Dark Reading
APRIL 20, 2021
Beneath all those containers and IoT devices, there's a rich patchwork of gear, protocols, and guidelines that have been holding it together since before you were born. Knowledge of those fundamentals is growing more valuable, not less.
eSecurity Planet
APRIL 21, 2021
NFT-mania, pronounced nifty , is upon us with little time to prepare. From news of a collage selling for almost $70 million at Christie’s auction house to a portrayal of Janet Yellen and Morpheus rapping about cryptocurrency on SNL , the current craze is all about non-fungible tokens (NFTs). But what are NFTs, how do they work, and what security precautions should we take?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 20, 2021
New Guidance Spells Out Security Precautions Given the surge in the use of telehealth during the COVID-19 pandemic - and expectations for continued growth - the Healthcare and Public Health Sector Coordinating Council has unveiled guidance on safeguarding patient data during remote care encounters.
Krebs on Security
APRIL 20, 2021
What was the best news you heard so far this month? Mine was learning that KrebsOnSecurity is listed as a restricted competitor by Gartner Inc. [ NYSE:IT ] — a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry. Earlier this month, a reader pointed my attention to the following notice from Gartner to clients who are seeking to promote Gartner reports about technology products and services: What that notice says is that KrebsOnSecurity is somehow
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
APRIL 21, 2021
How do you bring a $9 billion-a-year, digitally-agile corporation to a grinding halt? Related: Why it’s vital to secure IoT. Ask Spotify. When the popular streaming audio service went offline globally, last August, we saw a glimpse of just how tenuous digital transformation sometimes can be. Someone reportedly forgot to renew Spotify’s TLS certificate.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 19, 2021
Fedir Hladyr of Ukraine Admitted to Working as System Admin for FIN7 A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Security Affairs
APRIL 19, 2021
Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. While the value of major cryptocurrencies continues to increase, cybercriminals and malware authors focus their efforts on cryptocurrency miners and malicious code that could empty the wallets of the victims. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurr
The Last Watchdog
APRIL 21, 2021
Google was absolutely right to initiate a big public push a couple of years ago to make HTTPS Transport Layer Security (TLS) a de facto standard. Related: Malicious activity plagues the cloud services. At the time, in the spring of 2018, only 25 percent of commercial websites used HTTPS; today adoption is at 98 percent and rising. Far beyond just protecting websites, TLS has proven to be a linchpin of network-level communications across the board.
AIIM
APRIL 20, 2021
As the AIIM team and I put the finishing touches on AIIM21: a galactic digital experience , our attention is laser-focused on the educational content we bring to this year's participants. We take our upskilling and uplifting responsibilities pretty seriously around here, believing that we have an outsized obligation to move the industry and the community up the business value chain.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
APRIL 23, 2021
RiskIQ: Discovery Sheds Light on Size of Cyberespionage Operation Researchers at RiskIQ say they've discovered more than a dozen previously undocumented command-and-control servers used in the SolarWinds supply chain attack, showing that the cyberespionage operation was much larger than previously identified.
eSecurity Planet
APRIL 23, 2021
Cybersecurity podcasts are an easy way to immerse yourself in the world of SecOps. Depending on your interests, you can catch up on the latest news and hear analysis from experts in the field, or you can take a deep-dive into a major cybersecurity story or concept. The best part? You can listen while doing tasks that require little concentration such as washing dishes or folding laundry.
Security Affairs
APRIL 21, 2021
A WhatsApp malware dubbed WhatsApp Pink is able to automatically reply to victims’ Signal, Telegram, Viber, and Skype messages. A WhatsApp malware dubbed WhatsApp Pink has now been updated, authors have implemented the ability to automatically respond to victims’ Signal, Telegram, Viber, and Skype messages. WhatsApp Pink is a fake app that was first discovered this week, it poses as a “pink” themed version of the legitimate app.
IT Governance
APRIL 18, 2021
It’s been rough sailing for organisations in the past year or so. In addition to the ongoing challenges of COVID-19, there are the effects of Brexit, increasing public awareness of privacy rights and regulatory pressure to improve data protection practices. And, of course, there is the threat of cyber attacks. According to a UK government survey, 39% of UK businesses came under attack in the first quarter of 2021 , with many incidents causing significant damage.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
APRIL 22, 2021
ACEP Reports Tens of Thousands of Doctors Affected The American College of Emergency Physicians says a "malware" attack affected tens of thousands of the group's current and former members as well as members of three other emergency medical professional organizations.
Hunton Privacy
APRIL 23, 2021
On April 22, 2021, the Belgian Constitutional Court annulled (in French) the framework set forth by the Law of 29 May 2016 (the “Law”) requiring telecommunications providers to retain electronic communications data in bulk. The Constitutional Court’s decision follows an October 6, 2020 Court of Justice of the European Union (“CJEU”) ruling (in French) on preliminary questions related to the compatibility of the data retention framework with EU law.
Security Affairs
APRIL 20, 2021
Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks. Geico, the second-largest auto insurer in the U.S., has suffered a data breach, threat actors exploited a now-fixed bug in their website to steal the driver’s licenses for policyholders for several weeks.
Schneier on Security
APRIL 21, 2021
Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the company warned.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
APRIL 20, 2021
Vulnerabilities Exploited Include a Zero-Day in Ivanti's Pulse Connect Secure The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that U.S. federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government, exploiting vulnerabilities found in Ivanti's Pulse Connect Secure.
WIRED Threat Level
APRIL 20, 2021
Secret codes. Legal threats. Betrayal. How one couple built a device to fix McDonald’s notoriously broken soft-serve machines—and how the fast-food giant froze them out.
Security Affairs
APRIL 18, 2021
The software company Codecov suffered a security breach, threat actors compromised the supply chain of one of its tools. A new supply chain attack made the headlines, the software company Codecov recently disclosed a major security breach after a threat actor compromised its infrastructure to inject a credentials harvester code to one of its tools named Bash Uploader.
Schneier on Security
APRIL 20, 2021
On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks. I will leave it to those with experience in foreign relations to convince me that the response is sufficient to deter future operations.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Data Breach Today
APRIL 21, 2021
$50 Million Extortion Demand Issued to Apple and Taiwanese Manufacturer Quanta The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff. The extortion threat - with a reported $50 million opening demand - was unveiled hours before Apple made a series of major new product announcements.
Micro Focus
APRIL 19, 2021
At Micro Focus, we are committed to reducing our environmental impact – as are our customers, partners and suppliers. Our aim is to make sustainable and responsible business part of the way we operate. From lowering our energy consumption and waste materials, to helping our customers address their carbon footprint and adopt carbon friendly IT. View Article.
Security Affairs
APRIL 19, 2021
A new ransomware dubbed ‘NitroRansomware’ has appeared in the threat landscape, it demands a Discord Nitro gift code to decrypt files. Researchers from BleepingComputer reported infections of a new singular ransomware dubbed NitroRansomware which demands a Discord Nitro gift code to the victims to decrypt their files. Discord is a free VoIP, instant messaging and digital distribution platform designed for creating communities.
Threatpost
APRIL 21, 2021
CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Data Breach Today
APRIL 21, 2021
Group Used Fresh Tactic to Target South Korea Malwarebytes researchers report the North Korean APT group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document.
Hunton Privacy
APRIL 23, 2021
Building upon its April 2020 business guidance on Artificial Intelligence and algorithms , on April 19, 2021, the FTC published new guidance focused on how businesses can promote truth, fairness and equity in their use of AI. In the guidance, the FTC recognizes the potential benefits of AI, but stresses the need to harness these benefits without inadvertently introducing bias or other unfair outcomes.
Security Affairs
APRIL 22, 2021
Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Security solutions one again are used as attack vectors by threat actors, this time cybersecurity company Trend Micro revealed that attackers are actively exploiting a vulnerability, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems.
Expert insights. Personalized for you.
131 
Let's personalize your content