Security Affairs
DECEMBER 27, 2021
Researchers analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco that spreads through fake Google Play Store pages. Researchers from threat intelligence firm Cyble analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco trying to perform fraudulent financial transactions on the legitimate Itaú Unibanco applications without the victim’s knowledge.
Dark Reading
DECEMBER 27, 2021
To protect their staffers, leaders should focus on identifying and alleviating root causes of burnout.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
DECEMBER 26, 2021
Apple recently addressed fixed a flaw in the macOS that could be potentially exploited by an attacker to bypass Gatekeeper security feature. Apple recently addressed a vulnerability in the macOS operating system, tracked as CVE-2021-30853, that could be potentially exploited by an attacker to bypass the Gatekeeper security feature and run arbitrary code.
The Last Watchdog
DECEMBER 30, 2021
Workforce management software ( WFM ) is an essential tool companies across industries can use to organize their workforce, track employee work and performance, forecast labor demand, and create schedules for employees. Related: Turning workers into security security sensors. Most, if not all, WFM software is chock full of features that makes managing a workforce more efficient and effortless for top management.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
DECEMBER 31, 2021
This development suprises no one who has been paying attention: Researchers now believe AirTags, which are equipped with Bluetooth technology, could be revealing a more widespread problem of tech-enabled tracking. They emit a digital signal that can be detected by devices running Apple’s mobile operating system. Those devices then report where an AirTag has last been seen.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 30, 2021
A previously unknown rootkit, dubbed iLOBleed, was used in attacks aimed at HP Enterprise servers that wiped data off the infected systems. iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems.
Threatpost
DECEMBER 28, 2021
Security flaws in the recently released Fisher-Price Chatter Bluetooth telephone can allow nearby attackers to spy on calls or communicate with children using the device.
eSecurity Planet
DECEMBER 29, 2021
MITRE ATT&CK (“miter attack”) is an up-to-date and widely-used knowledge base that focuses on how attackers think and operate. It’s based on practical use cases, so companies can better evaluate security issues and get examples of common tactics and techniques used by threat actors. ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) documents adversary behaviors to be used by red teams (e.g., for pentesting ) but also by defenders who want to understand “the conte
Dark Reading
DECEMBER 28, 2021
Severe flaws in Microsoft Exchange and Windows Print Spooler stood out amid a wide range of vulnerabilities security teams were forced to prioritize in 2021.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
DECEMBER 26, 2021
The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday, but according to the company the security breach had a limited impact on its operations. Inetum is an agile IT services company that provides digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.
Threatpost
DECEMBER 29, 2021
Jason Kent, hacker-in-residence at Cequence Security, discusses sneaky shopping bot tactics (i.e., domain parking) seen in a mass campaign, and what retail security teams can do about them.
The Texas Record
DECEMBER 28, 2021
The records management assistance unit has launched a Records Management Guidance Library , consisting of one page quick guides on hot topics and frequently asked questions. [link]. The first three topics covered in this newly launched training library are: Social Media Records Email Records Imaging & Scanning. New guides will be published based on popular demand.
Dark Reading
DECEMBER 30, 2021
Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
DECEMBER 31, 2021
Researchers devised a series of attacks against SSDs that could allow to implant malware in a location that is not monitored by security solutions. Korean researchers devised a series of attacks against solid-state drives (SSDs) that could allow to implant malware in specific memory locations bypassing security solutions. The attacks work against drives with flex capacity features and allow to implant a malicious code in a hidden area of SSDs called over-provisioning.
Threatpost
DECEMBER 30, 2021
Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs.
Hunton Privacy
DECEMBER 30, 2021
On December 15, 2021, the New Jersey Acting Attorney General Andrew J. Bruck announced that its Division of Consumer Affairs had reached a $425,000 settlement with New Jersey-based providers of cancer care, Regional Cancer Care Associates LLC, RCCA MSO LLC and RCCA MD LLC (collectively, “RCCA”), over alleged failures to adequately safeguard patient data.
Data Matters
DECEMBER 28, 2021
On December 10, the Federal Trade Commission (FTC) announced it is considering a rulemaking on commercial Artificial Intelligence (AI). The purpose of the rulemaking, according to an advanced notice of proposed rulemaking (ANPRM) titled “ Trade Regulation in Commercial Surveillance ,” would be “to curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.”.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
DECEMBER 31, 2021
The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The service now includes credentials for 441K accounts stolen by the popular info-stealer.
Threatpost
DECEMBER 30, 2021
Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
The Security Ledger
DECEMBER 29, 2021
In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source library. Mark talks about how the Internet community can come together ahead of the next vulnerability to make sure the. Read the whole entry. » Click the icon below to listen.
Dark Reading
DECEMBER 29, 2021
Don't think of zero trust as a product. Think of it as "how you actually practice security.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
DECEMBER 29, 2021
The Apache Software Foundation released Log4j 2.17.1 version to address recently discovered arbitrary code execution flaw tracked as CVE-2021-44832. The Apache Software Foundation released Log4j 2.17.1 version to address a recently discovered arbitrary code execution flaw, tracked as CVE-2021-44832, affecting Log4j 2.17.0. CVE-2021-44832 is the fifth vulnerability discovered in the popular library in the last weeks.
Threatpost
DECEMBER 29, 2021
Here’s what cybersecurity watchers want infosec pros to know heading into 2022. .
Troy Hunt
DECEMBER 30, 2021
2021 Dumpster fire? Harsh, but fair and I shall keep this 3D-printed reminder handy and hope I don't end up needing to print a 2022 version! So many times throughout this week's video I came back to that theme. But hey, there was some positive stuff too, not least the bits about some of the wonderful organisations I've worked with this year, bought products from or otherwise just been a big part of my digital life in 2021.
Dark Reading
DECEMBER 29, 2021
That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
DECEMBER 27, 2021
A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. Users reported numerous compromises of their devices a few days before Christmas. According to BleepingComputer , forum users reported an intensification of the attacks since December 20, the analysis of submissions to the ID ransomware service for this specific threat started to increase on
Threatpost
DECEMBER 28, 2021
The year wasn't ALL bad news. These sometimes cringe-worthy/sometimes laughable cybersecurity and other technology stories offer schadenfreude and WTF opportunities, and some giggles.
IG Guru
DECEMBER 27, 2021
Save the Dates! Thursday, January 20, 2022, 12-1 pm (Mid-Michigan ARMA) Eric Hemenway from the Little Traverse Bay Bands of Odawa Indians Department of Repatriation, Archives and Records on how tribal archives work Thursday, February 17, 2022, 12-1 pm (West Michigan) Presentation from Nuclear Information & Records Management Association (NIRMA) Thursday, March 17, 2022, 12-1 […].
Expert insights. Personalized for you.
144 
Let's personalize your content