Sat.Dec 26, 2020 - Fri.Jan 01, 2021

article thumbnail

SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova

Data Breach Today

Both Strains of Malware Among Multiple Tactics Being Used by Supply Chain Attackers Software vendor SolarWinds has updated multiple versions of its Orion network-monitoring software to address the Sunburst backdoor that was added to its code, and to block Supernova malware that exploited a vulnerability in Orion. But incident response experts have warned that full cleanup may take years.

Cleanup 285
article thumbnail

Reducing the Risk of Third-Party SaaS Apps to Your Organization

Dark Reading

Such apps may try to leak your data, or can contain malicious code. And even legitimate apps may be poorly written, creating security risks.

Risk 112
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware in 2020: A Banner Year for Extortion

Threatpost

From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom, ransomware gangs disrupted organizations to inordinate levels in 2020.

article thumbnail

Happy 11th Birthday, KrebsOnSecurity!

Krebs on Security

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra day to a solar rotation that most of us probably can’t wait to see in the rearview mirror.

Phishing 257
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

T-Mobile Alerts Customers to New Breach

Data Breach Today

Compromised Information Includes Phone Numbers and Call-Related Information T-Mobile on Tuesday began informing a portion of its customers that some of their mobile phone account information may have been compromised in a data breach that took place in early December. About 200,000 customers are affected.

More Trending

article thumbnail

Brexit Deal Mandates Old Insecure Crypto Algorithms

Schneier on Security

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists… The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard… The processing rules for s/MIM

article thumbnail

The Most Dangerous People on the Internet in 2020

WIRED Threat Level

This year saw plenty of destructive hacking and disinformation campaigns—but amid a pandemic and a historic election, the consequences have never been graver.

Security 144
article thumbnail

Whirlpool Hit With Ransomware Attack

Data Breach Today

Nefilim Ransomware Gang Takes Responsibility, Posts Allegedly Stolen Data The major appliances giant Whirlpool acknowledges it was hit with a ransomware attack in November, with the cyber gang Nefilim taking responsibility for the cyber incident and claiming to have stolen company data.

article thumbnail

New Golang-based Crypto worm infects Windows and Linux servers

Security Affairs

Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers. The malware has been active since early December targeting public-facing services, including MySQL, Tomcat admin panel and Jenkins that are protected with weak passwords.

Passwords 145
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’

Threatpost

Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold.

Security 140
article thumbnail

EU-UK Trade Deal: What It Means For Post-Brexit Data Flows

Hunton Privacy

On December 24, 2020, the European Union and the United Kingdom reached an agreement in principle on the historic EU-UK Trade and Cooperation Agreement (the “Trade Agreement”). For data protection purposes, there is a further transition period of up to six months to enable the European Commission to complete its adequacy assessment of the UK’s data protection laws.

article thumbnail

Kawasaki: Cyber Incident May Have Resulted in Data Loss

Data Breach Today

Attackers Gained Access to Company's Network Through Remote, Overseas Servers Kawasaki Heavy Industries is reporting that an unknown threat actor gained access to its internal network through servers located in an overseas office, according to a company statement. The result: Some corporate data may have leaked to a third party.

Access 269
article thumbnail

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS score of 7.8, it could be exploited by an attacker to login with administrative privileges and take over the networking devices. “Firmw

Passwords 138
article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

20 for 2020: The Edge's Top Articles of the Year

Dark Reading

Variety is the spice of life, and it's also the perfect analogy for the article topics that resonated most with Edge readers this past year.

IT 144
article thumbnail

Weekly Update 224

Troy Hunt

It's a new year! With lots of breaches to discuss already ? Ok, so these may not be 2021 breaches but I betcha that by next week's update there'll be brand new ones from the new year to discuss. I managed to get enough connectivity in the middle of the Australian outback in front of Uluru to do the live stream this week, plus talk a bunch more about what we've been doing on our epic Australian journey.

article thumbnail

Ticketmaster Fined $10 Million for Hacking Competitor

Data Breach Today

The Ticket Seller Used Credentials Supplied by a Competitor's Former Staffer Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.

Passwords 293
article thumbnail

SolarWinds hackers gained access to Microsoft source code

Security Affairs

The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft products. The threat actors behind the SolarWinds attack could have compromised a small number of internal accounts and used at least one of them to view source code in a number of source code repositories. Shortly after the disclosure of the SolarWinds attack, Microsoft confirmed that it was one of the companies breached in the recent supply chain attack, but the IT giant de

Access 140
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. Swatting is a dangerous prank where emergency services are called to respond to a life threatening situation that requires immediate intervention by police and/or S.W.A.T. teams. In a public service announcement issued December 29, the FBI warned that “offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks.

IoT 120
article thumbnail

What are organisations doing to address cyber security in 2021?

IT Governance

With data breaches soaring over the past two years and organisations struggling with the technical demands of the coronavirus pandemic, PwC has declared this a critical point for the cyber security industry. Its Cyber security strategy 2021: An urgent business priority report notes that the pandemic means organisations can no longer ignore the importance of cyber security.

Security 119
article thumbnail

SolarWinds Attack: 'This Hit the Security Community Hard'

Data Breach Today

RiskIQ CEO Lou Manousos Details Lessons to Learn in Supply-Chain Attack Aftermath The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ. The attack surface management expert details lessons all organizations must learn in the wake of this "unprecedented" attack.

Security 308
article thumbnail

Japanese Kawasaki Heavy Industries discloses security breach

Security Affairs

Japanese giant Kawasaki Heavy Industries discovered unauthorized access to a Japanese company server from multiple overseas offices. Kawasaki Heavy Industries disclosed a security breach, the company discovered unauthorized access to a Japanese company server from multiple overseas offices. Information from its overseas offices might have been stolen as a result of a security breach that took place earlier this year.

Security 138
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Ransomware Is Headed Down a Dire Path

WIRED Threat Level

2020 was a great year for ransomware gangs. For hospitals, schools, municipal governments, and everyone else, it’s going to get worse before it gets better.

article thumbnail

6 Questions Attackers Ask Before Choosing an Asset to Exploit

Threatpost

David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding "hacker logic" can help prioritize defenses.

Cloud 129
article thumbnail

SolarWinds Aftermath: 'This Hit the Security Community Hard'

Data Breach Today

RiskIQ CEO Lou Manousos on Lessons We Need to Learn From This Attack As CEO of RiskIQ, Lou Manousos has a unique view into the Internet Attack Surface Intelligence, Vulnerability & Analytics space. And he doesn't understate the significance of the SolarWinds breach, which he says hit both the nation and the cybersecurity community "hard.

Analytics 258
article thumbnail

Nefilim ransomware operators leak data stolen from Whirlpool

Security Affairs

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The American multinational manufacturer and marketer of home appliances Whirlpool suffered a ransomware attack, Nefilim ransomware operators claim to have stolen data from the company and threaten to release the full dump if the company will not pay the ransom.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Security Pros Reflect on 2020

Dark Reading

Eight cybersecurity leaders go deep on their most valuable (and very human) takeaways from a year like no other we've known.

Security 136
article thumbnail

New York Temporarily Bans Facial Recognition Technology in Schools

Hunton Privacy

On December 22, 2020, New York Governor Andrew Cuomo signed into law legislation that temporarily bans the use or purchase of facial recognition and other biometric identifying technology in public and private schools until at least July 1, 2022. The legislation also directs the New York Commissioner of Education (the “Commissioner”) to conduct a study on whether this technology is appropriate for use in schools.

Education 111
article thumbnail

UK Police Arrest 21 WeLeakInfo Users In Cyber Crackdown

Data Breach Today

NCA: Now-Defunct Website Sold Access to 12 Billion Personal Records Police in the U.K. have arrested 21 people who were customers of the now-defunct WeLeakInfo website that provided cybercriminals with access to over 12 billion personal records culled from 10,000 data breaches, according to Britain's National Crime Agency. Other investigations are still underway.