Data Breach Today
APRIL 23, 2022
Company Says No Sensitive Customer or Government Information Leaked The US telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts. The company says hackers did not steal any sensitive customer or government information during the incident.
Krebs on Security
APRIL 27, 2022
When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue , a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data reque
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
APRIL 26, 2022
In a recent survey of US-based CEOs, talent shortages and cybersecurity were listed as two of the top five business concerns in 2022. Related: Cultivating ‘human sensors’ They may not entirely realize that when compounded, these two concerns could pose a critical security threat for their organization. CEOs who are looking to secure their data and build a cyber-resilient infrastructure are facing a quadruple whammy: •Expanding their digital infrastructure faster than they can secure
Security Affairs
APRIL 28, 2022
Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity agencies of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency ( CISA ), Na
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
APRIL 28, 2022
Lockbit, Conti, Hive and Alphv/BlackCat Tied to Greatest Number of Known Victims Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
KnowBe4
APRIL 26, 2022
Despite the world’s best efforts to get everyone off passwords and onto something else (e.g., MFA , passwordless authentication, biometrics, zero trust, etc.) for decades, passwords have pervasively persisted. Today, nearly everyone has multiple forms of MFA for different applications and websites AND many, many passwords.
Jamf
APRIL 29, 2022
Discover the background and future trajectory of the Jamf Plugin for GLPI, one of the many valuable tools available through the Jamf Marketplace. Independent developer Curtis Conard provides a first-hand account of its creation and the importance of open-source software.
Data Breach Today
APRIL 27, 2022
80 Zero-Day Vulnerabilities - a Record Number - Were Exploited in the Wild in 2021 The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
IT Governance
APRIL 28, 2022
The Stormous ransomware gang announced earlier this week that it had hacked Coca-Cola and stolen 161 gigabytes of data. The group have put the information up for sale on the dark web, requesting just over $64,000 (about £51,000) in bitcoin. It’s a surprisingly low sum for the amount of information reportedly stolen and the reputation of the victim. By comparison, a report published last year found that US firms pay $6 million on average in ransomware demands.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
OpenText Information Management
APRIL 29, 2022
Netwire is a Remote Access Trojan (RAT) capable of stealing passwords, keylogging, and includes remote control capabilities. Netwire RAT has been used by advanced persistent threat groups (APT) in the past. In a recent malspam campaign, Netwire RAT was delivered via an achieved zip file containing a Visual Basis script. OpenText Security Consulting team, as … The post Dissecting Netwire Remote Access Trojan (RAT) behavior on an infected endpoint appeared first on OpenText Blogs.
Jamf
APRIL 26, 2022
Introducing the first-of-its-kind Jamf Event, where Dean Hager, Jamf CEO and other key Jamf team members unveil new platform capabilities and enhanced workflows, as well as their benefits to you and end-users alike. Also, find out when these new enterprise-secure and consumer-simple technologies will be available.
Data Breach Today
APRIL 29, 2022
Guidance Has Changed on Socking Away Bitcoins 'Just in Case' to Pay a Ransom Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
IT Governance
APRIL 26, 2022
Although it’s not a formal requirement of ISO 45001, a risk and opportunity register is a useful tool for organisations looking to bolster the health and safety of their workplace. The Standard describes best practices for occupational health and safety, and is designed to reduce injuries and diseases. This includes on-site accidents, long-term physical conditions and mental health issues.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Hunton Privacy
APRIL 25, 2022
On April 12, 2022, Colorado Attorney General Phil Weiser made remarks at the International Association of Privacy Professionals Global Privacy Summit in Washington, D.C., where he invited stakeholders to provide informal public comments on the Colorado Privacy Act (“CPA”) rulemaking. In addition to this informal public comment, the Colorado Department of Law (“Department”) will begin the formal notice-and-comment rulemaking phase in fall 2022 by announcing a notice of rulemaking and accompanyi
eSecurity Planet
APRIL 28, 2022
U.S. cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. Topping the list were the Log4Shell vulnerability and Microsoft bugs ProxyShell and ProxyLogon. Microsoft occupied more than half the list, with Exchange Server accounting for eight of the vulnerabilities.
Data Breach Today
APRIL 28, 2022
Errol Weiss Says Industry Lacks Resources to Improve Cybersecurity The health care industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency. Errol Weiss of Health-ISAC says the industry as a whole lacks resources.
Schneier on Security
APRIL 25, 2022
SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “thank you for paying your bill, here’s a free gift for you.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
WIRED Threat Level
APRIL 27, 2022
From “IT Army” DDoS attacks to custom malware, the country has become a target like never before.
KnowBe4
APRIL 28, 2022
With ransomware attacks on the increase, new data shows a material portion of small and medium business organizations are completely ill-equipped to address an attack.
Data Breach Today
APRIL 25, 2022
In this episode of "Cybersecurity Unplugged," Roger Sels, vice president, solution, EMEA at BlackBerry, discusses the global threat landscape one year after SolarWinds, including cyberthreats from Russia and China; the cyber impact of the Russia-Ukraine war; and the cyber call to action.
Schneier on Security
APRIL 29, 2022
New research: “ Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps “: Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. And for the most part, users have accepted these apps in their personal space, without much thought about the permission models that govern the use of their personal data during me
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Hunton Privacy
APRIL 28, 2022
On April 19, 2022, the California state legislature and an industry self-regulatory group each separately took steps to enhance online privacy protections for children who are not covered by the Children’s Online Privacy Protection Act (“COPPA”), which applies only to personal information collected online from children under the age of 13. Center for Industry Self-Regulation Roadmap.
Security Affairs
APRIL 24, 2022
OpRussia continues unabated, since declaring ‘cyber war’ on Russia Anonymous has now published approximately 5.8 TB of Russian data. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues to collect successes, the collective claims to have published approximately 5.8 TB of Russian data via DDoSecrets.
Data Breach Today
APRIL 28, 2022
Financial Buyers Have Cashed in on Modest Valuations to Expand Their Security Stack The recent drop in stock prices has presented private equity firms with a golden opportunity to acquire fast-growing public cybersecurity companies without breaking the bank. Financial buyers have taken advantage, scooping up five of the less than 30 public pure-play cybersecurity vendors.
Record Nations
APRIL 29, 2022
Despite advancements in paperless technology, like document scanning and cloud services, paper consumption is actually increasing. There are a number of reasons for this aside from things like toilet paper and food packaging. Many companies are simply reluctant to make the switch due to fear of the unknown, or potentially expensive up-front costs of making […].
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
DLA Piper Privacy Matters
APRIL 28, 2022
Authors: Carolyn Bigg, Yue Lin Lee, Gwyneth To and Jing Qin Cho. Companies providing cybersecurity services (“ CSPs “) in Singapore will now have to obtain a licence for the provision of such services by 11 October 2022. The licensing framework took effect from 11 April 2022. The licensing framework is part of the Cybersecurity Act and aims to better safeguard customer interests as well as improve service provider standards.
Collibra
APRIL 29, 2022
Did you know that you will consume an estimated 40 pounds of plastic in your lifetime? . You may not be eating a Lego brick every week, but according to scientists at the University of Newcastle, you are ingesting the equivalent thanks in part to the improper disposal of litter. . Since plastic does not biodegrade (does not decompose by bacteria or other living organisms), it exists in its original form for centuries.
Data Breach Today
APRIL 27, 2022
6 Russian Military Intelligence Agents Charged With Launching NotPetya Destruction The U.S. government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign. The malware spread globally, causing commercial damage of up to $10 billion.
Expert insights. Personalized for you.
352 
Let's personalize your content