2020, Government, Presentation and Security - Information Management Today

e-Records 2020 Call for Presentations

The Texas Record

AUGUST 20, 2020

This event is organized by the Texas State Library and Archives Commission (TSLAC) and co-sponsored with the Texas Department of Information Resources (DIR) to promote electronic records management in Texas government. TSLAC and DIR are looking for learner-focused presentations designed to engage virtual audiences.

Records Management

Records Management Communications Libraries Government

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Internet/Securence says your email is secure. Hold Security founder Alex Holden said his researchers had unearthed a public link to a U.S.

Education

Education Data breaches Government Security

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Nikita Kislitsin, at a security conference in Russia. Department of Justice. prison system.

Cybersecurity

Cybersecurity Passwords Government Security

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Security Buyers Are Consolidating Vendors: Gartner Security Summit

eSecurity Planet

JUNE 7, 2023

IT security buyers are consolidating vendors at an overwhelming rate, according to a speaker at this week’s Gartner Security & Risk Management Summit. ” Security Products Merge Into Platforms As part of that trend, security products are consolidating too, MacDonald said. .”

Security

Security Cloud Workplace security Cybersecurity

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Third-party governance.

Compliance

Compliance Risk Government Retail

Lampion malware v2 February 2020

Security Affairs

FEBRUARY 24, 2020

Several devices have been infected when the victims open the zip file downloaded from the URL embedded in the malicious email that lures the Portuguese Government Finance & Tax (ATA) , Energias de Portugal (EDP) , and more recently the DPD firm – an international parcel delivery service. Figure 1: Lampion malware email templates.

e-Delivery

e-Delivery Access Information Security Security

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

10, 2020, Citrix disclosed additional details about the incident. Shortly after Citrix initially disclosed the intrusion in March 2019, a little-known security company Resecurity claimed it had evidence Iranian hackers were responsible, had been in Citrix’s network for years, and had offloaded terabytes of data.

Passwords

Passwords Access Insurance Government

Thinking of Hiring or Running a Booter Service? Think Again.

Krebs on Security

JANUARY 17, 2023

The only work experience Dobbs listed on his resume was as a freelance developer from 2013 to the present day. Dobbs’s resume doesn’t name his booter service, but in it he brags about maintaining websites with half a million page views daily, and “designing server deployments for performance, high-availability and security.”

Government

Government IT Education Cybersecurity

Trojan Lampion is back after 3 months

Security Affairs

MAY 12, 2020

Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. The latest campaigns in Portugal were observed during February 2020, according to the threat indicators available at 0xSI_f33d – The Portuguese Abuse Open Feed.

Cloud

Cloud Government Access Phishing

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

OCTOBER 28, 2020

Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. ” The warning came less than 24 hours after this author received a tip from Alex Holden , founder of Milwaukee-based cyber intelligence firm Hold Security.

Ransomware

Ransomware Computer and Electronics Communications Cybersecurity

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. Tue, 12/22/2020 - 10:08. As a result, data has become a critical asset for companies and governments alike, as well as the primary target for nefarious actors and nation states. The problem is not limited to the requirements of GDPR.

Data Privacy

Data Privacy Privacy Security Encryption

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. ” We are glad to present you our services! All four pleaded guilty to conspiracy and racketeering charges.

Computer and Electronics

Computer and Electronics Passwords Sales Government

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

SEPTEMBER 23, 2020

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware. The researchers analyzed files (Course 5 – 16 October 2020.zipx)

Military

Military Government Encryption Communications

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. In November 2020, researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability.

Passwords

Passwords Cloud Security Cybersecurity

What Is DMARC Email Security Technology?

eSecurity Planet

JUNE 1, 2023

email domain providers and many corporate and government entities. The standard enables email security solutions and internet service providers (ISPs) to filter in “good” emails and improve their ability to filter out “bad” emails. government as part of the Department of Homeland Security (DHS) 18-01 binding operational directive.

Security

Security Authentication Phishing Marketing

10 Best CASB Security Vendors of 2022

eSecurity Planet

DECEMBER 17, 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. . Cloud access security brokers are increasingly a critical component of the Secure Access Service Edge (SASE) as edge and cloud security become the newest pain points.

Security

Security Cloud Risk Access

Malvertising Campaign Targets IoT Devices: GeoEdge

eSecurity Planet

AUGUST 9, 2021

A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers ad security and quality solutions to online and mobile advertisers. IoT a Security Concern.

IoT

IoT Cloud Mining Marketing

Welcome to Legaltech New York 2020!: eDiscovery Trends

eDiscovery Daily

FEBRUARY 3, 2020

There are several interesting sessions today related to eDiscovery, Information Governance, Cybersecurity and Data Privacy. In just 10 years the case law around eDiscovery AI & Analytics has exploded. Survey the key case law governing the application of machine learning to eDiscovery. Business of law implications.

Education

Education Data Privacy GDPR Compliance

Two FTC complaints that over-retention of personal data violates Section 5

Data Protection Report

FEBRUARY 13, 2024

The FTC’s complaint states: “From 2016 to the present, about 100 million unique devices sent Respondent location data each year.” (Complaint ¶ 5 (emphasis in original)) InMarket would share advertising revenue with developers that incorporated the InMarket SDK into their apps. Complaint ¶10.)

Personal data

Personal data Privacy Marketing Data collection

History Doesn’t Repeat Itself in Cyberspace

Thales Cloud Protection & Licensing

AUGUST 22, 2019

With publicly announced plans to defend the 2020 elections from foreign interference, along with authorization to operate against overseas adversaries, it seems likely that the Cyber Command is stepping up its cyber warfare game, as it should. But will investment in its own technology infrastructure be commensurate with risks it faces?

Digital transformation

Digital transformation Encryption Risk Cybersecurity

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Business ID Theft Soars Amid COVID Closures

Krebs on Security

JULY 27, 2020

For 2020, the company estimates an overall 258 percent spike in the crime. based cyber intelligence firm Hold Security has been monitoring the communications between and among a businesses ID theft gang apparently operating in Georgia and Florida but targeting businesses throughout the United States. ” PHANTOM OFFICES. .

Energy and Utilities

Energy and Utilities Computer and Electronics Insurance Risk

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

43R — Loan-Backed and Structured Securities (SSAP No. 43R and proposed revisions to the reporting guidance are the most recent revisions exposed as part of the continuing work by the SAP Working Group to establish principle-based guidance for determining which securities qualify as a bond. 1. NAIC to Develop New Privacy Model Law.

Insurance

Insurance Paper Privacy Risk

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware

Ransomware Encryption Insurance Cloud

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

On Monday, January 24, 2022, in a speech at the Northwestern University Pritzker School of Law annual Securities Regulation Institute conference, Gary Gensler, Chair of the U.S. He also signaled the SEC’s continued focus on enforcement and cooperation with other law enforcement agencies.

Cybersecurity

Cybersecurity Marketing Risk Compliance

What Happens to Whistleblowers After They Blow the Whistle?

Security Affairs

AUGUST 30, 2018

On the darker side, 10 percent eventually attempted suicide as a result of their actions. Presenting the issue in a court of law adds weeks — and sometimes months or years — to the otherwise straightforward task of whistleblowing. Their government recently decided to extend his right to asylum until 2020 at the earliest.

Cybersecurity

Cybersecurity Government Security IT

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

Data Matters

JULY 22, 2020

As previously analyzed in an article by these authors published on January 20, 2020, the LGPD’s provisions require a great deal of compliance effort from all organizations that are subject to the law. Compliance Costs and the 2020 Crisis. To that end, on April 29, 2020, the Brazilian President signed executive order n.

Marketing

Marketing Compliance Personal data GDPR

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The document presents itself as a request for a DSOP FUND (Defence Services Officers Provident Fund ). The money is kept by the government and in return, a “non-permanent” profit officially titled as “interest” is given back to the officers at the end of each year. Static information about the malicious macro. Pierluigi Paganini.

Military

Military Communications Encryption IT

Is Your Ability to Stay Current with eDiscovery in “Jeopardy”? Check Out This Conference: eDiscovery Best Practices

eDiscovery Daily

FEBRUARY 23, 2020

As you can always expect from the U-Fla conference, there are a veritable plethora of expert presenters , including Craig Ball, George Socha, Tom O’Connor, Scott Milner, Kelly Twigger, Tessa Jacobs, David Horrigan, Canaan Himmelbaum, Suzanne Clark and Julie Brown, among others. It’s the best one-day educational conference of the year!

e-Discovery

e-Discovery Education Privacy Data Privacy

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

At present, the most important area of relevance around AI for cybersecurity is content generation. Security awareness training still has a place to play here." Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore.

Phishing

Phishing Security awareness Insurance Cybersecurity

EU Council Agrees on Proposed ePrivacy Regulation

Data Matters

MARCH 10, 2021

On February 10, 2021, the Council of the European Union (which includes representatives of the European Union (EU) member states, hereinafter Council) reached an agreement on the ePrivacy Regulation proposal that governs the protection of privacy and confidentiality of electronic communications services (ePrivacy Regulation).

GDPR

GDPR Metadata Communications Privacy

Weekly podcast: Bank of England, the OPM, Patch Tuesday and Japanese minister

IT Governance

NOVEMBER 16, 2018

This week, we discuss a Bank of England cyber resilience exercise, the latest cyber security news from the US Office of Personnel Management, the highlights of this month’s Patch Tuesday, and a surprising admission by a Japanese cyber security minister. Hello and welcome to the IT Governance podcast for Friday, 16 November.

Encryption

Encryption Risk Passwords Government

Guarding Against Solorigate TTPs

eSecurity Planet

FEBRUARY 3, 2021

A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. This update touches on the newly detected malware , attack vectors to guard against, and why the targeting of security vendors is a critical development in cybersecurity.

Cybersecurity

Cybersecurity Access Authentication Cloud

Regulatory Update: NAIC Fall 2020 National Meeting

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. 43R —Loan-Backed and Structured Securities. As a result of the continuing COVID-19 pandemic, the NAIC once again met in a virtual format. 25 — Affiliates and Other Related Parties; SSAP No.

Insurance

Insurance Paper Risk Analytics

Leveraging generative AI on AWS to transform life sciences

IBM Big Data Hub

JULY 19, 2023

Leveraging generative AI to augment human team capabilities presents an opportunity for Clients to reduce costs by 30%-50%, while accelerating time to market related to this process by at least 50% and improving scalability, quality, and consistency of generated reports. in 10 years, from 2012 to 2022.

Marketing

Marketing Manufacturing Analytics Compliance

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. The new “ Hi-Tech Crime Trends 2019/2020 ” report describes attacks on various industries and critical infrastructure facilities, as well as campaigns aimed at destabilization of the Internet in certain countries.

IT

IT Military Cybersecurity Phishing

Part 2: OMG! Not another digital transformation article! Is it about the evolution from RIM to Content Services?

ARMA International

SEPTEMBER 22, 2021

Humans have used technology to transform their societies from prehistoric times up to the present. Finally, Part 3 will look to the future, will present next steps, and will discuss key takeaways. COLD is a “technology that records and then stores computer-generated data onto optical disks for online access” (ARMA 2016, p 10).

Digital transformation

Digital transformation Content services IT e-Discovery

Debut of the Texas State Records Retention Schedule (RRS): 5th Edition – 5/10/2020

The Texas Record

MAY 1, 2020

On May 10, 2020 , the newest and fifth-est edition of the Texas State Records Retention Schedule (RRS) will go live! Local governments in Texas should continue following local retention schedules. This means that all of your records, whether they were created before or after May 10, will be subject to the new retention rules.

Computer and Electronics

Computer and Electronics Insurance Sales Paper

OCR Provides Insight into Enforcement Priorities and Breach Trends

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework. OCR chooses cases based on perceived importance and message.

Risk

Risk Compliance Privacy Phishing

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The CCPA goes into effect January 1, 2020. The CCPA governs how businesses treat “consumer” “personal information.” CCPA Background.

Privacy

Privacy Sales Education Compliance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The CCPA goes into effect January 1, 2020. The CCPA governs how businesses treat “consumer” “personal information.” CCPA Background.

Privacy

Privacy Sales Compliance Cybersecurity

The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years

Security Affairs

MARCH 13, 2022

This piece of malware is known for the usage of the Portuguese Government Finance & Tax (Autoridade Tributária e Aduaneira) email templates to lure victims to install the malicious loader (a VBS file). The next figure presents the structure of the Lampions’ VBS loader after the cleaning and deobfuscation process.

Passwords

Passwords IT Information Security Government

Threat Report Portugal: Q3 2020

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Threat Report Portugal: Q3 2020 compiles data collected on the malicious campaigns that occurred from July to August, Q3, of 2020. Phishing and Malware Q3 2020. Malware by Numbers.

Phishing

Phishing Retail Security awareness Data collection

e-Records 2020 Call for Presentations

U.S. Internet Leaked Years of Internal, Customer Emails

Webinars

Trending Sources

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Webinars

Security Buyers Are Consolidating Vendors: Gartner Security Summit

Top 10 Governance, Risk and Compliance (GRC) Vendors

Lampion malware v2 February 2020

Hackers Were Inside Citrix for Five Months

Thinking of Hiring or Running a Booter Service? Think Again.

Trojan Lampion is back after 3 months

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Russia-linked APT28 targets govt bodies with fake NATO training docs

China-linked APT10 Target Taiwan’s financial trading industry

What Is DMARC Email Security Technology?

10 Best CASB Security Vendors of 2022

Malvertising Campaign Targets IoT Devices: GeoEdge

Welcome to Legaltech New York 2020!: eDiscovery Trends

Two FTC complaints that over-retention of personal data violates Section 5

History Doesn’t Repeat Itself in Cyberspace

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Business ID Theft Soars Amid COVID Closures

Regulatory Update: NAIC Summer 2022 National Meeting

Ransomware Protection in 2021

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

What Happens to Whistleblowers After They Blow the Whistle?

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Is Your Ability to Stay Current with eDiscovery in “Jeopardy”? Check Out This Conference: eDiscovery Best Practices

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

EU Council Agrees on Proposed ePrivacy Regulation

Weekly podcast: Bank of England, the OPM, Patch Tuesday and Japanese minister

Guarding Against Solorigate TTPs

Regulatory Update: NAIC Fall 2020 National Meeting

Leveraging generative AI on AWS to transform life sciences

Group-IB presents its annual report on global threats to stability in cyberspace

Part 2: OMG! Not another digital transformation article! Is it about the evolution from RIM to Content Services?

Debut of the Texas State Records Retention Schedule (RRS): 5th Edition – 5/10/2020

Top IoT Security Solutions of 2021

OCR Provides Insight into Enforcement Priorities and Breach Trends

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years

Threat Report Portugal: Q3 2020

Stay Connected