Fri.Sep 27, 2019

article thumbnail

Cryptocurrency Shakedown: Old Tactics, New Twist

Data Breach Today

Two Men Charged With Extorting Startup After Promising ICO 'Accelerator' Services More proof that when it comes to crime, there's nothing new under the sun: Federal prosecutors have charged two men with attempting to extort cryptocurrency worth more than $12 million from a startup firm planning to undertake an initial coin offering, in part via physical intimidation.

IT 159
article thumbnail

It’s Google’s World. Your Business Is Just Living in It

Adam Levin

Fifty attorneys general announced earlier this month that Google is the target of an antitrust probe. Any business owner who has happened to find themselves stuck in the company’s orbit–that would be any company with a digital presence–won’t hesitate to tell you such a move is long overdue. Case in point: I just did a Google search for Basecamp, an online project management tool.

IT 46
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

DoorDash Says 4.9 Million Records Breached

Data Breach Today

'Unusual Activity' By Third-Party Service Provider to Blame Food delivery startup DoorDash says 4.9 million customer, contractor and merchant records were breached after "unusual activity" by a third-party service provider. Even aside from the usual identification data, experts say certain, specific data - such as food allergies - could pose risks in the wrong hands.

Risk 260
article thumbnail

MY TAKE: ‘Perimeter-less’ computing requires cyber defenses to extend deeper, further forward

The Last Watchdog

Threat actors are opportunistic, well-funded, highly-motivated and endlessly clever. Therefore cybersecurity innovations must take hold both deeper inside and at the leading edges of modern business networks. Related: Lessons learned from Capitol One breach Most of the promising new technologies I’ve had the chance to preview this year validate this notion.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Senator Demands Answers About Exposed Medical Imaging Data

Data Breach Today

TridentUSA Allegedly Exposed Data on More than 1 Million Patients Sen. Mark Warner, D-Va., is demanding answers from TridentUSA Health Services about its data security practices following the recent discovery that it exposed more than 1 million patient files on the internet due to an unsecured server.

Security 207

More Trending

article thumbnail

The Changing Role of DPOs

Data Breach Today

Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with laws and regulations, including GDPR, says Rob Masson, CEO of the DPO Centre.

GDPR 138
article thumbnail

Cybersecurity Certification in the Spotlight Again

Dark Reading

Swiss technology non-profit group joins others, such as the Obama-era President's Commission, in recommending that certain classes of technology products be tested.

article thumbnail

GAO Raises Concerns About Power Grid Vulnerabilities

Data Breach Today

Audit Makes Risk Mitigation Recommendations, Including Use of NIST Framework The U.S. electric grid is growing increasingly vulnerable to cyberattacks from countries such as Russia, and a well carried out attack on the grid could cause widespread power outages, according to a new GAO audit. Industrial control systems are particularly vulnerable.

Risk 148
article thumbnail

Unfixable iOS Device Exploit Is the Latest Apple Security Upheaval

WIRED Threat Level

Any iPhone device from 2011 to 2017 could soon be jailbroken, thanks to an underlying flaw that there's no way to patch.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Guilty Pleas in $29 Million Online Ad Fraud Case

Data Breach Today

Two Kazakhstan Men Helped Run Botnet-Driven 3ve Scheme Two Kazakhstan nationals have pleaded guilty to charges stemming from their role in helping to run a $29 million online advertising fraud scheme that the FBI worked with several security firms to shut down in 2018.

Security 138
article thumbnail

Emsisoft released a new free decryption tool for the Avest ransomware

Security Affairs

Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days after the release of WannaCryFake decryptor. Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days ago the researchers also released a free decryptor for the WannaCryFake ransomware. The Avest ransomware encrypts victim’s files and appends the extension “ ckey().email().pack14” to the filename.

article thumbnail

Thousands of PCs Affected by Nodersok/Divergent Malware

Threatpost

Fileless threat leverages widely used Node.js framework and WinDivert packet-capture utility to turn infected machines into proxies for malicious behavior.

75
article thumbnail

Realizing the benefits of EIM managed services

OpenText Information Management

As Enterprise Information Management (EIM) becomes increasingly central to business strategies, it is vital companies have the skills needed to maximize the impact on their organizations. With IT departments under increasing pressure to deliver, it makes sense to enlist the help of a service provider with the skills required to help achieve your business objectives … The post Realizing the benefits of EIM managed services appeared first on OpenText Blogs.

IT 69
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

iOS Exploit ‘Checkm8’ Could Allow Permanent iPhone Jailbreaks

Threatpost

A new BootROM exploit - which is unpatchable - potentially opens the door to jailbreaks, a researcher said.

article thumbnail

DoorDash Data Breach exposes data of approximately 5 million users

Security Affairs

DoorDash is a San Francisco–based on-demand food delivery service, the company confirmed it has suffered a data breach that exposed roughly 5 million users. DoorDash announced a data breach that exposed the personal information of 4.9 million consumers, Dashers, and merchants. According to the data breach notification sent to the impacted customers and the security note published on the website, the incident took place on May 4, 2019, when an unauthorized party was able to gain access to user i

article thumbnail

Superhero Movies and Security Lessons

Schneier on Security

A paper I co-wrote was just published in Security Journal : " Superheroes on screen: real life lessons for security debates ": Abstract: Superhero films and episodic shows have existed since the early days of those media, but since 9/11, they have become one of the most popular and most lucrative forms of popular culture. These fantastic tales are not simple amusements but nuanced explorations of fundamental security questions.

article thumbnail

Magecart 5 hacker group targets L7 Routers

Security Affairs

IBM researchers observed one of the Magecart groups using a malicious code to inject into commercial-grade layer 7 L7 routers. IBM X-Force Incident Response and Intelligence Services (IRIS) experts observed that one of the Magecart groups, tracked as MG5, is using malware to inject into commercial-grade L7 routers. The experts believe the hackers are likely testing malicious code designed for injection into benign JavaScript files loaded by L7 routers that are typically used by airports, casinos

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Dunkin’ Donuts Gets Hit with Lawsuit Over 2015 Attack

Threatpost

Lawsuit alleges Dunkin' Donuts failed to act fast enough to notify and protect customers and is in violation of New York State data breach notification laws.

article thumbnail

Register now for JNUC 2019

Jamf

The Jamf Nation User Conference (JNUC) is coming. Register now -- you have until October third before the cost goes up.

75
article thumbnail

DoorDash Breach Affects 4.9M Merchants, Customers, Workers

Dark Reading

The May 4 incident exposed data belonging to users on the platform on or before April 5, 2018.

82
article thumbnail

Register now for JNUC 2019

Jamf

The Jamf Nation User Conference (JNUC) is coming. Register now -- you have until October third before the cost goes up.

75
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Driving mainframe deliveries with DevOps? Get there even faster with ChangeMan ZMF

Micro Focus

Z15 and a new dawn for mainframe computing Something called z15 brought it all back home this month – many of the world’s most powerful, mission critical applications reside on the IBM mainframe, and IBM continues to invest heavily in the platform, as well as (with v2.4 being released) the z/OS operating system. Core business. View Article.

IT 57
article thumbnail

Masad Spyware Uses Telegram Bots for Command-and-Control

Threatpost

The malware harvests data, steals cryptocurrency and drops additional malware, while masquerading as a Fortnite aimbot and more.

68
article thumbnail

Apple Patches Multiple Vulnerabilities Across Platforms

Dark Reading

Updates address two separate issues in Apple's desktop and mobile operating systems.

81
article thumbnail

Microsoft Blacklists Dozens of New File Extensions in Outlook

Threatpost

In total, Microsoft has now blocked 142 file extensions that it deems as at risk or that are typically sent as malicious attachments in emails.

Risk 62
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Is Your Organization Suffering from Security Tool Sprawl?

Dark Reading

Most companies have too many tools, causing increased costs and security issues.

article thumbnail

News Wrap: GandCrab Operators Resurface, Utilities Firms Hit By LookBack Malware

Threatpost

The malware landscape continues to evolve with the re-emergence of the GandCrab operators and a continued spearphishing attack spreading the LookBack RAT.

article thumbnail

Ethics standards and protocols are urgently needed in the data world

Information Management Resources

It is time to be proactive before data breaches are unsustainable. One urgent solution is the formation of a global governance body to establish protocols for the ethical use and protection of data.