Sat.Mar 20, 2021 - Fri.Mar 26, 2021

3 Classes of Account Fraud That Can Cost Your Company Big Time

Dark Reading

Understanding each one can go a long way toward demystifying the topic as a whole - and combatting the threat

92

What to Capture Vs. What NOT to Capture

AIIM

Many organizations have an obligation to maintain the information they create and receive as part of regular business activities and to ensure that the information is secured and maintained in official filing systems.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Value of Data Governance and How to Quantify It

erwin

erwin recently hosted the second in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities.

Acer Reportedly Targeted by Ransomware Gang

Data Breach Today

PC and Device Maker Appears to Have Been Targeted by REvil Acer, one of the world's largest PC and device makers, has reportedly been targeted by the ransomware gang REvil, aka Sodinokibi, according to multiple published reports.

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

Phish Leads to Breach at Calif. State Controller

Krebs on Security

A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year.

More Trending

My Top Tips for the UK’s Next Information Commissioner

Data Protector

The UK’s data protection community isn't easy to please. Privacy is big business these days, and many of its opinion formers take to social media platforms to generate noise and controversy. Because noise and controversy sells.

COVID-19-Related Fraud: 474 Charged So Far

Data Breach Today

Prosecutors: Fraudsters Tried to Swindle More Than $569 Million Over 12 Months Over the last 12 months, federal prosecutors have charged 474 suspects with trying to steal more than $569 million through COVID-19-related fraud schemes, including attempts to swindle the Paycheck Protection Program for small businesses.

226
226

Hacking Weapons Systems

Schneier on Security

Lukasz Olejnik has a good essay on hacking weapons systems. Basically, there is no reason to believe that software in weapons systems is any more vulnerability free than any other software. So now the question is whether the software can be accessed over the Internet. Increasingly, it is.

CISA Releases CHIRP, a Tool to Detect SolarWinds Malicious Activity

Security Affairs

US CISA has released a new tool that allows detecting malicious activity associated with the SolarWinds hackers in compromised on-premises enterprise environments.

Cloud 112

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Acer Reportedly Hit With $50M Ransomware Attack

Dark Reading

Reports say a ransomware gang has given Acer until March 28 to pay, or it will double the ransom amount

OpenSSL Fixes Flaws That Could Lead to Server Takedowns

Data Breach Today

System Administrators Advised to Update to Latest Version That Addresses 2 Vulnerabilities Users of the OpenSSL crypto library should upgrade immediately to the latest version to eliminate serious flaws that attackers could exploit to shut down servers, some security experts warn

The Peculiar Ransomware Piggybacking Off of China’s Big Hack

WIRED Threat Level

DearCry is the first attack to use the same Microsoft Exchange vulnerabilities, but its lack of sophistication lessens the threat. Security Security / Cyberattacks and Hacks

Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue

Security Affairs

Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and iOS.

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Researchers Discover Two Dozen Malicious Chrome Extensions

Dark Reading

Extensions are being used to serve up unwanted adds, steal data, and divert users to malicious sites, Cato Networks says

102
102

British Clothing Retailer Fat Face Discloses Data Breach

Data Breach Today

Employee and Customer Information Compromised in January Attack; ICO Investigating British clothing and accessories retailer Fat Face says it detected a data breach in January, which exposed personal information - including partial payment card numbers - for an unspecified number of customers and employees.

Retail 226

A Homecoming Queen Was Arrested for Alleged Vote Hacking

WIRED Threat Level

Plus: A mysterious zero-day spree, a high-profile hacker indictment, and more of the week’s top security news. Security Security / Security News

Black Kingdom ransomware is targeting Microsoft Exchange servers

Security Affairs

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. After the public disclosure of ProxyLogon vulnerabilities, multiple threat actors started targeting vulnerable Microsoft Exchange servers exposed online.

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Sierra Wireless Website Still Down After Ransomware Attack

Dark Reading

The company believes the attack's impact is limited to its internal IT systems and corporate websites

Charm Offensive: Ransomware Gangs 'Tell All' in Interviews

Data Breach Today

REvil, MountLocker and LockBit Operators Describe Strategies and Target Selection Ransomware-wielding attackers have been in the limelight lately - not just for hitting Acer, Dassault Falcon and celebrity law firms but also for granting tell-all interviews that describe their tactics and motivation

Details of a Computer Banking Scam

Schneier on Security

This is a longish video that describes a profitable computer banking scam that’s run out of call centers in places like India. There’s a lot of fluff about glitterbombs and the like, but the details are interesting.

A threat actor exploited 11 zero-day flaws in 2020 campaigns

Security Affairs

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

The CIO's Shifting Role: Improving Security With Shared Responsibility

Dark Reading

CIOs must create a culture centered around cybersecurity that is easily visible and manageable

CISA Prepares to Use New Subpoena Power

Data Breach Today

Acting Director Describes Latest Steps in Battle Against Ransomware The Cybersecurity and Infrastructure Security Agency will soon use its new subpoena powers authorized under the 2021 National Defense Authorization Act to help in the battle against ransomware attacks and other cyberthreats, says Brandon Wales, the acting agency director.

Groups Call for Ethical Guidelines on Location-Tracking Tech

WIRED Threat Level

The Locus Charter asks companies to commit to 10 principles, including minimizing data collection and actively seeking consent from users. Business Business / Policy and Net Neutrality Security Security / Privacy

Ministry of Defence academy hit by state-sponsored hackers

Security Affairs

The Ministry of Defence academy was hit by a major cyber attack, Russia and China state-sponsored hackers are suspected to be behind the offensive.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

How to Protect Our Critical Infrastructure From Attack

Dark Reading

Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk

IoT 94

Phishing Attack Exposes Sensitive Data at California Agency

Data Breach Today

Smart City: Bridging Strategy and Governance in a Smart City

Information Governance Perspectives

If we cower in the face of disruption, our ideas will get stale, our skillsets will grow old, and our energy to adapt will precipitously decline. Tomorrow’s Jobs Today is a resource for smart people like you who realize the jobs of the future are very much here today and ours to adapt to.