Data Breach Today
SEPTEMBER 15, 2021
Windows Users Can Now Use Other Methods to Access Microsoft Products Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.
WIRED Threat Level
SEPTEMBER 14, 2021
iOS, Windows, and Chrome all have zero-day vulnerabilities that hackers are going after. Now that the fixes are here, you need to install them ASAP.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
SEPTEMBER 14, 2021
The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year.
Krebs on Security
SEPTEMBER 15, 2021
TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned. While many companies have been laying off or furloughing workers in response to the Coronavirus pandemic, TTEC has been massively hiring.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
SEPTEMBER 17, 2021
Many Files Crypto-Locked Before July 13 Unlockable via Free Bitdefender Decryptor Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
SEPTEMBER 15, 2021
Having a gold copy of critical data offline is essential in every organization's disaster recovery or continuity plan. Follow the 3-2-1-1 rule to secure your data.
Krebs on Security
SEPTEMBER 16, 2021
A jury in California today reached a guilty verdict in the trial of Matthew Gatrel , a St. Charles, Ill. man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. Gatrel’s conviction comes roughly two weeks after his co-conspirator pleaded guilty to criminal charges related to running the services.
Data Breach Today
SEPTEMBER 16, 2021
But Does the 'Policy Statement' Warning Overstep the Intention of the Rule? The FTC warns makers of personal health records, mobile health apps, fitness devices and a variety of similar products and services that they will face stiff civil monetary penalties for failure to comply with the commission's 12-year-old - but never-yet enforced - Health Breach Notification Rule.
Security Affairs
SEPTEMBER 12, 2021
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but changing the malware internals and its capabilities making it a fully undetectable (FUD) weapon.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Threatpost
SEPTEMBER 13, 2021
How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”.
eSecurity Planet
SEPTEMBER 16, 2021
An investigation by McAfee researchers into a case of a suspected malware infection uncovered a cyber attack that had been sitting in the victim organization’s network for years stealing data. The investigators said the advanced threat actors used a mixture of known and unique malware tools in the attack – which they dubbed Operation Harvest – to compromise the victim’s IT environment, exfiltrate the data and evade detection.
Data Breach Today
SEPTEMBER 15, 2021
Critics Say Travis CI's Security Bulletin is Insufficient Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials and more, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
Security Affairs
SEPTEMBER 15, 2021
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment. The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
DLA Piper Privacy Matters
SEPTEMBER 15, 2021
By the end of the 2018, the Spanish Parliament belatedly completed the framework provided by EU’s GDPR approving a new Data Protection Act. Following a local tradition dated in 1992, the Spanish legislators deviated themselves from the mainstream position in the EU. The new Spanish law included, among other deviations, new digital rights unknown by the GDPR, a special period of retention of personal data in favor of public authorities after the data had to be deleted or corrected, a genera
Hunton Privacy
SEPTEMBER 17, 2021
On September 13, 2021, the Federal Trade Commission published final revisions to five rules promulgated pursuant to the Fair Credit Reporting Act (“FCRA”), to clarify that the rules apply only to motor vehicle dealers. The final revisions were made to bring the rules in line with the Dodd-Frank Wall Street Reform and Consumer Protection Act. Entities other than motor vehicle dealers are still subject to the Consumer Financial Protection Bureau’s (“CFPB’s”) FCRA counterpart rules and the concurre
Data Breach Today
SEPTEMBER 15, 2021
Proposed Class Action Suit Filed After Breach Affecting 1.4 Million A proposed class action lawsuit filed this week against St. Joseph's/Candler Health System in the wake of a recent ransomware breach affecting 1.4 million individuals alleges that the Georgia-based healthcare entity was "reckless" and "negligent" in safeguarding patients' information.
Threatpost
SEPTEMBER 17, 2021
With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier's U.S. network -- all the way from Pakistan.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Security Affairs
SEPTEMBER 17, 2021
Security researchers spotted a new malware that uses Windows Subsystem for Linux (WSL) to evade detection in attacks against Windows machines. Security researchers from Lumen’s Black Lotus Labs have discovered several malicious Linux binaries developed to target the Windows Subsystem for Linux (WSL). Windows Subsystem for Linux (WSL) is a compatibility layer for running Linux binary executables (in ELF format) natively on Windows 10, Windows 11, and Windows Server 2019.
IT Governance
SEPTEMBER 15, 2021
A UK government report published last year found that 48% of organisations lacked the expertise to complete routine cyber security practices. This includes an inability to protect against malware, set access controls and apply updates. The report also found that 30% of organisations had skills gaps in more advanced areas, such as penetration testing, forensic analysis and security architecture.
Data Breach Today
SEPTEMBER 13, 2021
Citizen Lab Says iMessage Exploit Delivered NSO's Pegasus Spyware Apple patched a software vulnerability on Monday that researchers say was used to deliver spyware via its iMessage platform to the mobile phones of activists. But a few changes to iMessage could make it safer overall for individuals at high risk of surveillance, says an Apple security expert.
Threatpost
SEPTEMBER 13, 2021
Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Security Affairs
SEPTEMBER 14, 2021
A high severity vulnerability, tracked as CVE-2021-3437 , in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of pri
Elie
SEPTEMBER 12, 2021
We analyze over 1.2 billion email-based phishing and malware attacks against Gmail users to understand which factors place a person at heightened risk of being targeted.
Data Breach Today
SEPTEMBER 17, 2021
Researchers Say OMIGOD Vulnerability Can Give Attackers Root Privileges The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, which is part of a quarter of vulnerabilities dubbed OMIGOD, in Microsoft's Azure Linux Open Management Infrastructure framework, according to Kevin Beaumont, head of the security operations center for Arcadia Group.
Threatpost
SEPTEMBER 17, 2021
Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
SEPTEMBER 12, 2021
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The dark web leak site of the ransomware gang, also known as the Happy Blog, is back online, while the site decoder[.]re is still offline at the time of this writing.
Schneier on Security
SEPTEMBER 17, 2021
Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit.
Data Breach Today
SEPTEMBER 17, 2021
Researchers: Attacker Sold Pilfered Airline Data on the Darknet Cisco Talos researchers have connected a previously discovered series of aviation industry attacks stretching back more than three years to a Nigeria-based attacker. The attacker sold the stolen information on the darknet, the researchers say.
Expert insights. Personalized for you.
345 
Let's personalize your content