Data Breach Today
JUNE 3, 2021
Low-Bandwidth Network Can Share Internet Connections Among Amazon Devices Internet of things security professionals are expressing concern over Amazon's new Sidewalk - a low-bandwidth network program that will allow some of the company's connected and IoT devices to share Wi-Fi access even outside an owner's home.
WIRED Threat Level
MAY 31, 2021
From NotPetya to SolarWinds, it’s a problem that’s not going away any time soon.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
JUNE 3, 2021
The National Security Council is sending a memo to U.S. companies urging them to take the ransomware threat more seriously as the Biden Administration ramps up its responses following recent attacks linked to Russia-based hacker groups on two major corporations. In the open letter dated June 3, Anne Neuberger, the NSC’s cybersecurity adviser, said that while the federal government is doing what it can to combat the accelerating threat, private sector organizations also play a crucial role.
Krebs on Security
MAY 29, 2021
Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here’s the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
JUNE 4, 2021
CISO Discusses Changing Security Culture in Organizations Mario Demarillas, CISO and head of IT consulting and software engineering at Exceture, in the Philippines, strikes a balance between securing his organization and its business offering in security.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
JUNE 3, 2021
The National Archives and Records Administration ( NARA ) and Office of Management and Budget ( OMB ) set forth the government-wide policy M-19-21 as a directive to progress how government records are managed. Read on to learn what this directive is, who it impacts, and seven factors necessary to achieve compliance. What Is M-19-21? Who Does M-19-21 Impact?
Security Affairs
JUNE 4, 2021
Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724 , that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724 , that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the It giant fixed the issue was addressed by the IT giant on May 24 with the release of macOS 11.4, iOS 14.6, and
Data Breach Today
JUNE 1, 2021
Vulnerability Affects Siemens SIMATIC S7-1200 and S7-1500 CPU Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks.
The Last Watchdog
JUNE 2, 2021
The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. Related: The importance of basic research. We’ve barely scratched the surface of applying artificial intelligence and advanced data analytics to the raw data collecting in these gargantuan cloud-storage structures erected by Amazon, Microsoft and Google.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
AIIM
JUNE 1, 2021
What is the future of work? That’s hard to say. But one thing seems certain: Disruption lies ahead. Driven by innovations in technology, shifting business strategies, and evolving definitions of success, the workplace is changing fast. As the adoption of things like process automation, AI, and Machine Learning continue to accelerate, so will the pace of change in the workplace.
Security Affairs
MAY 31, 2021
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as Kernel Patch Protection, is a software protection utility that has been designed to forbid the kernel of 64-bit versions of Windows OS from be
Data Breach Today
MAY 29, 2021
2022 Budget Proposal Seeks $750 Million for 'Lessons Learned' From SolarWinds The White House officially released its 2022 federal budget proposal on Friday, and the Biden administration is seeking to spend billions on cybersecurity next year, including $750 million for "lessons learned" from the SolarWinds attack. Officials also want to boost CISA's budget by $110 million.
Schneier on Security
JUNE 2, 2021
The New York Times has a long story on the DarkSide ransomware gang. A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month. DarkSide offers what is known as “ransomware as a service,” in which a malware developer charges a user fee to so-called affiliates like Woris, who may not have the technical skills to actually create ran
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
MAY 29, 2021
BravoMovies isn't real. But it puts in a remarkable amount of effort to convince you that it is.
Security Affairs
JUNE 4, 2021
Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware. Threat actors are actively scanning the Internet for VMware vCenter servers affected by a critical remote code execution (RCE) vulnerability tracked as CVE-2021-21985. The CVE-2021-21985 flaw is caused by the lack of input validation in the Virtual SAN ( vSAN ) Health Check plug-in, which is enabled by default in the vCenter Server.
Data Breach Today
JUNE 1, 2021
World's Largest Meat Supplier Says Servers Hit in North America and Australia The world's largest meat supplier, JBS, says an "organized cybersecurity attack" has led it to shut down servers in North America and Australia. Experts say a prolonged outage could have a noticeable impact on the global supply of meat. The company has yet to disclose if the attack involved ransomware.
Schneier on Security
JUNE 4, 2021
Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but we’re all on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The forty or so attendees include psychologists, economists, computer security researchers, sociologists, political scientists, criminologists, neuroscientists, des
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
JUNE 1, 2021
Hackers targeting JBS USA have disrupted meat processing facilities around the world, just one month after the Colonial Pipeline attack caused fuel distribution havoc.
Security Affairs
JUNE 2, 2021
Zero-day exploit broker Zerodium is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. Zero-day exploit broker Zerodium announced it is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. The company will pay up to $100,000 for zero-days in Pidgin, which is a free and open-source multi-platform instant messaging client.
Data Breach Today
JUNE 2, 2021
FireEye to Sell Product Line, Name to Private Equity FireEye announced on Wednesday the sale of its product line and name to Symphony Technology Group, a private equity group based in Palo Alto, for $1.2 billion. The deal means FireEye will be separated from Mandiant Solutions, its forensics unit that's often called upon after a data breach.
Troy Hunt
JUNE 3, 2021
Supporting national CERTs with free API domain searches across their assets is becoming an increasing focus for Have I Been Pwned and today I'm happy to welcome the 19th government on board, Belgium. As of now, the Centre for Cyber Security Belgium (CCB) has full access to query all their gov domains and gain deeper visibility into the impact of data breaches on their departments.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Schneier on Security
JUNE 1, 2021
The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end.
Security Affairs
MAY 30, 2021
Qihoo 360 NETLAB spotted a new backdoor dubbed Facefish that could allow attackers to take over Linux systems and steal sensitive data. Cybersecurity experts from Qihoo 360 NETLAB published details about a new backdoor, dubbed Facefish, which can be used by threat actors to steal login credentials and executing arbitrary commands on Linux systems. The malware was also analyzed by Juniper researchers who observed the use of an exploit against the Control Web Panel (CWP) server administration we
Data Breach Today
JUNE 3, 2021
Ransomware-as-a-Service Operation REvil - aka Sodinokibi - Has Been Making a Killing The FBI has attributed the ransomware attack against meat processing giant JBS to the REvil - aka Sodinokibi - ransomware-as-a-service operation. Security experts say the operation, which dates from 2019, appears to be run from Russia, and has been hitting increasingly large targets.
Threatpost
JUNE 2, 2021
On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Dark Reading
JUNE 2, 2021
Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders.
Security Affairs
JUNE 3, 2021
Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. Cisco has addressed multiple vulnerabilities in its products , including high-risk flaws in Webex Player, SD-WAN software, and ASR 5000 series software. The IT giant fixed three high-severity vulnerabilities (CVE-2021-1503, CVE-2021-1526, CVE-2021-1502) affecting Webex Player for Windows and macOS.
Data Breach Today
JUNE 4, 2021
Latest Rowhammer Technique Targets Design Flaws in Modern DRAM Chips Researchers at Google have identified a new Rowhammer exploit, dubbed Half-Double, which targets design flaws in some of the newer DRAM chips to alter their memory content.
Expert insights. Personalized for you.
251 
Let's personalize your content