Data Breach Today
JUNE 3, 2021
Low-Bandwidth Network Can Share Internet Connections Among Amazon Devices Internet of things security professionals are expressing concern over Amazon's new Sidewalk - a low-bandwidth network program that will allow some of the company's connected and IoT devices to share Wi-Fi access even outside an owner's home.
WIRED Threat Level
MAY 31, 2021
From NotPetya to SolarWinds, it’s a problem that’s not going away any time soon.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
JUNE 3, 2021
The National Security Council is sending a memo to U.S. companies urging them to take the ransomware threat more seriously as the Biden Administration ramps up its responses following recent attacks linked to Russia-based hacker groups on two major corporations. In the open letter dated June 3, Anne Neuberger, the NSC’s cybersecurity adviser, said that while the federal government is doing what it can to combat the accelerating threat, private sector organizations also play a crucial role.
Krebs on Security
MAY 29, 2021
Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here’s the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
JUNE 4, 2021
CISO Discusses Changing Security Culture in Organizations Mario Demarillas, CISO and head of IT consulting and software engineering at Exceture, in the Philippines, strikes a balance between securing his organization and its business offering in security.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
JUNE 3, 2021
The National Archives and Records Administration ( NARA ) and Office of Management and Budget ( OMB ) set forth the government-wide policy M-19-21 as a directive to progress how government records are managed. Read on to learn what this directive is, who it impacts, and seven factors necessary to achieve compliance. What Is M-19-21? Who Does M-19-21 Impact?
Security Affairs
JUNE 4, 2021
Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724 , that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724 , that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the It giant fixed the issue was addressed by the IT giant on May 24 with the release of macOS 11.4, iOS 14.6, and
Data Breach Today
JUNE 1, 2021
World's Largest Meat Supplier Says Servers Hit in North America and Australia The world's largest meat supplier, JBS, says an "organized cybersecurity attack" has led it to shut down servers in North America and Australia. Experts say a prolonged outage could have a noticeable impact on the global supply of meat. The company has yet to disclose if the attack involved ransomware.
The Last Watchdog
JUNE 2, 2021
The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. Related: The importance of basic research. We’ve barely scratched the surface of applying artificial intelligence and advanced data analytics to the raw data collecting in these gargantuan cloud-storage structures erected by Amazon, Microsoft and Google.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
AIIM
JUNE 1, 2021
What is the future of work? That’s hard to say. But one thing seems certain: Disruption lies ahead. Driven by innovations in technology, shifting business strategies, and evolving definitions of success, the workplace is changing fast. As the adoption of things like process automation, AI, and Machine Learning continue to accelerate, so will the pace of change in the workplace.
Security Affairs
JUNE 4, 2021
Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware. Threat actors are actively scanning the Internet for VMware vCenter servers affected by a critical remote code execution (RCE) vulnerability tracked as CVE-2021-21985. The CVE-2021-21985 flaw is caused by the lack of input validation in the Virtual SAN ( vSAN ) Health Check plug-in, which is enabled by default in the vCenter Server.
Data Breach Today
MAY 29, 2021
Sophos Says Epsilon Red Extorted $210,000 From One Victim A newly uncovered ransomware variant dubbed 'Epsilon Red' is targeting organizations in the US hospitality sector, with the threat actor successfully extorting $210,000 from one of its victims, a new report by security firm Sophos notes.
Schneier on Security
JUNE 2, 2021
The New York Times has a long story on the DarkSide ransomware gang. A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month. DarkSide offers what is known as “ransomware as a service,” in which a malware developer charges a user fee to so-called affiliates like Woris, who may not have the technical skills to actually create ran
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Troy Hunt
JUNE 3, 2021
Supporting national CERTs with free API domain searches across their assets is becoming an increasing focus for Have I Been Pwned and today I'm happy to welcome the 19th government on board, Belgium. As of now, the Centre for Cyber Security Belgium (CCB) has full access to query all their gov domains and gain deeper visibility into the impact of data breaches on their departments.
Security Affairs
MAY 31, 2021
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as Kernel Patch Protection, is a software protection utility that has been designed to forbid the kernel of 64-bit versions of Windows OS from be
Data Breach Today
JUNE 3, 2021
Ransomware-as-a-Service Operation REvil - aka Sodinokibi - Has Been Making a Killing The FBI has attributed the ransomware attack against meat processing giant JBS to the REvil - aka Sodinokibi - ransomware-as-a-service operation. Security experts say the operation, which dates from 2019, appears to be run from Russia, and has been hitting increasingly large targets.
Schneier on Security
JUNE 4, 2021
Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but we’re all on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The forty or so attendees include psychologists, economists, computer security researchers, sociologists, political scientists, criminologists, neuroscientists, des
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
JUNE 3, 2021
This week I met with Deep Instinct , one of the most advanced deep learning security firms out of Israel. As you’d expect, ever since the Colonial Pipeline breach , their business has gone vertical, and news of more attacks this week will likely continue that growth. A recent $100 million investment leaves them well positioned to capitalize on that interest.
Security Affairs
JUNE 2, 2021
Zero-day exploit broker Zerodium is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. Zero-day exploit broker Zerodium announced it is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. The company will pay up to $100,000 for zero-days in Pidgin, which is a free and open-source multi-platform instant messaging client.
Data Breach Today
JUNE 3, 2021
Company Shut Down Part of Its Network That Was Compromised Japanese conglomerate Fujifilm has shut down part of its network after it was compromised in a suspected ransomware attack, the company said in an update on Wednesday. The attack is the latest in a series of ransomware incidents targeting multinational companies.
Schneier on Security
JUNE 1, 2021
The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Threatpost
JUNE 2, 2021
On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled.
Security Affairs
MAY 30, 2021
Interpol has intercepted $83 million in illicit funds transferred from victims to the accounts used by crooks. An operation conducted by Interpol, codenamed HAECHI-I, conducted by more than 40 officers in the Asia Pacific region over six months period allowed to intercept a total of USD 83 million in illicit funds transferred from victims to the cybercriminals.
Data Breach Today
JUNE 2, 2021
Vulnerabilities Could Have Enabled Malware Installation Vulnerabilities in some antivirus software could have enabled attackers to install malware and deactivate anti-ransomware protection to take over software controls, academic researchers say.
Adam Levin
JUNE 4, 2021
You would think that ExaGrid, a backup appliance and anti-ransomware service might know how to avoid ransomware, but it was hit. . According to the company’s website, “ExaGrid offers a unique approach to ensure that attackers cannot compromise the backup data, allowing organizations to be confident that they can restore the affected primary storage and avoid paying ugly ransoms.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Threatpost
JUNE 3, 2021
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.
Security Affairs
JUNE 2, 2021
A critical zero-day vulnerability in the Fancy Product Designer WordPress plugin exposes more than 17,000 websites to attacks. Researchers from the Wordfence team at WordPress security company Defiant warn that a critical zero-day vulnerability, tracked as CVE-2021-24370, in the Fancy Product Designer WordPress plugin is actively exploited in the wild.
Data Breach Today
JUNE 1, 2021
Vulnerability Affects Siemens SIMATIC S7-1200 and S7-1500 CPU Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks.
Expert insights. Personalized for you.
221 
Let's personalize your content