpost

JANUARY 6, 2022

A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.

Phishing 118

Phishing Security 118

Dark Reading

JANUARY 6, 2022

The prevailing mindset is that security practitioners are professionals, and thus, require a college degree. But there are some flaws in that logic.

Cybersecurity 118

Cybersecurity Security 118

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

JANUARY 6, 2022

The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week.

Authentication 108

Authentication IT Security 108

Security Affairs

JANUARY 6, 2022

Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that appear from a legitimate source. Researchers from security firm Avanan in December uncovered a phishing campaign targeting mainly Outlook users with a new technique that abuses the commenting feature of Google Docs to send out malicious messages.

Phishing 106

Phishing Security IT Information Security 106

Dark Reading

JANUARY 6, 2022

Zero trust, DevSecOps, and agile methodologies are critical in bridging the power of commercial multicloud environments and the security of private data centers.

Security 108

Security 108

Jamf

JANUARY 6, 2022

2021 taught us to embrace change and proved that technology will play a defining role in the productivity and satisfaction of employees, students and patients. So what's in store for 2022? Let's find out.

98

98

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

IT Governance

JANUARY 6, 2022

The Defence Academy of the UK was forced to rebuild its network last year after suffering a cyber attack, a high-ranking officer has revealed. Air Marshal Edward Stringer, who retired from the armed forces in August, said the attack caused significant damage and continues to affect the Defence Academy months later. The school, which is based in Shrivenham, Oxfordshire, teaches 28,000 military personnel, diplomats and civil servants a year.

Military 98

Military Ransomware Government IT 98

Dark Reading

JANUARY 6, 2022

A Romanian researcher discovers more than 70 vulnerabilities in how applications and their content delivery networks handle cache misses that open the doors to denial-of-service attacks.

Cloud 129

Cloud 129

Threatpost

JANUARY 6, 2022

The 'NoReboot' technique is the ultimate in persistence for iPhone malware, preventing reboots and enabling remote attackers to do anything on the device while remaining completely unseen.

Security 87

Security 87

Dark Reading

JANUARY 6, 2022

The 2021 Strategic Security Survey highlights concerns related to the cloud environment, such as the ability to detect breaches and the increasing number of attacks against cloud systems.

Cloud 92

Cloud Risk Security 92

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Security Affairs

JANUARY 6, 2022

Researchers devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs. Researchers from Zecops devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs while spies on the user. The technique is based on the concept of simulating a shutdown of the iPhone when the victim attempts to turn off their device.

Access 85

Access Privacy IT Security 85

WIRED Threat Level

JANUARY 6, 2022

A beta “payments” feature now lets users of the popular encrypted messaging app send MobileCoin around the globe.

Encryption 104

Encryption Security 104

OpenText Information Management

JANUARY 6, 2022

After a wild ride in 2020, when prices momentarily went negative, the oil and gas industry rebounded throughout 2021. Bank of America expects Brent Crude to reach $120 per barrel by the end of June 2022. This prediction illustrates an industry in transition that is still trying to process the shockwaves from the global pandemic. The … The post Top information management predictions for the Oil and Gas industry in 2022 appeared first on OpenText Blogs.

74

74

Dark Reading

JANUARY 6, 2022

Cloud Native Application Protection Platforms (CNAPP) allow organizations to secure cloud-native applications across the full application life cycle.

Cloud 79

Cloud Security 79

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

eDiscovery Daily

JANUARY 6, 2022

When approaching any challenge or goal, it’s often best to start with the big picture before narrowing things down. By working backwards, you can identify the steps needed to achieve the desired result. This type of thinking can be applied to Rule 26(f) conferences (also known as meet and confers). As mandated by Rule 26(f) of the FRCP, both parties must meet at least 21 days before holding a scheduling conference.

e-Discovery 78

e-Discovery Data preservation Information governance Government 78

IG Guru

JANUARY 6, 2022

Check out the new website at [link]. The post Vital Records Control launches new website appeared first on IG GURU.

87

87

OpenText Information Management

JANUARY 6, 2022

If not such as wild ride as the oil & gas sector, the global Utilities industry witnessed its own share of volatility in 2021. The pandemic caused resource shortages and price hikes that affected residential and industrial customers alike, and it’s likely this environment will continue well into 2022. In response, we’ll see utility companies … The post Top predictions for the Utilities industry in 2022 appeared first on OpenText Blogs.

IT 58

IT Cloud 58