DLA Piper Privacy Matters

MARCH 15, 2021

Authors: Carol A.F. Umhoefer and Alaa Salaheldin. Global companies face increased pressure to adopt strong cyber risk mitigation measures in today’s rapidly evolving cyber threat-heavy business environment. According to security company PurpleSec LLC, in 2020 alone, cybercrime is reported to have increased by up to 600% as a result of new incentives and opportunities for hackers – including many more remote work environments – in the COVID-19 pandemic.

Risk 119

Risk Data Privacy Ransomware Privacy 119

Data Breach Today

MARCH 18, 2021

CISA Acting Director and Federal CISO Tell Senate of Need for a New Government Strategy The SolarWinds supply chain attack should push federal government agencies to adopt the "zero trust" model and deploy better endpoint detection and response tools, according to the new federal CISO and the acting director of the U.S. Cybersecurity and Infrastructure Security Agency.

Government 307

Government Cybersecurity Security 307

IG Guru

MARCH 18, 2021

A smart city is pretty much an urban region that makes use of information and communication technology, with electronic sensors to optimize efficiency, collect data, share information, and better the services rendered by the government and the lives of the citizens. There are several smart cities in the world, with the 5 most prominent being […].

IT 98

IT Communications Government Risk 98

Data Breach Today

MARCH 16, 2021

NSA, CISA Offer Advice on Using PDNS Services to Help Thwart Attacks As concerns about the number of attacks targeting domain name system protocols continue to grow, the NSA and CISA have released new guidance on how to choose and deploy a Protective Domain Name System service to strengthen security.

Security 310

Security 310

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Krebs on Security

MARCH 16, 2021

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we’re learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.

Security 357

Security Authentication Passwords Communications 357

AIIM

MARCH 18, 2021

Migrating to a new system or moving to a new platform? Then you’ll definitely need to create a successful data migration strategy to protect your valuable data and achieve the desired results. In this article, we’ll take a look at several ways to migrate your data. They will allow you to build a successful strategy, prevent data loss, and make everything as efficient as possible. 1.

Data migration 180

Data migration Cloud Sales Marketing 180

Data Breach Today

MARCH 15, 2021

Experts Say Increase Owes to Lack of Funding, Virtual Learning U.S. public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. This led to a spike in school cancellations, as IT staff members struggled to get systems back online while dealing with the COVID-19 pandemic, reports the K-12 Cybersecurity Resource Center.

Cybersecurity 363

Cybersecurity IT 363

Krebs on Security

MARCH 17, 2021

If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of one such goof committed by Fiserv [ NASDAQ:FISV ], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions.

e-Discovery 288

e-Discovery Phishing Communications IT 288

The Last Watchdog

MARCH 15, 2021

When we look at society today, we can see that we are moving further and further ahead with technology. Numerous advancements are being made at an extremely fast pace with no sign of slowing down. In fact, there is evidence that technology grows exponentially fast. Since we are quickly putting out large technologies, security risks always come with this.

Cybersecurity 124

Cybersecurity Phishing Access Risk 124

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

AIIM

MARCH 16, 2021

Metadata resides at the center of many of the essential aspects of content management. In addition to helping organize and classify content, Metadata enables good findability, can trigger workflow and transactional processes, reveals document usage patterns and history, and helps establish retention and disposition events. So far in our exploration of Metadata, we've answered some of the big questions already, including: What is Metadata?

Metadata 160

Metadata ECM Customer Experience Analytics 160

Data Breach Today

MARCH 18, 2021

Avast Says OnionCrypter Has Been in Use Since 2016 Security researchers at Avast have discovered that more than 30 hacker groups have been using a malware crypter dubbed OnionCrypter.

Security 347

Security 347

Krebs on Security

MARCH 15, 2021

A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com , a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.

Passwords 277

Passwords Mining Sales Data breaches 277

Schneier on Security

MARCH 17, 2021

Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the botnet is rendered useless. But over the years, botnet designers have come up with ways to make this counterattack harder. Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger.

Blockchain 143

Blockchain Paper Government Mining 143

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Threatpost

MARCH 16, 2021

Researchers from Sucuri discovered the tactic, which creatively hides malicious activity until the info can be retrieved, during an investigation into a compromised Magento 2 e-commerce site.

140

140

Data Breach Today

MARCH 17, 2021

To help strengthen the healthcare sector's defenses, the Center for Internet Security is offering all U.S. hospitals and healthcare delivery systems a free protection service designed to help block ransomware and other malware, says Ed Mattison, the center's executive vice president.

Ransomware 346

Ransomware Security 346

Security Affairs

MARCH 13, 2021

The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. OVH, one of the largest hosting providers in the world, has suffered this week a terrible fire that destroyed its data centers located in Strasbourg. The French plant in Strasbourg includes 4 data centers, SBG1, SBG2, SBG3, and SBG4 that were shut down due to the incident, and the fire started in SBG2 one.

Risk 136

Risk Security IT Information Security 136

Schneier on Security

MARCH 15, 2021

Interesting research: “ Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System “: Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world’s largest crowd-sourced location tracking network called offline finding (OF). OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an approximate location back to the owner via the Internet

Security 139

Security Paper Privacy Access 139

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Hunton Privacy

MARCH 16, 2021

On March 15, 2021, the California Attorney General (“AG”) approved additional CCPA Regulations that impact certain sections of the initial CCPA Regulations that went into effect on August 14, 2020. These amendments, which were the subject of the third and fourth sets of proposed modifications, went into effect on March 15, 2021. Notably, the newly amended CCPA Regulations state that methods for submitting requests to opt-out may not be designed with the purpose of, or have the substantial effect

129

129

Data Breach Today

MARCH 19, 2021

Protecting Servers Is Foundational For Modern Data Center Security. View this OnDemand webinar to learn how VMware Carbon Black is delivering unified workload protection that’s purpose-built for vSphere.

Security 345

Security 345

Security Affairs

MARCH 13, 2021

Three 15-year-old flaws in Linux kernel could be exploited by local attackers with basic user privileges to gain root privileges on vulnerable Linux systems. GRIMM researchers found three vulnerabilities in the SCSI (Small Computer System Interface) component of the Linux kernel, the issues could be exploited by local attackers with basic user privileges to gain root privileges on unpatched Linux systems.

Security 136

Security Risk Access IT 136

Threatpost

MARCH 18, 2021

The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform.

Security 135

Security 135

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

DXC Technology

MARCH 17, 2021

E-skimming has been an online shopping threat for a long time, keeping pace with the growth of e-commerce overall. The current global crisis presents another big opportunity for hackers to launch these strikes as people increasingly shop online. The nefarious cybercrime targets online payment systems to collect or “skim” the payment details of customers’ payment […].

Risk 125

Risk Retail Security 125

Data Breach Today

MARCH 19, 2021

Swiss Citizen Allegedly Leaked Multiple Victims' Stolen Data, Including Source Code A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with hacking by a U.S. federal grand jury, and accused of illegally accessing and leaking data from a number of organizations, apparently including Intel, Nissan and the U.S.

Access 341

Access 341

Security Affairs

MARCH 14, 2021

Google released proof-of-concept code to conduct Spectre attacks against its Chrome browser to share knowledge of browser-based side-channel attacks. Google released proof-of-concept code for conducting a Spectre attack against its Chrome browser on GitHub. The experts decided to publish the proof of concept code to demonstrate the feasibility of a web-based Spectre exploit.

Metadata 129

Metadata Encryption Authentication Security 129

IT Governance

MARCH 18, 2021

The UK government plans to invest £24 billion in cyber security and the armed forces as part of a major shake-up of its defence policy. Published earlier this week, Global Britain in a Competitive Age: the Integrated Review of Security, Defence, Development and Foreign Policy includes a new “full-spectrum” approach to the UK’s cyber security capabilities, which are designed to improve the country’s defences and deter potential attackers.

Security 124

Security Military Government Communications 124

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Threatpost

MARCH 19, 2021

Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure.

122

122

Data Breach Today

MARCH 14, 2021

Microsoft Investigating; Devcore Pentesters Say They're in the Clear It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit data leaked, and the question now is: Who leaked it?

IT 340

IT 340

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. Netgear has released security and firmware updates to address 15 vulnerabilities in its JGS516PE Ethernet switch, including an unauthenticated remote code execution flaw rated as critical.

Authentication 127

Authentication Security IT Access 127