Data Breach Today
JULY 21, 2022
ManageEngine's Harish Sekar on the Challenges of Addressing How to Do Zero Trust Harish Sekar, senior technical evangelist & head of business development, ManageEngine, discusses the ways in which a CISO's job can be a "nightmare," offers tips on how to manage the "how" as well as the "what" of zero trust and handle product sprawl, and weighs in on the importance of false positives.
Krebs on Security
JULY 18, 2022
The 911 service as it exists today. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. 911 says its network is made up entirely of users who voluntarily install its “free VPN” software.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JULY 18, 2022
Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says.
Data Protector
JULY 22, 2022
In August 2013 the European Commission introduced new rules to require Communication Service Providers to report all personal data breaches, no matter how minor, to local data protection regulators within 24 hours of the incident being detected [Art 2]. Reporting delays would result in providers being subject to ICO fines. Significant breaches were also required to be reported to the impacted individuals [Art 3].
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JULY 21, 2022
Experts: Class Actions Filed in Wake of Big Data Breaches Keep Growing Two recent data breach lawsuit settlements by healthcare organizations underscore mounting liability risk stemming from a growing number of lawsuits. Missouri-based BJC Healthcare has agreed to pay up to $2.7 million to settle while Indiana-based Methodist Hospitals is on the hook for $425,000.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
JULY 21, 2022
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
Security Affairs
JULY 20, 2022
Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems. Luna ransomware is the third ransomware family that is written in Rust language, other malware strains are BlackCat and Hive.
Data Breach Today
JULY 21, 2022
The Series A Proceeds Will Help Halborn Expand Its Audit and Pen Testing Services Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Schneier on Security
JULY 21, 2022
This is a dangerous vulnerability: An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720 , a GPS tracker that sells for about $20 and is widely available. The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models. The China-based manufacturer says 1.5 million of its tracking devices are deployed across 420,000 customers.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Dark Reading
JULY 19, 2022
A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles.
Security Affairs
JULY 19, 2022
Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. Researchers from security firms Pradeo discovered multiple apps spreading the Joker Android malware.
Data Breach Today
JULY 21, 2022
Premint NFT Shares $500K Attack Details, Promises Compensation Premint NFT platform users became victims last weejend of one of the biggest NFT attacks ever. The company says an open-source vulnerability led to the compromise of its website, resulting in its users losing about $500,000 worth of blockchain assets.
eSecurity Planet
JULY 19, 2022
Discovered by malware hunter JAMESWT on Twitter, Lilith is ransomware designed to lock Windows machines. The malware exfiltrates data before encrypting the targeted devices to provide additional means of extortion. The ransom note contains the following ultimatum and instructions: Victims have three days to contact the threat actors on a hidden Onion website to pay the ransom.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Dark Reading
JULY 21, 2022
Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments.
Security Affairs
JULY 18, 2022
A synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack. Albania was hit by a massive cyberattack over the weekend, the government confirmed on Monday. A synchronized criminal attack from abroad hit the servers of the National Agency for Information Society (AKSHI), which handles many government services. “In order to withstand these unprecedented and dangerous strikes, we have been forced to close down go
Data Breach Today
JULY 20, 2022
Mihai Paunescu, aka Virus, Faces 3 Criminal Counts in Court The DOJ extradited from Colombia 37-year-old Mihai Ionut Paunescu, who faces criminal charges for allegedly running a "bulletproof" hosting service that helped cybercriminals launch malware attacks. He is set to undergo trial for conspiracy to commit computer intrusion, bank fraud and wire fraud.
Data Matters
JULY 18, 2022
Join Sidley and OneTrust DataGuidance for Part two of the “Data Regulation Ramps Up in Europe” webinar series, where our panel will discuss legislative proposals, including the Artificial Intelligence Act, the Data Act, and the Data Governance Act (DGA). In proposing these laws, the European Commission’s ambitious Digital and Data Strategy aims to address the legal, ethical, and technological complexities of AI, as well as the use of personal and non-personal data across the economy
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Troy Hunt
JULY 21, 2022
I broke Yoda's stick! 3D printing woes, and somehow I managed to get through the explanation without reverting to a chorus of My Stick by a Bad Lip Reading (and now you'd got that song stuck in your head). Loads of data breaches this week and whilst "legacy", still managed to demonstrate how bad some practices remain today (hi Shadi.com 👋).
Dark Reading
JULY 18, 2022
Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.
Data Breach Today
JULY 18, 2022
Also: CISA's 18% Budget Increase; Software Bill of Materials Challenges Venable's Grant Schneider and Jeremy Grant and ISMG editors discuss progress at the U.S. federal level in developing legislation for digital identity, the significance of an 18% increase in funding for CISA in fiscal year 2023 and the challenges of expanding the use of software bills of materials.
Threatpost
JULY 21, 2022
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
IT Governance
JULY 21, 2022
This week, we discuss NCSC and ICO advice to the legal profession, a new phishing campaign that bypasses multifactor authentication, and the huge increase in the number of ransomware and phishing attacks this year. Plus, we talk to Gary Hibberd about his new book, The Art of Cyber Security. Now available on Spotify , Amazon Music , Apple Podcasts and SoundCloud.
Hanzo Learning Center
JULY 19, 2022
When it comes to ediscovery and compliance, APIs can give users the ability to use 3rd party solutions to preserve, collect, and even cull data housed in a SaaS application; however, functionality is still limited to what the API is built to communicate. Even if an application has an API available, its design is often focused on the modification of objects and data rather than the creation of a consumable, universal format expected by legal and compliance teams.
Data Breach Today
JULY 16, 2022
Gang Targets Large Corporations Across the U.S., Europe and Asia The cybercriminals behind BlackCat ransomware have upgraded their arsenal by adding Brute Ratel, a pentesting tool with remote access features that are used by attackers. The group targets large corporations in different industry segments across the U.S., Europe and Asia.
KnowBe4
JULY 19, 2022
While multi-factor authentication (MFA) significantly reduces an organization’s threat surface by making the stealing of credentials much harder, a new attack takes advantage of phone calls as the second factor.
Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO
The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.
Security Affairs
JULY 21, 2022
Atlassian released security updates to address a critical security vulnerability affecting Confluence Server and Confluence Data Center. Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138. A remote, unauthenticated attacker can exploit the vulnerability to log into unpatched servers.
DLA Piper Privacy Matters
JULY 20, 2022
Authors: Alexa Smith , James Clark , Robyn Palmer , Jamie Sanderson. The UK Government has published its long-awaited ‘ Data Protection and Digital Information Bill ’. The Bill will reform areas of UK data protection and electronic privacy law, and will also introduce new regulatory frameworks, most notably in the field of digital identity verification.
Data Breach Today
JULY 21, 2022
Mihai Paunescu, aka Virus, Faces 3 Criminal Counts in Court The DOJ extradited from Colombia 37-year-old Mihai Ionut Paunescu, who faces criminal charges for allegedly running a "bulletproof" hosting service that helped cybercriminals launch malware attacks. He is set to undergo trial for conspiracy to commit computer intrusion, bank fraud and wire fraud.
Expert insights. Personalized for you.
244 
Let's personalize your content