Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. The hackers targeted visitors of several sites using typo-squatted domain names, and modified favicons to inject software skimmers used to steal payment card information.

Phishing 142

Phishing Authentication Cybersecurity IT 142

Data Breach Today

AUGUST 28, 2020

FBI: $4 Million Scheme - Mixing Malware, DDoS and Extortion - Thwarted by Insider Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted. The FBI has accused a Russian national of attempting to recruit an insider to install malware to steal data, which criminals hoped to ransom for $4 million.

363

363

Krebs on Security

AUGUST 14, 2020

R1 RCM Inc. [ NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc. , Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide.

Ransomware 358

Ransomware Insurance Phishing IT 358

The Guardian Data Protection

AUGUST 10, 2020

Faculty, linked to senior Tories, hired to collect tweets as part of coronavirus-related contract Privacy campaigners have expressed alarm after the government revealed it had hired an artificial intelligence firm to collect and analyse the tweets of UK citizens as part of a coronavirus-related contract. Faculty, which was hired by Dominic Cummings to work for the Vote Leave campaign and counts two current and former Conservative ministers among its shareholders, was paid £400,000 by the Ministr

Artificial Intelligence 145

Artificial Intelligence Government Privacy IT 145

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Hunton Privacy

AUGUST 13, 2020

Earlier this year, The Retail Equation, a loss prevention service provider, and Sephora were hit with a class action lawsuit in which the plaintiff claimed Sephora improperly shared consumer data with The Retail Equation without consumers’ knowledge or consent. The plaintiff claimed The Retail Equation did so to generate risk scores that allegedly were “used as a pretext to advise Sephora that attempted product returns and exchanges are fraudulent and abusive.”.

Retail 144

Retail Privacy Data breaches Communications 144

Security Affairs

AUGUST 8, 2020

Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. A team of Chinese experts from Sky-Go, the Qihoo 360 division focused on car hacking, discovered 19 vulnerabilities in a Mercedes-Benz E-Class, including some issues that can be exploited by attackers to remotely hack a vehicle.

Paper 145

Paper Access Authentication Passwords 145

Data Breach Today

AUGUST 28, 2020

How Many Organizations' Threat Models Feature Russian Criminals Bribing Insiders? News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?

363

363

Krebs on Security

AUGUST 21, 2020

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “ vishing ” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pand

Authentication 354

Authentication Access Phishing Mining 354

erwin

AUGUST 13, 2020

For enterprise architecture, success is often contingent on having clearly defined business goals. This is especially true in modern enterprise architecture, where value-adding initiatives are favoured over strictly “foundational,” “keeping the lights on,” type duties. But what does enterprise architecture success look like? Enterprise architecture is central to managing change and addressing key issues facing organizations.

Artificial Intelligence 143

Artificial Intelligence Healthcare Compliance Financial Services 143

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

OpenText Information Management

AUGUST 20, 2020

In just a few months, COVID-19 changed the world. Millions have been infected and hundreds of thousands have died at the time of writing. This health emergency has strained healthcare systems around the world. Amidst this disruption, COVID-19 has put innumerable other lives at risk. Other diseases and conditions haven’t gone away during the pandemic. … The post Keeping up the fight on cancer during pandemic appeared first on OpenText Blogs.

Risk 140

Risk 140

IT Governance

AUGUST 3, 2020

After mammoth amounts of personal data were leaked in May and June, we’ve seen a reversion to the mean this month. By our count, 77,775,496 records were leaked in 86 incidents. This includes the Twitter hack on 130 people, including Bill Gates, Barack Obama and Elon Musk, as well as the less flashy but equally concerning attack on dozens of universities and charities across the UK, US and Canada.

Data breaches 141

Data breaches Insurance Ransomware Personal data 141

Security Affairs

AUGUST 2, 2020

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services due to a ransomware attack that targeted its internal network and some production systems.

Ransomware 144

Ransomware Encryption Cybersecurity IT 144

Data Breach Today

AUGUST 20, 2020

Bug Bounty Pioneer Katie Moussouris on Challenges, Sustainability, Election Security To build a successful vulnerability disclosure program, avoid thinking of it as quick-fix "bug bounty Botox," and instead focus on building positive relationships with the security community, hiring top-notch talent and "building a sustainable ecosystem," says Luta Security's Katie Moussouris.

Security 364

Security IT 364

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees.

Phishing 352

Phishing Authentication Access Security 352

erwin

AUGUST 19, 2020

I’m thrilled to officially announce that registration is open for our first global conference as erwin, Inc. erwin Insights 2020 is a free, virtual, two-day event being held October 13-14. Social distancing doesn’t mean we should stop connecting. In fact, opportunities for personal and professional growth are more important than ever. That’s why we look forward to bringing together erwin’s global community of users, partners, prospects and friends to engage and explore ideas, experiences, trends

Government 141

Government Access IT 141

DXC Technology

AUGUST 31, 2020

Like many others, my family and I have done our best to enjoy the unexpectedly large amount of time we have together at home due to social distancing guidelines. Adjusting to the new normal, we have relied heavily on Internet access not only for work and school, but to stay sane and keep the peace. […]. The post Remote work requirement exposes the corporate digital divide appeared first on DXC Blogs.

Access 137

Access 137

Hunton Privacy

AUGUST 27, 2020

On August 26, 2020, as reported by Brazilian firm Mattos Filho, Veiga Filho, Marrey Jr. e Quiroga Advogados , the Brazilian Senate unexpectedly rejected the President’s Provisional Measure that was previously passed by the House of Representatives and aimed to postpone the applicability of the new Brazilian data protection law ( Lei Geral de Proteção de Dados Pessoais, or “LGPD”).

IT 135

IT Personal data 135

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Security Affairs

AUGUST 4, 2020

Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process of darkweb and deep web monitoring, the Cyble Research Team came across a threat actor who leaked user records of UberEATS.

Data breaches 144

Data breaches Authentication Passwords Security 144

Data Breach Today

AUGUST 20, 2020

Report: 9 Leaks Account for Exposure of PHI for at Least 150,000 Patients Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.

363

363

Krebs on Security

AUGUST 11, 2020

Microsoft today released updates to plug at least 120 security holes in its Windows operating systems and supported software, including two newly discovered vulnerabilities that are actively being exploited. Yes, good people of the Windows world, it’s time once again to backup and patch up! At least 17 of the bugs squashed in August’s patch batch address vulnerabilities Microsoft rates as “critical,” meaning they can be exploited by miscreants or malware to gain complete,

Authentication 349

Authentication Security IT Access 349

erwin

AUGUST 20, 2020

Enterprise architecture (EA) is a strategic planning initiative that helps align business and IT. It provides a visual blueprint, demonstrating the connection between applications, technologies and data to the business functions they support. In this post: What Is Enterprise Architecture? Think City Planning. Why Is Enterprise Architecture Important?

Big data 140

Big data Artificial Intelligence Risk Digital transformation 140

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Dark Reading

AUGUST 10, 2020

Developers must find a way to zero in on the security vulns that present the most risk and quickly address them without slowing down the pace of development.

IT 144

IT Risk Security 144

IT Governance

AUGUST 25, 2020

The importance of checking a web application for vulnerabilities is well understood, but it can take a lot of skill and time to do this manually. There are many tools available that can automate the process but, as with all tools, it is important to understand their limitations. Web application scanning tools will automatically review a website by crawling through all its links, reviewing each page using an algorithm to match responses to signatures.

Libraries 133

Libraries IT Security Government 133

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social and Behavioral Science [CSBS]).

Ransomware 141

Ransomware Insurance Encryption Information Security 141

Data Breach Today

AUGUST 10, 2020

Incident Reflects Threats Facing Those Involved in COVID-19 Response A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang.

Ransomware 363

Ransomware Manufacturing Communications 363

Advertisement

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

Analytics

Krebs on Security

AUGUST 16, 2020

A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem. One of the 120 security holes Microsoft fixed on Aug. 11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs.

Security 348

Security IT 348

erwin

AUGUST 6, 2020

How Data Literacy Turns Data from a Burden to a Benefit. Today, data literacy is more important than ever. Data is now being used to support business decisions few executives thought they’d be making even six months ago. With your employees connected and armed with data that paints a clear picture of the business, your organization is better prepared to turn its attention to whatever your strategic priority may be – i.e. digital transformation, customer experience, or withstanding this cur

Government 135

Government Digital transformation Customer Experience Mining 135

Threatpost

AUGUST 7, 2020

Fully opening the door to allow people to contribute to – and notably, tinker with – the code for the data-breach information service will be an entirely next-level effort, according to founder Troy Hunt.

Data breaches 128

Data breaches Privacy 128