Data Breach Today
MARCH 23, 2022
Bulletin Reportedly Issued Just Days Before Biden Warned of Cyber Activity Just days before U.S. President Joe Biden warned that intelligence is pointing toward potential Russian cyberattacks against the U.S., the FBI reportedly issued an urgent bulletin contending that Russian IP addresses have conducted network scanning activity on at least five U.S. energy firms.
Krebs on Security
MARCH 17, 2022
Researchers are tracking a number of open-source “ protestware ” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
MARCH 14, 2022
When was the last time you read an online privacy policy in its entirety? Perhaps, never? Yet our world has moved online. We have on average 67 applications on our mobile phones, seven social media accounts and more than 120 online accounts. But these accounts are not all about networking and games. Related: What happened to privacy in 2021. COVID crisis has forced us to work remotely.
Security Affairs
MARCH 17, 2022
The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days. Yesterday Anonymous announced the hack of the website of the Ministry of Emergencies of Russia, the hackers defaced them and published the message: “Don’t t
Speaker: Frank Taliano
Document-heavy workflows slow down productivity, bury institutional knowledge, and drain resources. But with the right AI implementation, these inefficiencies become opportunities for transformation. So how do you identify where to start and how to succeed? Learn how to develop a clear, practical roadmap for leveraging AI to streamline processes, automate knowledge work, and unlock real operational gains.
WIRED Threat Level
MARCH 18, 2022
Members of the Conti ransomware group may act in Russia’s interest, but their links to the FSB and Cozy Bear hackers appear ad hoc.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 15, 2022
Researcher in Belarus Says Bug Bounty Through HackerOne Is Sole Income Sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers signed up with bug bounty platforms, which can no longer legally make payments. A researcher in Belarus says he's locked out from accessing $25,179 in his HackerOne account.
Krebs on Security
MARCH 11, 2022
As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. John Todd is general manager of Quad9 , a free “anycast” DNS platform.
The Last Watchdog
MARCH 17, 2022
Cybersecurity tools evolve towards leveraging machine learning (ML) and artificial intelligence (AI) at ever deeper levels, and that’s of course a good thing. However, we often see results that feel cookie cutter and counter-productive, raising the question: can AI really do as good of a job as a human? Related: Business logic hacks plague websites.
Security Affairs
MARCH 10, 2022
The U.S. CISA has updated the alert on Conti ransomware and added 98 domain names used by the criminal gang. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware operations, the agency added 100 domain names used by the group. The joint report published by CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) in September warned of an increased number of Conti ransomware attacks against US organizations.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
WIRED Threat Level
MARCH 2, 2022
Cybercriminals are exploiting a fleet of more than 100,000 misconfigured servers to knock websites offline.
AIIM
MARCH 14, 2022
There are some chores I love, many I don’t mind, and a few that sap my will to live. Folding laundry falls into the soul-crushing category. I’ve tried doing it while I watch the Price is Right or rock out to Taylor Swift (yes, she’s my guilty pleasure!), but nothing distracts me from the monotony of that task. And my least favorite part about it has always been trying to match the socks.
Data Breach Today
MARCH 15, 2022
Despite Russian Aggression, Distributed Denial-of-Service Attacks Remain Illegal With Ukraine having called on the world to join its "IT Army" and help it hack Russia and ally Belarus, what could possibly go wrong? For starters, launching distributed denial-of-service attacks - at least from outside Ukraine - remains illegal and risks triggering an escalation by Moscow.
Krebs on Security
MARCH 8, 2022
Lumen Technologies , an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent , and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukr
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
The Last Watchdog
MARCH 31, 2022
Cybersecurity has never felt more porous. You are no doubt aware of the grim statistics: •The average cost of a data breach rose year-over-year from $3.86 million to $4.24 million in 2021, according to IBM. •The majority of cyberattacks result in damages of $500,000 or more, Cisco says. •A sobering analysis by Cybersecurity Ventures forecasts that the global cost of ransomware attacks will reach $265 billion in 2031. • The FBI reports that 3,000-4,000 cyberattacks are counted each day.
Security Affairs
MARCH 5, 2022
Anonymous and its affiliates continue to target Russia and Belarus, it is also targeting the Russian disinformation machine. Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. The attacks were conducted as part of the #OpRussia launched by the collective after the violent and illegitimate invasion of Ukraine.
WIRED Threat Level
MARCH 19, 2022
The author of a popular application pushed out an update containing malicious code in an effort to sabotage computers in the country.
Security Affairs
MARCH 15, 2022
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778 , that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researchers Tavis Ormandy.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
MARCH 17, 2022
Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured an unknown ELF file that was spreading by exploiting the Log4J vulnerability.
Security Affairs
MARCH 18, 2022
Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset.
Security Affairs
MARCH 25, 2022
Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia. This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. The group of hacktivists announced that will leak the stolen documents in 48 hours. Anonymous hacks Russia's Central Bank and more than 35,000 files will be exposed in 48 hours. pic.twitter.com/0VUhqVmo89 — Anonymous (@LatestAnonPres
Security Affairs
MARCH 16, 2022
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Original post at [link]. Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. However, his experiment is a perfect example of how poor cyber hygiene can leave organizations vulnerable to cyber attacks.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
MARCH 15, 2022
Critical Infrastructure Defense Project From Cloudflare, CrowdStrike, Ping Identity As Western cybersecurity officials warn that Russia's Ukraine invasion poses an elevated cybersecurity risk to all, kudos to Cloudflare, CrowdStrike and Ping Identity for offering free endpoint security and other defenses to the healthcare sector and power sectors, for at least four months.
Security Affairs
MARCH 15, 2022
Veeam addressed two critical vulnerabilities impacting the Backup & Replication product for virtual environments. Veeam has released security patches to fix two critical vulnerabilities, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS score of 9.8), impacting the Backup & Replication solution for virtual environments. The solution implements data backup and restore capabilities for virtual machines running on Hyper-V, vSphere, VMware, Windows & Linux servers, laptops, NAS and more
Security Affairs
MARCH 17, 2022
Microsoft released an open-source tool to secure MikroTik routers and check for indicators of compromise for Trickbot malware infections. Microsoft has released an open-source tool, dubbed RouterOS Scanner, that can be used to secure MikroTik routers and check for indicators of compromise associated with Trickbot malware infections. “This analysis has enabled us to develop a forensic tool to identify Trickbot-related compromise and other suspicious indicators on MikroTik devices.
Security Affairs
MARCH 25, 2022
Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed an actively exploited high-severity zero-day vulnerability with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug, tracked as CVE-2022-1096, exploited in the wild.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
MARCH 24, 2022
The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. The popular hacker collective claims to have compromised the systems of the Central Bank of Russia and stole 35,000 files, it announced that will leak it it in 48 hours.
Data Breach Today
MARCH 25, 2022
FBI Puts Russian Carder on the Most Wanted List of Cybercriminals The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.
Data Breach Today
MARCH 30, 2022
Nonprofit Managed Care Provider Allegedly Hit by Hive Ransomware An apparent ransomware attack and alleged data theft by the Hive cybercriminal group has left Partnership HealthPlan of California struggling to recover its IT services for more than a week. The nonprofit says it is unable to receive or process treatment authorization requests.
Expert insights. Personalized for you.
362 
Let's personalize your content