Data Breach Today
APRIL 23, 2022
Company Says No Sensitive Customer or Government Information Leaked The US telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts. The company says hackers did not steal any sensitive customer or government information during the incident.
Krebs on Security
APRIL 27, 2022
When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue , a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data reque
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
APRIL 26, 2022
In a recent survey of US-based CEOs, talent shortages and cybersecurity were listed as two of the top five business concerns in 2022. Related: Cultivating ‘human sensors’ They may not entirely realize that when compounded, these two concerns could pose a critical security threat for their organization. CEOs who are looking to secure their data and build a cyber-resilient infrastructure are facing a quadruple whammy: •Expanding their digital infrastructure faster than they can secure
Jamf
APRIL 29, 2022
Discover the background and future trajectory of the Jamf Plugin for GLPI, one of the many valuable tools available through the Jamf Marketplace. Independent developer Curtis Conard provides a first-hand account of its creation and the importance of open-source software.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
APRIL 28, 2022
As one of the architects of Israel's offensive Red Team intelligence unit and Incident Response Team, Reuven (Rubi) Aronashvili, CEO of Israeli cybersecurity company CYE, provides a highly informed view of current cyberwarfare in the Russia-Ukraine war, including how it differs from kinetic warfare.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
APRIL 28, 2022
Passwords have become ubiquitous with digital. Yet most people don’t know how to use them properly. The humble password is nothing more than a digital key that opens a door. Related: The coming of passwordless access. People use keys to open their house, office, garage or car. And they use passwords to open a device, a system, an account, a file and so on.
KnowBe4
APRIL 26, 2022
Despite the world’s best efforts to get everyone off passwords and onto something else (e.g., MFA , passwordless authentication, biometrics, zero trust, etc.) for decades, passwords have pervasively persisted. Today, nearly everyone has multiple forms of MFA for different applications and websites AND many, many passwords.
Data Breach Today
APRIL 28, 2022
Lockbit, Conti, Hive and Alphv/BlackCat Tied to Greatest Number of Known Victims Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.
Security Affairs
APRIL 25, 2022
State television announced that Iran has foiled massive cyberattacks that targeted public services operated by both government and private organizations. According to the Iran state television, the attack attempts took place in recent days and aimed at the infrastructure of more than 100 public sector agencies. The report did not name entities that were targeted by the cyberattacks.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
eSecurity Planet
APRIL 26, 2022
Whether it’s a startup or established organization seeking funding, the right venture capital (VC) firm can make the difference in financial and operational success. Navigating the funding landscape takes time, preparation, and the innovative spirit to convince VC partners to invest in a new or unrecognized business opportunity. Achieving funding is no simple task, and cybersecurity entrepreneurs have a difficult path competing in a complex and competitive landscape.
IT Governance
APRIL 28, 2022
The Stormous ransomware gang announced earlier this week that it had hacked Coca-Cola and stolen 161 gigabytes of data. The group have put the information up for sale on the dark web, requesting just over $64,000 (about £51,000) in bitcoin. It’s a surprisingly low sum for the amount of information reportedly stolen and the reputation of the victim. By comparison, a report published last year found that US firms pay $6 million on average in ransomware demands.
Data Breach Today
APRIL 27, 2022
Attack Allegedly Involved 'Black Basta'; Tenet Health Hit in Separate Incident The American Dental Association allegedly was hit with an attack by new ransomware group "Black Basta." ADA is the latest medical professional organization to have a cyber incident disrupt services and potentially affect members' information. Tenet Health also experienced a cyberattack last week.
Schneier on Security
APRIL 25, 2022
SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “thank you for paying your bill, here’s a free gift for you.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
eSecurity Planet
APRIL 29, 2022
Standalone cybersecurity tools are not enough to maintain the security posture of an entire organization. Between malware , phishing attacks , zero-day threats , advanced persistent threats , reconnaissance, and brute force attacks, hackers are looking for any and every avenue into a network. A number of solutions may be needed to protect against all of these threats if organizations don’t opt for full security suites.
Security Affairs
APRIL 25, 2022
At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI. The U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November. “The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks in
Data Breach Today
APRIL 29, 2022
New Mandate Will Take Effect on June 28 In what is likely the shortest breach reporting timeline globally, the Indian Computer Emergency Response Team, CERT-In, has mandated that starting June 28, government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident.
Schneier on Security
APRIL 29, 2022
New research: “ Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps “: Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. And for the most part, users have accepted these apps in their personal space, without much thought about the permission models that govern the use of their personal data during me
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
APRIL 25, 2022
Unified threat management (UTM) offers something approaching total security in a box for small and midsize enterprises (SMEs), combining multiple network security functions in a single appliance. In addition to standard firewalls , features in UTMs often include intrusion detection and prevention systems (IDPS) , secure web gateways , secure email gateways , remote access , routing and WAN connectivity.
OpenText Information Management
APRIL 29, 2022
Netwire is a Remote Access Trojan (RAT) capable of stealing passwords, keylogging, and includes remote control capabilities. Netwire RAT has been used by advanced persistent threat groups (APT) in the past. In a recent malspam campaign, Netwire RAT was delivered via an achieved zip file containing a Visual Basis script. OpenText Security Consulting team, as … The post Dissecting Netwire Remote Access Trojan (RAT) behavior on an infected endpoint appeared first on OpenText Blogs.
Data Breach Today
APRIL 27, 2022
80 Zero-Day Vulnerabilities - a Record Number - Were Exploited in the Wild in 2021 The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
Security Affairs
APRIL 24, 2022
OpRussia continues unabated, since declaring ‘cyber war’ on Russia Anonymous has now published approximately 5.8 TB of Russian data. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues to collect successes, the collective claims to have published approximately 5.8 TB of Russian data via DDoSecrets.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
eSecurity Planet
APRIL 28, 2022
The Microsoft 365 Defender Research Team has revealed several new Linux vulnerabilities collectively dubbed “Nimbuspwn.” Like the Dirty Pipe vulnerability , they only need a local user with low capabilities to elevate privileges, but this time the exploit seems much more specific and focuses on “networkd-dispatcher,” a systemd component that handles connection status changes.
Jamf
APRIL 26, 2022
Introducing the first-of-its-kind Jamf Event, where Dean Hager, Jamf CEO and other key Jamf team members unveil new platform capabilities and enhanced workflows, as well as their benefits to you and end-users alike. Also, find out when these new enterprise-secure and consumer-simple technologies will be available.
Data Breach Today
APRIL 26, 2022
Company Will Use the Money to Expand in Asia and Upsell Existing Customers SonarSource has raised $412 million on a $4.7 billion valuation to establish a physical presence in Asia and increase its wallet share with existing customers. The company wants to open an office in Singapore and pursue opportunities in China, South Korea, Taiwan, Singapore, Japan and Australia.
Security Affairs
APRIL 25, 2022
The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google and Mandiant have published two reports that highlight a surge in the discovery of zero-day flaws exploited by threat actors in attacks in the wild. Google’s Project Zero researchers reported that 58 zero-day were discovered in 2021 (28 zero-day were detected in 2020), which marks a record for the company since it started tracking these issues in mid 2014. “
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
eSecurity Planet
APRIL 28, 2022
U.S. cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. Topping the list were the Log4Shell vulnerability and Microsoft bugs ProxyShell and ProxyLogon. Microsoft occupied more than half the list, with Exchange Server accounting for eight of the vulnerabilities.
Hunton Privacy
APRIL 25, 2022
On April 12, 2022, Colorado Attorney General Phil Weiser made remarks at the International Association of Privacy Professionals Global Privacy Summit in Washington, D.C., where he invited stakeholders to provide informal public comments on the Colorado Privacy Act (“CPA”) rulemaking. In addition to this informal public comment, the Colorado Department of Law (“Department”) will begin the formal notice-and-comment rulemaking phase in fall 2022 by announcing a notice of rulemaking and accompanyi
Data Breach Today
APRIL 28, 2022
Errol Weiss Says Industry Lacks Resources to Improve Cybersecurity The health care industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency. Errol Weiss of Health-ISAC says the industry as a whole lacks resources.
Expert insights. Personalized for you.
344 
Let's personalize your content