Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” On April 13, Microsoft said it executed a legal sneak atta

Ransomware 267

Ransomware Cybersecurity Healthcare Access 267

Dark Reading

APRIL 18, 2022

IT departments must account for the business impact and security risks such applications introduce.

Security 133

Security Risk IT 133

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

CMS 129

CMS IoT Passwords IT 129

Data Breach Today

APRIL 19, 2022

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade. The CloudSEK researchers who discovered the malware have not attributed it to any particular group.

IT 335

IT 335

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. youth. Individuals who possess security clearances are not prohibited from traveling to foreign countries; however, there are certain acts and behaviors that may raise foreign influence and/or for

Security 210

Security Risk Military Government 210

Schneier on Security

APRIL 20, 2022

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

Government 142

Government IT 142

Data Breach Today

APRIL 22, 2022

Also: FBI's Warning to Healthcare Entities; Ransomware Trends Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the FBI's warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K. government has been infected with NSO Group spyware.

Ransomware 333

Ransomware Government 333

Dark Reading

APRIL 19, 2022

Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says.

Security 145

Security IT 145

AIIM

APRIL 21, 2022

There are two things you should know about me. The first is that I love to eat. I have an appetite that was once described as “alarming.” In my teenage years, I would kick back and devour an entire large pizza in one sitting. As I grew older, I refined my pallet and developed a desire for quality ingredients and a craving for a variety of flavors. The second thing you should know is that I hate to cook.

Customer Experience 147

Customer Experience Digital transformation Insurance Government 147

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

eSecurity Planet

APRIL 18, 2022

Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not. During such reconnaissance operations, attackers collect relevant data about their victims, but it’s not without risks for them.

IT 132

IT Paper Risk Security 132

Data Breach Today

APRIL 22, 2022

SOC.OS Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.

Security 330

Security IT 330

Dark Reading

APRIL 21, 2022

Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

Ransomware 140

Ransomware 140

Security Affairs

APRIL 18, 2022

US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog.

IT 132

IT Cybersecurity Risk Security 132

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Daymark

APRIL 19, 2022

If your organization has been working towards NIST 800-171 and is now on the journey to achieve CMMC 2.0 (the Cybersecurity Maturity Model Certification) it can be difficult to understand what you’ve already achieved and what’s left to do. Both standards are intended to reduce threats and strengthen cybersecurity for sensitive government data. Here’s some details on how they relate to each other and what’s involved to take the next steps toward CMMC compliance.

Compliance 121

Compliance Cybersecurity Government IT 121

Data Breach Today

APRIL 20, 2022

Containers Could Exploit the AWS Hot Patch to Take Over Its Underlying Host AWS has fixed "severe security issues" in hot patches it released in December to address the Log4Shell vulnerability in Java applications and containers. Palo Alto Networks' Unit 42 researchers said containers in server or cluster environments can exploit the patch to take over its underlying host.

Security 328

Security IT 328

IT Governance

APRIL 19, 2022

After a lengthy delay, version 4.0 of the PCI DSS (Payment Card Industry Data Security Standard) was published on 31 March 2022. Although the current version (3.2.1) remains valid until March 2024, organisations that are subject to the PCI DSS should prepare for the update as soon as possible. So, what does that involve? The headline change to PCI DSS v4.0 is the introduction of the “customized approach”.

IT 119

IT Passwords Risk Compliance 119

Security Affairs

APRIL 20, 2022

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online. Below the organizations breached in the last three days, since my previous update: Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs.

Archiving 123

Archiving Access Government Cybersecurity 123

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

APRIL 20, 2022

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks.

Phishing 129

Phishing 129

Data Breach Today

APRIL 21, 2022

Security and Ethical Concerns Persist as AI-Driven Lethal Weapon Systems Evolve Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially because lethal weapons keep evolving toward full autonomy but cannot be made hack-proof.

Security 281

Security 281

KnowBe4

APRIL 18, 2022

Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are using this technique. Researchers at Mandiant observed the Russian state-sponsored actor Cozy Bear launching repeated MFA prompts until the user accepted the request.

Authentication 110

Authentication 110

Security Affairs

APRIL 21, 2022

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective against malicious traffic. Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) which is currently developed by Cisco. The software performs real-time traffic analysis and packet logging on Internet Protocol (IP) networks, protocol analysis, content searching and matching.

IT 117

IT Cybersecurity Security Information Security 117

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Imperial Violet

APRIL 16, 2022

There are many encoding formats. CBOR is one of them. Like several others, a subset of it basically fine—I'm not starting that fight today. Whatever encoding you use, it's nice to reduce flexibility. If there are multiple ways of encoding the same thing then, for anything with a non-negligible diversity of implementations, you'll find that there is a canonical encoding, it's just not documented.

Mining 102

Mining IT Security 102

Data Breach Today

APRIL 22, 2022

Group Also Claims to Have Targeted the US, Poland, Germany and UK Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days. It targets victims that it believes are adversaries of Russia, and several critical infrastructure entities in the Czech Republic are known to have been successfully targeted.

IT 261

IT 261

Threatpost

APRIL 20, 2022

A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.

Security 117

Security 117

Security Affairs

APRIL 21, 2022

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets.

Access 114

Access Cybersecurity Security IT 114

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

Dark Reading

APRIL 21, 2022

To better manage risks, companies can concentrate on resilience, sharing information to protect from cyber threats, and making the cybersecurity tent bigger by looking at workers with nontraditional skill sets.

Cybersecurity 106

Cybersecurity Risk 106

Data Breach Today

APRIL 18, 2022

Expanded Rewards Follow FBI Attributing Ronin Network Hack to Lazarus Group The U.S. government is offering up to $5 million for information that helps disrupt the illicit flow of funds to North Korea, including via cryptocurrency exchange hacks and ransomware. The expanded reward comes as the FBI has attributed a $620 million cryptocurrency heist to North Korean hackers.

Ransomware 261

Ransomware Government 261

KnowBe4

APRIL 21, 2022

Social media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found.

Phishing 119

Phishing 119