Sat.May 28, 2022 - Fri.Jun 03, 2022

article thumbnail

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. These individuals have many transferable skills that would make cybersecurity a prosperous civilian career.

article thumbnail

Ukraine Observed Nearly 14M Cyber Incidents in Q1 2022

Data Breach Today

The Majority of Incidents Entailed Malware Distribution, Phishing and Intrusion Attempts Three months after Russia’s ongoing invasion of Ukraine began, the country takes a look back at the turbulence the nation has faced in its cyber sphere during Q1 2022, and considers the way ahead.

Phishing 280
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

6 Steps to Ensure Cyber Resilience

Dark Reading

To minimize the impact of cyber incidents, organizations must be pragmatic and develop a strategy of resilience for dealing with break-ins, advanced malware, and data theft.

112
112
article thumbnail

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Krebs on Security

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sa

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

The zero trust approach to enterprise security is well on its way to mainstream adoption. This is a very good thing. Related: Covid 19 ruses used in email attacks. At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. Lots of innovation has come down the pike with respect to imbuing zero trust into two pillars of security operations: connectivity and authentication.

More Trending

article thumbnail

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs

A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell code.

article thumbnail

Thailand’s Personal Data Protection Act Enters into Force

Hunton Privacy

On June 1, 2022, Thailand’s Personal Data Protection Act (“PDPA”) entered into force after three years of delays. The PDPA, originally enacted in May 2019, provides for a one-year grace period, with the main operative provisions of the law originally set to come into force in 2020. Due to the COVID-19 pandemic, however, the Thai government issued royal decrees to extend the compliance deadline to June 1, 2022. .

article thumbnail

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. Big banks and insurance companies instilled the practice of requesting their third-party vendors to fill out increasingly bloated questionnaires, called bespoke assessments, which they then used as their sole basis for assessing third-party risk.

Security 262
article thumbnail

FBI: Hospital Averted 'Despicable' Iranian Cyberattack

Data Breach Today

FBI Director Says Boston Children's Hospital Was Targeted Last Summer Boston Children's Hospital thwarted a cyberattack by government-backed Iranian hackers last summer after U.S. authorities received intelligence about the pending assault and alerted the hospital, says FBI Director Christopher Wray, who called Iran's planned cyberattack "despicable.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Atlassian is warning of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the wild. “Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote c

Mining 141
article thumbnail

Critical OAS Bugs Open Industrial Systems to Takeover

Dark Reading

The most serious flaw gives attackers a way to remotely execute code on systems that many organizations use to move data in critical ICS environments, security vendor says.

Security 131
article thumbnail

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

The Last Watchdog

It’s not difficult to visualize how companies interconnecting to cloud resources at a breakneck pace contribute to the outward expansion of their networks’ attack surface. Related: Why ‘SBOM’ is gaining traction. If that wasn’t bad enough, the attack surface companies must defend is expanding inwardly, as well – as software tampering at a deep level escalates.

article thumbnail

Microsoft Office: Attackers Injecting Code via Zero-Day Bug

Data Breach Today

Malicious Code Execution Traced to Weaponized Office Documents Dating From April Attention to anyone who manages a Microsoft Windows environment: Security researchers are tracking a zero-day vulnerability in Microsoft Office that's being actively exploited by attackers to run malicious code on a vulnerable system.

Security 314
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators behind the EnemyBot botnet are expanding the list of potential targets adding exploits for recently disclosed critical vulnerabilities in from VMware, F5 BIG-IP, and Android. The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities.

CMS 141
article thumbnail

Why We Recommend Your Passwords Be Over 20-Characters Long

KnowBe4

KnowBe4 just released its official guidance and recommendations regarding password policy. It has been a project in the works for many months now, but we wanted to make sure we got it right.

Passwords 130
article thumbnail

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

The Last Watchdog

Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security. Related: Log4J’s long-run risks. That’s changing — dramatically. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of security flaws spinning out of digital transformation. I visited with Scott Kuffer, co-founder and chief operating officer of Sarasota, FL-based Nucleus Security , which is in the thick of this development.

Risk 228
article thumbnail

Scammers Send Fake Ukraine Aid Requests to Phish Victims

Data Breach Today

Criminals Seek Cryptocurrency and Other Monetary Donations , FBI Says The FBI says in an alert that scammers have been posing as Ukrainian entities to fraudulently seek donations and other financial assistance for the war-torn country. The agency says scammers in the past have also used crises as opportunities to cash in with fraudulent donation schemes.

Phishing 318
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Pro-Russian hacker group KillNet plans to attack Italy on May 30

Security Affairs

Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian ‘hacktivist’ group Killnet is one of the most active non-state actors operating since the beginning of the Russian invasion of Ukraine.

article thumbnail

List of data breaches and cyber attacks in May 2022 – 49.8 million records breached

IT Governance

Welcome to our May 2022 review of data breaches and cyber attacks. We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. You can find the full list below, with incidents affecting UK organisations listed in bold. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox.

article thumbnail

RSAC insights: ‘SaaS security posture management’ — SSPM — has emerged as a networking must-have

The Last Watchdog

Companies have come to depend on Software as a Service – SaaS — like never before. Related: Managed security services catch on. From Office 365 to Zoom to Salesforce.com, cloud-hosted software applications have come to make up the nerve center of daily business activity. Companies now reach for SaaS apps for clerical chores, conferencing, customer relationship management, human resources, salesforce automation, supply chain management, web content creation and much more, even security.

Security 221
article thumbnail

Breach At Turkey’s Pegasus Airlines Exposes 6.5 TB of Data

Data Breach Today

Misconfigured AWS S3 Bucket, Which Led to the Breach, Has Now Been Secured A data breach at Turkish firm Pegasus Airlines has put more than 6.5 TB of sensitive electronic flight bag data at risk, including sensitive flight details, source code and staff data, say researchers. A misconfigured AWS S3 bucket, which led to the incident, has now been secured.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Security Affairs

Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls. Recently CloudSEK founder Rahul Sasi warned of an ongoing WhatsApp OTP scam that could allow threat actors to hijack users’ accounts through phone calls. The fraudulent scheme is simple, threat actors make a phone call to the victims to trick them into making a call at a phone number starting either with 405 or 67.

article thumbnail

'Clipminer' Malware Actors Steal $1.7 Million Using Clipboard Hijackingp

Dark Reading

The malware targets Windows users via Trojanized downloads of cracked or pirated software and then starts in on cryptocurrency mining and clipboard hijacking.

Mining 130
article thumbnail

CNIL Unveils 2021 Annual Activity Report

Hunton Privacy

On May 11, 2022, the French Data Protection Authority (the “CNIL”) published its Annual Activity Report for 2021 (the “Report”). The Report provides an overview of the CNIL’s enforcement activities in 2021. The report notably shows a significant increase in the CNIL’s activity. In particular, the Report revealed that: The CNIL received 14,143 complaints in 2021 (+4% compared to 2020) and closed 12,522.

article thumbnail

Costa Rican Health Agency Hit by Apparent Hive Attack

Data Breach Today

Incident Follows April Conti Attack on Multiple Costa Rican Agencies Costa Rica's public health services agency was hit Tuesday by a ransomware attack allegedly launched by Hive. The incident comes after an April attack - reportedly by fellow Russian-backed group Conti - targeted multiple Costa Rican government agencies.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances of the malware spotted by the experts were compiled in early March, a few days after the Russian invasion of Ukraine began. “We found that

Phishing 139
article thumbnail

For Ransomware, Speed Matters

Dark Reading

Someone interested in putting together a ransomware campaign has to consider several factors. The LockBit group touts its speed over competing families to attract potential buyers for its ransowmare-as-a-service.

article thumbnail

Millions of MySQL Servers are Publicly Exposed

eSecurity Planet

More than 3.6 million MySQL servers are publicly exposed on the internet, security researchers noted this week. Shadow Server Foundation researchers reported that they simply issued a MySQL connection request on default port 3306 to see if a server responded with a MySQL Server Greeting, rather than intrusive requests that pentesters use to break into databases.