Sat.Sep 18, 2021 - Fri.Sep 24, 2021

article thumbnail

Ransomware Updates: Conti Attacks Rise, New Players Surface

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.

article thumbnail

Does Your Organization Have a Security.txt File?

Krebs on Security

It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn’t entirely clear who should get the report when remote access to an organization’s internal network is being sold in the cybercrime underground.

Retail 295
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Apple addresses a new zero-day exploited to deploy the NSO Pegasus spyware

Security Affairs

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of the flaws was exploited by threat actors to infect the device with the NSO Pegasus spyware.

Security 133
article thumbnail

Five Key Considerations Regarding New U.S. Sanctions to Address Ransomware Threats

Data Matters

On September 21, 2021, the U.S. Department of the Treasury (Treasury) Office of Foreign Asset Control (OFAC) imposed sanctions on a virtual currency exchange called Suex OTC, S.R.O. (Suex), and published an updated advisory on potential risks for those who facilitate ransomware payments. These coordinated actions represent significant moves by OFAC to target key aspects of the global ransomware ecosystem and to advance the U.S. government’s broader counter-ransomware strategy.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Illinois Man Convicted of Running DDoS Facilitation Websites

Data Breach Today

Matthew Gatrel Offered Subscription-Based Computer Attack Platforms An Illinois man has been found guilty of running subscription-based distributed denial of service attacks that enabled customers to launch DDoS strikes of their own. He is now facing a statutory maximum sentence of 35 years in federal prison when sentenced in January 2022.

354
354

More Trending

article thumbnail

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. Last week the Israeli cybersecurity firm Kape Technologies has acquired the industry’s leading virtual private networks ExpressVPN, as part of a $936 million deal. Kape announced that the acquisition will more than double its overall customer base, from almost 3 million customers to more than 6 million.

Military 142
article thumbnail

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

Threatpost

Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text.

Passwords 133
article thumbnail

Researcher Finds Malware Targeting Mac Users via Baidu Ad

Data Breach Today

The Ad, Now Deleted, Lured Users to a Phishing Website to Harvest Credentials Chinese security researcher Zhi has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.

Phishing 344
article thumbnail

FBI Had the REvil Decryption Key

Schneier on Security

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn’t pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying it immediately could have helped the victims, including schools and hospitals, avoid what analysts estimate was millions of dollars in recovery costs.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Data of 106 million visitors to Thailand leaked online

Security Affairs

Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand.

Honeypots 132
article thumbnail

Large-Scale Phishing-as-a-Service Operation Exposed

Threatpost

Discovery of BulletProofLink—which provides phishing kits, email templates, hosting and other tools—sheds light on how wannabe cybercriminals can get into the business.

Phishing 127
article thumbnail

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Data Breach Today

Researchers Believe NEW Cooperative Targeted By BlackMatter Gang NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement.

article thumbnail

OFAC Announces New Measures to Address Ransomware Attacks

Data Protection Report

The U.S. Department of Treasury, Office of Foreign Assets Control (“OFAC”) implemented additional measures today to combat the growing ransomware problem. OFAC’s measures consist of: (1) the designation of the entire SUEX OTC, S.R.O. (“SUEX”) crypto-currency exchange (SUEX) to the SDN List; (2) designating a fairly large number (~25) additional digital currency addresses to the SDN List; and (3) amending its earlier October 1, 2020 guidance to companies on the potential sanctions risks for faci

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Security Affairs

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root. The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices.

Risk 127
article thumbnail

Unpatched Apple Zero-Day in macOS Finder Allows Code Execution

Threatpost

All a user needs to do is click on an email attachment, and boom – the code is silently executed without the victim knowing. It affects Big Sur and prior versions of macOS.

IT 119
article thumbnail

CISA Director: Attackers Targeted Port of Houston

Data Breach Today

Jen Easterly Offered Details of Investigation That Led to Joint Security Alert During testimony before a U.S. Senate committee hearing Thursday, CISA Director Jen Easterly told lawmakers that a recent joint alert issued by her agency, the FBI and the Coast Guard Cyber Command stemmed from an attempted attack against the Port of Houston in August.

Security 327
article thumbnail

California Privacy Protection Agency Invites Comments on Proposed CPRA Rulemaking

Hunton Privacy

On September 22, 2021, the California Privacy Protection Agency (“CPPA” or “Agency”) issued an Invitation for Preliminary Comments on Proposed Rulemaking Under the California Privacy Rights Act of 2020 (“CPRA”). The CPPA was established by the CPRA , which vested the Agency with full administrative power, authority and jurisdiction to implement and enforce the CCPA.

Privacy 116
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

A zero-day flaw allows to run arbitrary commands on macOS systems

Security Affairs

Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version.

Security 122
article thumbnail

Epik Confirms Hack, Gigabytes of Data on Offer

Threatpost

"Time to find out who in your family secretly ran. [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security.

Security 117
article thumbnail

Chinese APT Data-Harvesting Campaign Analyzed

Data Breach Today

Nation-State Chinese Groups APT27, APT41 Likely Candidates Earlier this month, McAfee Enterprise's Advanced Threat Research team, working with McAfee's Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group's tools, tactics and techniques.

306
306
article thumbnail

Over-Retention of Personal Data

Data Protection Report

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” Perhaps the CNIL’s €1.75 million (USD $2,051,930) penalty for over-retention will lead to a different view. The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over them. A critical vulnerability, tracked as CVE-2021-36260, affects more than 70 Hikvision camera and NVR models and can allow attackers to take over the devices. The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”.

IoT 112
article thumbnail

TangleBot Malware Reaches Deep into Android Device Functions

Threatpost

The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others.

Access 127
article thumbnail

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Data Breach Today

Discussion Also Tackles Kaseya Ransomware Decryption Key, Raising Enterprise Security Posture Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

article thumbnail

Get Prepared for Data Privacy Compliance Under China PIPL

Data Matters

On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR). If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements un

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Ransomware: Now Is the Time to Address This Challenge

Thales Cloud Protection & Licensing

Ransomware: Now Is the Time to Address This Challenge. divya. Tue, 09/21/2021 - 05:07. Reports are indicating that cyberattacks are growing in volume and impact as ransomware tactics have become more advanced and damaging. The extent and impact of these attacks has turned ransomware into a global problem, affecting public and private organizations. Although the news headlines are flooded with incidents affecting areas from critical infrastructure and healthcare to retail and education, we have a

article thumbnail

Apple Patches 3 More Zero-Days Under Active Attack

Threatpost

One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges.

Security 120
article thumbnail

Tamil Nadu Ransomware Attack Raises Resiliency Questions

Data Breach Today

Security Experts on Vulnerabilities, Prevention Steps for State Governments The ransomware attack on Tamil Nadu's Public Department puts the spotlight on the preparedness to identify and stave off attacks. Some security experts say outdated servers, lack of advanced security measures and inadequate cyber laws make state government institutions vulnerable.