Sat.Mar 06, 2021 - Fri.Mar 12, 2021

How to Develop a Metadata Strategy

AIIM

What’s the Importance of a Metadata Strategy? Many organizations use metadata in ways that provide significant business value. Every system uses metadata to store and retrieve data.

Does XDR Mark the Spot? 6 Questions to Ask

Dark Reading

Extended detection and response technology goes well beyond endpoint management to provide visibility into networks, servers, cloud, and applications. Could it be the answer to your security challenges

Cloud 90
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Relief Package Includes Less for Cybersecurity

Data Breach Today

$2 Billion for Security and IT, Rather Than $10 Billion as Originally Proposed The $1.9

A Basic Timeline of the Exchange Mass-Hack

Krebs on Security

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion.

IT 256

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

Like a couple of WWE arch rivals, Apple’s Tim Cook and Facebook’s Mark Zuckerberg have squared off against each other in a donnybrook over consumer privacy. Cook initially body slammed Zuckerberg — when Apple issued new privacy policies aimed at giving U.S. consumers a smidgen more control over their personal data while online. Related: Raising kids who care about their privacy.

More Trending

Beer-Brewer Molson Coors Reports On-Going Cyber Incident

Data Breach Today

Multiple Systems Impacted, Including Production and Shipping Capabilities The Molson Coors Beverage Company reported Thursday it is in the process of countering a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process.

Warning the World of a Ticking Time Bomb

Krebs on Security

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States.

BEST PRACTICES – 9 must-do security protocols companies must embrace to stem remote work risks

The Last Watchdog

Technology advancements have made it relatively easy for many employees to carry out their regular job duties from the comfort of their home. Related: Poll confirms rise of Covid 19-related hacks. This is something companies are under pressure to allow to help minimize the spread of Covid 19. The main problem for remote workers is the threat to online security. Remote workers face having both their personal and work-related information compromised.

A Bird-Feed Seller Beat a Chess Master. Then It Got Ugly

WIRED Threat Level

Twitch and YouTube chess star Levy Rozman has faced over a week of sustained harassment after calling out an alleged cheater. Security Security / Security News

IT 113

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Why Does EternalBlue-Targeting WannaCry Remain at Large?

Data Breach Today

The Most Widely Successful Wormable Malware Becomes Almost a Permanent Hangover' Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products.

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

On the off chance you were looking for more security to-dos from Microsoft today…the company released software updates to plug more than 82 security flaws in Windows and other supported software.

IT 188

OVH data centers suffered a fire, many popular sites are offline

Security Affairs

OVH, the largest hosting provider in Europe, has suffered a terrible fire that destroyed the data centers located in Strasbourg. OVH, one of the largest hosting providers in the world, has suffered a terrible fire that destroyed its data centers located in Strasbourg.

Access 113

How to Tell Which Emails Quietly Track You

WIRED Threat Level

Your emails know more about you than you might think, like when you open them or when you forward them to others. But you can reclaim your privacy. Security Security / Security Advice Security / Privacy

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Hackers Waging 'Living Off the Land' Attacks on Azure

Data Breach Today

Microsoft Shares Threat Detection and Mitigation Strategies Microsoft is warning users of its Azure cloud platform that hackers are using several "living-off-the-land" attack techniques to evade security measures, escalate privileges and deploy cryptominers.

Cloud 236

Home Assistant, Pwned Passwords and Security Misconceptions

Troy Hunt

Two of my favourite things these days are Have I Been Pwned and Home Assistant. The former is an obvious choice, the latter I've come to love as I've embarked on my home automation journey. So, it was with great pleasure that I saw the two integrated recently: always something.

Microsoft releases IOC Detection Tool for Microsoft Exchange Server flaws

Security Affairs

After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install is vulnerable.

More on the Chinese Zero-Day Microsoft Exchange Hack

Schneier on Security

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. The attacker was first detected by one group on Jan. 5 and another on Jan.

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Phishing Attack Uses Fake Google reCAPTCHA

Data Breach Today

Zscaler Says it Prevented Over 2,500 Phishing Attacks A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says.

Contemplating the Coffee Supply Chain: A Horror Story

Dark Reading

On the bean-to-cup journey, dangers await around every corner. Here, well-caffeinated security experts warn the coffee industry about the threats

Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

Security Affairs

The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system.

Hacking Digitally Signed PDF Files

Schneier on Security

Interesting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

List of Hacked Exchange Servers May Boost Recovery Efforts

Data Breach Today

Window Closing to Secure Small Organizations from Ransomware Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get

Can a Programming Language Reduce Vulnerabilities?

Dark Reading

Rust offers a safer programming language, but adoption is still a problem despite recent signs of increasing popularity

102
102

White hat hackers gained access more than 150,000 surveillance cameras

Security Affairs

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox.

Access 107

Metadata Left in Security Agency PDFs

Schneier on Security

Really interesting research : “Exploitation and Sanitization of Hidden Data in PDF Files” Abstract: Organizations publish and share more and more electronic documents like PDF files.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Supermicro and PulseSecure Issue Advisories on Trickboot

Data Breach Today

Companies Report Several of Their Products Are Vulnerable Supermicro and Pulse Secure have each issued advisories warning users that some of their products are vulnerable to an updated version of Trickbot malware that features a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities.

Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day

Dark Reading

The monthly rollout follows last week's emergency Microsoft Exchange Server patch covering seven CVEs, four of which are under attack

101
101

RedXOR, a new powerful Linux backdoor in Winnti APT arsenal

Security Affairs

Intezer experts have spotted a new strain of Linux backdoor dubbed RedXOR that is believed to be part of the arsenal of China-linked Winniti APT. Researchers from Intezer have discovered a new sophisticated backdoor, tracked as RedXOR, that targets Linux endpoints and servers.