Krebs on Security

MARCH 8, 2022

Lumen Technologies , an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent , and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukr

Military 318

Military Government Risk Business Services 318

The Last Watchdog

MARCH 7, 2022

As companies accelerate their reliance on agile software development, cloud-hosted IT infrastructure and mobile applications, vulnerability management (VM) has an increasingly vital security role to play. Related: Log4j vulnerability translates into vast exposures. Not only does VM contribute to the safety and security of an organization’s network and infrastructure, it also helps ensure infrastructure performance is optimized.

Data breaches 229

Data breaches Cloud Risk Cybersecurity 229

Dark Reading

MARCH 8, 2022

In a deal worth $5.4 billion, Google would expand its security portfolio with managed detection and response (MDR) and threat intelligence, with an increasing focus on automation.

Security 118

Security IT 118

AIIM

MARCH 7, 2022

Companies are dealing with more data than ever before. In a complex IT environment, the challenge of maximizing the value of that data can be daunting. Everyone in an organization wants to excel, but many do not have holistic approaches for measuring the ongoing status and enhancement of their business data. Not doing so can result in lower overall company performance, incomplete or incorrect data to drive decisions, and undue stress, driving lower overall employee satisfaction.

B2C 162

B2C B2B Government Manufacturing 162

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. John Todd is general manager of Quad9 , a free “anycast” DNS platform.

Phishing 298

Phishing Military Government Data collection 298

Security Affairs

MARCH 5, 2022

Anonymous and its affiliates continue to target Russia and Belarus, it is also targeting the Russian disinformation machine. Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. The attacks were conducted as part of the #OpRussia launched by the collective after the violent and illegitimate invasion of Ukraine.

Passwords 145

Passwords Government Military Authentication 145

IT Governance

MARCH 8, 2022

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. This month, we look at a phishing attack targeting Ukrainian citizens, the latest campaign imitating Tesco and a warning from HSBC. Ukrainian citizens targeted by phishing attacks.

Phishing 141

Phishing Military Access Education 141

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies , what it was like on a typical day at the Conti office , and how Conti secured the digital weaponry used in their attacks.

Ransomware 234

Ransomware Mining Blockchain Sales 234

Troy Hunt

MARCH 9, 2022

I have lots of little ideas for various pet projects, most of which go nowhere ( Have I Been Pwned being the exception), so I'm always looking for the fastest, cheapest way to get up and running. Last month as part of my blog post on How Everything We're Told About Website Identity Assurance is Wrong , I spun up a Cloudflare Pages website for the first time and hosted digicert-secured.com there (the page has a seal on it so you know you can trust it).

Passwords 138

Passwords Access IT Cybersecurity 138

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

MARCH 10, 2022

The U.S. CISA has updated the alert on Conti ransomware and added 98 domain names used by the criminal gang. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware operations, the agency added 100 domain names used by the group. The joint report published by CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) in September warned of an increased number of Conti ransomware attacks against US organizations.

Ransomware 145

Ransomware Cybersecurity Security Access 145

Schneier on Security

MARCH 7, 2022

An Alexa can respond to voice commands it issues. This can be exploited : The attack works by using the device’s speaker to issue voice commands. As long as the speech contains the device wake word (usually “Alexa” or “Echo”) followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy’s University of Catania found.

Paper 136

Paper Access IT 136

eSecurity Planet

MARCH 7, 2022

A SaaS security company says a spike in cyber attacks from Russia and China in recent weeks suggests the two countries may be coordinating their cyber efforts. SaaS Alerts, which helps managed service providers (MSPs) manage and protect customers’ SaaS apps, mentioned the finding in conjunction with the release of its annual SaaS Application Security Insights (SASI) report. “Over the last several weeks, SaaS Alerts has seen a sharp rise in activity from countries with consistently hi

Security 134

Security Risk Military Cybersecurity 134

Jamf

MARCH 8, 2022

Introducing Jamf School of Thought, a monthly "blogcast" for educators featuring interviews with key leaders in K-12 and higher education. Listen and participate live or catch up with on-demand installments to learn about new solutions and workflows transforming the presence of Jamf + Apple in the classroom.

Education 131

Education 131

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Matters

MARCH 7, 2022

On 23 February 2022, the European Commission ( Commission ) proposed a draft of a regulation on harmonised rules on fair access to and use of data – also known as the Data Act. The Data Act is intended to “ ensure fairness in the digital environment, stimulate a competitive data market, open opportunities for data-driven innovation and make data more accessible for all ”.

Big data 114

Big data Artificial Intelligence Cloud Manufacturing 114

Schneier on Security

MARCH 10, 2022

It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I can tell, the only thing that worked was the disabling of regional KA-SAT SATCOM terminals. It’s probably too early to reach any conclusions, but people are starting to write about this, with varying theories.

IT 121

IT 121

eSecurity Planet

MARCH 8, 2022

The average internet user has somewhere around 100 accounts, according to NordPass research, meaning they have to track 100 different passwords or risk using the same one over and over. Users looking to increase their security without the burden of remembering all those passwords typically turn to password managers to keep their accounts secure. In the last year, we’ve taken an extensive look at the market for password managers, and here we’ll compare Bitwarden and 1Password to help

Passwords 131

Passwords Encryption GDPR Compliance 131

Security Affairs

MARCH 11, 2022

The Anonymous collective continues to launch attacks against Russian entities, this is a summary of recent offensives. Anonymous announced to have hacked the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, also known as Roskomnadzor. The agency is responsible for monitoring, controlling and censoring Russian mass media and according to Anonymous, it is controlling the disinformation campaign about the ongoing invasion of Ukraine.

Authentication 118

Authentication Communications IT Security 118

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

OpenText Information Management

MARCH 7, 2022

On International Women’s Day, we recognize and celebrate all the ways women have brought their insight, strategy and commitment to the opportunities and challenges we face as a planet. Women have broken barriers this year. The United States nominated the first Black woman to the Supreme Court, while the first woman Vice President finished her … The post International Women’s Day 2022–Break the Bias appeared first on OpenText Blogs.

111

111

Schneier on Security

MARCH 8, 2022

Yet another method of surveillance : Radar can detect you moving closer to a computer and entering its personal space. This might mean the computer can then choose to perform certain actions, like booting up the screen without requiring you to press a button. This kind of interaction already exists in current Google Nest smart displays , though instead of radar, Google employs ultrasonic sound waves to measure a person’s distance from the device.

Privacy 118

Privacy IT 118

eSecurity Planet

MARCH 9, 2022

A major Linux vulnerability dubbed “Dirty Pipe” could allow even the least privileged users to perform malicious actions. Researcher Max Kellermann of Ionos revealed the new vulnerability earlier this week. The name is reminiscent of the “Dirty Cow” vulnerability discovered in 2016 that allowed attackers to gain root access on any Android Phone regardless of the OS version, but Dirty Pipe could be even easier to exploit than its predecessor.

Access 123

Access Libraries Passwords IT 123

Security Affairs

MARCH 11, 2022

Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. Their scope of interests include – major telecommunications companies such as Claro, Telefonica and AT&T.

Ransomware 118

Ransomware IT Cybersecurity Access 118

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Hunton Privacy

MARCH 8, 2022

On March 1, 2022, President Biden, in his first State of the Union address, called on Congress to strengthen privacy protections for children, including by banning online platforms from excessive data collection and targeted advertising for children and young people. President Biden called for these heightened protections as part of his unity agenda to address the nation’s mental health crisis, especially the growing concern about the harms of digital technologies, particularly social media, to

Privacy 111

Privacy Marketing Data collection 111

Schneier on Security

MARCH 9, 2022

Zelle is rife with fraud : Zelle’s immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. There’s no way for customers — and in many cases, the banks themselves — to retrieve the money. […].

Security 109

Security IT 109

eSecurity Planet

MARCH 10, 2022

Even using a password with special characters, numbers, and both upper and lower case letters, an attacker can crack an eight-character password in as little as 39 minutes with brute force attacks. And if you use the same password for all of your online accounts, you’re giving attackers access to a ton of information with very little work. Password managers , like Keeper and 1Password, make it easy for users to secure their online accounts without having to remember a different password for each

Passwords 113

Passwords Encryption Compliance Authentication 113

Security Affairs

MARCH 9, 2022

The collective Anonymous has hacked public cameras in Russia and transmitted their live feed on a website, it also announced a clamorous leak. Anonymous and other hacker groups continue to target Russia, in a recent attack the collective has taken over more than 400 Russian cameras in support of Ukraine. The hacktivist shared the live feed of the hacked cameras on the website behindenemylines.live , the hacked cams are grouped in various categories based on their location (Businesses, Outdoor, I

Security 115

Security IT Information Security 115

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Jamf

MARCH 8, 2022

Today’s Apple Event introduced a host of new Apple devices and services to the market, kicking off with the announcement of Apple TV+ and exclusive new movies as well as Friday Night Baseball. But the real game-changer was the revelation of continued innovation on the M1 chip and the possibilities Apple Silicon brings to commercial and education organizations.

Education 106

Education Marketing 106

Threatpost

MARCH 11, 2022

The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.

IT 101

IT Government Security 101

eSecurity Planet

MARCH 8, 2022

Google today announced that it has agreed to acquire Mandiant for roughly $5.4 billion to bolster its cloud security. Google noted that Google Cloud already offers a number of security services, including BeyondCorp Enterprise for Zero Trust , VirusTotal for malicious content and software vulnerabilities , Chronicle security analytics and automation and the Security Command Center risk management platform in addition to the company’s Cybersecurity Action Team.

Cloud 113

Cloud Cybersecurity Analytics Security 113