Expert insights. Personalized for you.
Krebs on Security
DECEMBER 14, 2021
Microsoft , Adobe , and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that is already being actively exploited.
WIRED Threat Level
DECEMBER 13, 2021
Hundreds of millions of devices are likely affected. Security Security / Cyberattacks and Hacks
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
DECEMBER 16, 2021
In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. Related: The targeting of supply chains. While some of these efforts have been successful, and may prevent more damage from being done, it is important to realize that headline news is a lightning rod for more attacks. Successful attacks breed copycats, and their arrests make room for replacements.
Dark Reading
DECEMBER 16, 2021
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems
Speaker: Veena Vasudevan and Jason Hughes
In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!
Krebs on Security
DECEMBER 16, 2021
A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
|
The Last Watchdog
DECEMBER 13, 2021
Privacy and cybersecurity challenges and controversies reverberated through all aspect of business, government and culture in the year coming to a close. Related: Thumbs up for Biden’s cybersecurity exec order. Last Watchdog sought commentary from technology thought leaders about lessons learned in 2021– and guidance heading into 2022. More than two dozen experts participated. Here the first of two articles highlighting what they had to say. Comments edited for clarity and length.
Dark Reading
DECEMBER 13, 2021
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold
Krebs on Security
DECEMBER 13, 2021
The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system.
WIRED Threat Level
DECEMBER 12, 2021
“Smishing" is an attempt to collect logins or other sensitive information with a malicious text message—and it's on the rise. Security Security / Security Advice
Advertisement
IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!
The Last Watchdog
DECEMBER 14, 2021
As we close out 2021, a gargantuan open-source vulnerability has reared its ugly head. Related: The case for ‘SBOM’ This flaw in the Apache Log4J logging library is already being aggressively probed and exploited by threat actors — and it is sure to become a major headache for security teams in 2022. This vulnerability is so dangerous because of its massive scale.
Dark Reading
DECEMBER 17, 2021
Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really
Security Affairs
DECEMBER 14, 2021
Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines.
WIRED Threat Level
DECEMBER 15, 2021
ForcedEntry is “one of the most technically sophisticated exploits” Project Zero security researchers have ever seen. Security Security / Cyberattacks and Hacks
Advertisement
This report examines the quantitative research of data leaders on data value and return on investment.
DXC
DECEMBER 15, 2021
As fast as the world and technology evolve, IT departments are evolving with it. To stay ahead of all this change, IT leaders need to free up time for the most important tasks. Automation is an obvious answer to do this.
Dark Reading
DECEMBER 13, 2021
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card
Security Affairs
DECEMBER 12, 2021
Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes.
WIRED Threat Level
DECEMBER 16, 2021
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner. Security Security / Cyberattacks and Hacks
Advertisement
Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.
eSecurity Planet
DECEMBER 13, 2021
Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability.
Dark Reading
DECEMBER 16, 2021
A look at why this is such a tricky vulnerability and why the industry response has been good, but not great
Security Affairs
DECEMBER 13, 2021
Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware.
WIRED Threat Level
DECEMBER 15, 2021
A referral program and partner sites have spurred the spread of invasive, AI-generated “nude” images. Security Security / Privacy
Advertisement
Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.
eSecurity Planet
DECEMBER 13, 2021
Cybercriminals are quickly ramping up efforts to exploit the critical flaw found in the widely used Log4j open-source logging tool, targeting everything from cryptomining to data theft to botnets that target Linux systems.
Dark Reading
DECEMBER 13, 2021
Government actions help starve attack groups of the resources - money, ability to recruit, and time
Security Affairs
DECEMBER 12, 2021
Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets.
Schneier on Security
DECEMBER 13, 2021
NSO Group’s descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US.
Advertisement
Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.
WIRED Threat Level
DECEMBER 11, 2021
Plus: Bluetooth security, a Brazil hack, and more of the week's top security news. Security Security / Security News
Dark Reading
DECEMBER 17, 2021
One leader alone can't protect an organization from cyber threats, C-suite leaders agree
Security Affairs
DECEMBER 16, 2021
The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin privileges.
239 
Let's personalize your content