Data Breach Today
FEBRUARY 24, 2021
Issues Include Attackers' Use of Amazon's Infrastructure The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
OpenText Information Management
FEBRUARY 25, 2021
Slow and inconsistent performance can be a barrier to user adoption and achieving the desired outcomes for a solution. Even small inefficiencies can add up, leading to reduced productivity across the user base. To get the most out of your enterprise information management (EIM) deployment, you’ll want to ensure that performance is optimal.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
FEBRUARY 21, 2021
In 2003, Barrett Lyon created a map of the internet. In 2021, he did it again—and showed just how quickly it's expanded.
AIIM
FEBRUARY 25, 2021
Information has transformed in a big way over the past few decades, with some of the most significant changes coming in just the last five years. Year over year, information has seen a dramatic increase in both value and volume. The advancement of new technology has transitioned much of this from paper to digital – which presents its own set of new challenges regarding compliance, access, and protection.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
FEBRUARY 20, 2021
GoSearch22 is an Off-Shoot of macOS-Targeting Pirrit Adware A security researcher has uncovered what is believed to be the first-ever malware variant that can be successfully executed in Apple's M1 chips, its latest central processor unit for Mac computers.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
FEBRUARY 20, 2021
Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to their information. Sequoia Capital, one of the most prominent venture capital firms that focus on the technology industry, discloses a data breach. The company informed its investors that an unauthorized third party had access to their personal and financial information.
AIIM
FEBRUARY 23, 2021
How many times have you left a joint meeting of members of your organization's Information Management (IM) and IT teams thinking that everyone was on the same page, only to find out a few days later that the decisions your colleagues in the "other" unit took away were totally different from what your unit did? It happens more often than we think. And when it does happen, we should consider ourselves lucky if it takes only a few days for the inconsistent understanding to surface.
Data Breach Today
FEBRUARY 25, 2021
Kaspersky Ties Latest Hacking Campaign and Backdoor to Lazarus Group Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a backdoor called ThreatNeedle that moves laterally through networks and can overcome network segmentation, according to researchers at Kaspersky.
WIRED Threat Level
FEBRUARY 22, 2021
The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
IT Governance
FEBRUARY 22, 2021
Ransomware has become one of the most common and profitable forms of cyber crime, but there’s an obvious fact that is neglected: the attacks are only worthwhile if the victim chooses to pay up. Of course, it’s easy to say that organisations can ignore criminals’ demands, but when facing weeks of disruption, huge financial losses and the prospect of customers’ personal data being leaked online, you can understand why some victims cave in.
Security Affairs
FEBRUARY 26, 2021
French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks. Experts from French national cyber-security agency ANSSI have spotted a new Ryuk ransomware variant that implements worm-like capabilities that allow within local networks. “On top of its usual functions, this version holds a new attribute allowing it to self replicate over the local network.” reads the report published by the ANSS
Data Breach Today
FEBRUARY 26, 2021
Campaign Targets Tibetan Organizations Proofpoint reports that Chinese state-sponsored hackers are using a new customized malicious Mozilla Firefox browser extension that facilitates access and control of victims’ Gmail accounts. So far, the hackers are targeting Tibetan organizations.
WIRED Threat Level
FEBRUARY 24, 2021
A Sandworm-adjacent group has successfully breached US critical infrastructure a handful of times, according to new findings from the security firm Dragos.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Threatpost
FEBRUARY 22, 2021
At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that over the weekend a user was able to breach “multiple” ClubHouse room audio feeds […].
Security Affairs
FEBRUARY 24, 2021
Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) software began in mid-December 2020, threat actors use to deploy a
Data Breach Today
FEBRUARY 26, 2021
Lawmakers and Witnesses See Expanded Role for CISA Following Attack A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.
Schneier on Security
FEBRUARY 25, 2021
I am a co-author on a report published by the Hoover Institution: “ Chinese Technology Platforms Operating in the United States.” From a blog post : The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses. It starts from the common view of the signatories — one reflected in numerous publicly available threat assessments — that China’s power is
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Protection Report
FEBRUARY 25, 2021
There has been a big bang in the data protection world in Berlin as the first and most spectacular GDPR fine in Germany has just been declared invalid. The Berlin Commissioner for Data Protection for Freedom of Information ( Berliner Beauftragte für den Datenschutz und Informationsfreiheit , “ Berlin DPA ”) issued a EUR 14.5 million fine against a German real estate company, die Deutsche Wohnen SE (“ Deutsche Wohnen ”).
Hunton Privacy
FEBRUARY 25, 2021
The concept of regulatory sandboxes has gained traction in the data protection community. Since the UK Information Commissioner’s Office (the “ICO”) completed its pilot program of regulatory sandboxes in September 2020, two European Data Protection Authorities (“DPAs”) have created their own sandbox initiatives following the ICO’s framework. The Datatilsynet Sandbox Initiative for Responsible Artificial Intelligence.
Data Breach Today
FEBRUARY 24, 2021
FireEye, Microsoft, CrowdStrike Offer New Details and Recommendations The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S. Senate panel Tuesday while detailing how foreign actors gained access into their firms' systems as a result of the SolarWinds supply chain attack.
Threatpost
FEBRUARY 25, 2021
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Security Affairs
FEBRUARY 25, 2021
Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093 , that can be exploited for remote code execution in the context of the DirectWrite client.
OpenText Information Management
FEBRUARY 23, 2021
Even with 2020 in the rearview mirror, the impact of last year will linger for some time. Clinical trials moved to virtual models, supply chain disruptions reached historic levels and telehealth became routine — all nearly overnight. As a result, Life Sciences organizations start 2021 with new perspectives and new priorities, viewed through a lens … The post Adapt, pivot and persevere: Life Sciences in 2021 appeared first on OpenText Blogs.
Data Breach Today
FEBRUARY 20, 2021
Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.
Threatpost
FEBRUARY 23, 2021
Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express - but that really steal their credentials.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Schneier on Security
FEBRUARY 23, 2021
Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files. From a ZDNet article : Today, developers at small or large companies use package managers to download and import libraries that are then assembled together using build tools to create a final app.
Thales Cloud Protection & Licensing
FEBRUARY 23, 2021
Thales leading the way with PCI-approved remote management solutions. madhav. Tue, 02/23/2021 - 06:20. There is an increasing focus in the payments world regarding certifications. After all, transaction processing systems require robust security techniques in their attempts to defeat the fraudsters. Payment card fraud is still a major issue as can be seen from detailed analysis provided by UK Finance (which covers the UK market) and by the Nilson Report which reported $28.65 billion card fraud l
Data Breach Today
FEBRUARY 23, 2021
Researchers: 'Jian' Hacking Tool Targeted Zero-Day Flaw in Windows A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research. The analysis shows how some U.S. cyber weapons have been turned against their developers.
Expert insights. Personalized for you.
293 
Let's personalize your content