Dark Reading
DECEMBER 8, 2020
Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.
Data Breach Today
DECEMBER 9, 2020
Does Theft of Penetration Tools Pose a Serious Threat? FireEye's disclosure this week of the theft of its penetration testing tools - and its proactive response - has drawn praise but raised many questions, as well.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
OpenText Information Management
DECEMBER 10, 2020
As organizations increasingly move mission-critical workloads to the cloud, it’s important to recognize some of the common pitfalls and how best to mitigate their impact. Selecting the correct level of service It is crucial that organizations select the right cloud partners to operate their systems.
Krebs on Security
DECEMBER 10, 2020
Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
DECEMBER 8, 2020
Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. We began the new millennium with on-premises data centers supporting servers and desktops that a technician in sneakers could service. Connectivity was relatively uncomplicated.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
DECEMBER 8, 2020
Over the past several years, I've had the pleasure of interviewing hundreds of guests for AIIM On Air. It never fails to impress me that the level of knowledge and leadership among AIIM members and supporters is the best in the business. Each month we cover a variety of topics – from the latest in automation and innovation, to pressing and emerging challenges and opportunities that tell the story of the current state of IIM today.
Krebs on Security
DECEMBER 8, 2020
Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft’s most-dire “critical” label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users.
Security Affairs
DECEMBER 8, 2020
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The flaw is a null pointer dereference, successful exploitation could trigger denial-of-service conditions.
Data Breach Today
DECEMBER 7, 2020
Such Specialization Highlights Ransomware Operators' Increasing Business Savvy Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware, and request payment.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
AIIM
DECEMBER 10, 2020
You know that saying, “When life gives you lemons, make lemonade”? It’s something I try to live by. I’m a self-proclaimed eternal optimist and always try to look for the positive in everything. If you do it often enough, you’ll soon find that there is always a positive way to look at things. It won’t always turn the bad completely good, but it will always put a positive spin on it and make it easier to handle.
Micro Focus
DECEMBER 9, 2020
When a bright, 30-something persuaded the authorities to waive the restrictions on age and weight, and joined the US Navy in 1944, no-one could have foreseen the profound benevolent impact Grace Hopper would go on to have on computing and the world as we know it today. Today marks what would have been the 114th birthday. View Article.
Security Affairs
DECEMBER 7, 2020
The Greater Baltimore Medical Center, Maryland, was hit by a ransomware attack that impacted computer systems and operations. The Greater Baltimore Medical Center in Towson, Maryland was a victim of a ransomware attack that impacted its IT systems. At the time of this writing, it is not clear the family of ransomware that hit the healthcare providers, it only confirmed that the security breach forced some procedures scheduled for Monday to be canceled. “On the morning of Sunday, December 6
Data Breach Today
DECEMBER 10, 2020
Hunters Could Become the Hunted After Theft of Cybersecurity Firm's Hacking Tools Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's penetration testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Schneier on Security
DECEMBER 10, 2020
The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they started extorting money from the patients : Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records.
erwin
DECEMBER 10, 2020
Learn. Transform. Advance. That was the theme of the global conference we produced in October, but I’d venture to say it’s the mantra global organizations need to adopt as we continue to deal with the most disruptive event of our lifetime: COVID-19. Learn. When I look back, I should not be surprised that 2020 has been incredibly busy for us here at erwin.
Security Affairs
DECEMBER 10, 2020
Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages. Users are redirected to fraudulent domains where they are tricked into installing tainted software.
Data Breach Today
DECEMBER 11, 2020
CEOS and CISOs on Responding to the Multichannel Fraud Spike Fraud explodes in tough times, and do times come any tougher than they have with COVID-19? In this latest Cybersecurity Leadership panel, CEOs and CISOs describe their efforts to spot and stop emerging fraud schemes involving synthetic IDs, social engineering and greater insider risks.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Schneier on Security
DECEMBER 8, 2020
This new protocol , called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with.
Dark Reading
DECEMBER 9, 2020
Device IDs, which are assigned to mobile devices to distinguish one from another, can help organizations flag fraud, cyberattacks, and other suspicious activities.
Security Affairs
DECEMBER 6, 2020
While the United Kingdom announced the distribution of the COVID-19 vaccine to the population drug dealers is selling ‘Pfizer COVID Vaccines.’. The UK became the first Western country to authorize a Covid-19 vaccine. The UK government announced the distribution of the Pfizer/BioNTech vaccine that has been granted emergency authorization by British regulators.
Data Breach Today
DECEMBER 10, 2020
Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
DECEMBER 9, 2020
FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers.
IT Governance
DECEMBER 9, 2020
The cyber security giant FireEye announced yesterday that it had been targeted by a sophisticated cyber attack , which resulted in criminals stealing an arsenal of hacking tools. FireEye uses these tools to test the defences of its clients, which include an array of government and US national security agencies. If these tools end up in the wrong hands, they could cause untold damage, which is why this incident is being described as “among the most significant breaches in recent memory”.
Security Affairs
DECEMBER 11, 2020
Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. Vietnam-linked APT group APT32 , also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis.
Data Breach Today
DECEMBER 11, 2020
Experts Say Attack is Textbook Example of Hack and Extort Campaign A 4GB data archive belonging to Panasonic India has been released by a hacker who waged an extortion plot. The company says no highly confidential data was revealed, but a look at the data suggests otherwise.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Schneier on Security
DECEMBER 11, 2020
The Aspen Institute’s Aspen Cybersecurity Group — I’m a member — has released its cybersecurity policy agenda for the next four years. The next administration and Congress cannot simultaneously address the wide array of cybersecurity risks confronting modern society. Policymakers in the White House, federal agencies, and Congress should zero in on the most important and solvable problems.
Threatpost
DECEMBER 9, 2020
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.
Security Affairs
DECEMBER 9, 2020
Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. The flaws impact multiple products including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Office Services and Web Apps, Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK, and Azure Sphere.
Expert insights. Personalized for you.
129 
Let's personalize your content