IT Governance
APRIL 1, 2021
Don’t be fooled by the fact that we only recorded 20,995,371 breached records in March; it was one of the leakiest months we’ve ever seen, with 151 recorded incidents. By comparison, there was a seemingly Lilliputian 82 recorded breaches in January and 118 in February.
Troy Hunt
MARCH 31, 2021
If you've landed on this page because you saw a strange message on a completely different website then followed a link to here, drop a note to the site owner and let them know what happened. If, on the other hand, you're on this page because you're interested in reading about the illicit use of cryptomining on compromised websites and how through fortuitous circumstances, I now own coinhive.com and am doing something useful with it, read on.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
MARCH 30, 2021
What's old is new again as Web shell malware becomes the latest attack vector in widespread Exchange exploits. Here's a primer on what Web shells are and what they do.
Krebs on Security
MARCH 28, 2021
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation , a nonprofit that helps network owners identify and fix security threats , says it has found 21,248 different Exchange servers which appear to be compromised by a backdoor and communicating with brian
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Data Breach Today
MARCH 30, 2021
New Research Report Tracks Latest Global Trends Check Point Research says it has spotted more than 50,000 ransomware attack attempts worldwide so far against unpatched on-premises Microsoft Exchange email servers.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
MARCH 29, 2021
Even before the COVID-19 pandemic turned many office workers into work-from-home (WFH) experts, the trend toward working without having to commute was clear. Related: Mock attacks help SMBs harden defenses. As internet bandwidth has become more available, with homes having access to gigabit download speeds, a whole new world of career paths has opened for those who want to control their work hours and conditions.
Krebs on Security
APRIL 1, 2021
Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us over the next few days as we hunt down the gremlins in the gears.
Data Breach Today
MARCH 31, 2021
Funding for Supply Chain Security, Electrical Grid Enhancements, R&D Projects with potential cybersecurity components included in the Biden administration's $2 trillion infrastructure spending proposal include upgrading the insecure electrical grid, addressing supply chain vulnerabilities and supporting research on artificial intelligence and quantum computing.
Security Affairs
MARCH 29, 2021
Administrator of Ziggy ransomware recently announced the end of the operation, and now is promising that its victims will have back their money. In an unusual move, the administrator of Ziggy ransomware after the announcement of the end of the operation now is promising that they will give back their money. Ziggy ransomware ceased the operation in early February, when announced the decision “to publish all decryption keys.”.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
WIRED Threat Level
APRIL 2, 2021
On Friday the military junta shut off connectivity across the country. There’s no sign of when it will return.
Krebs on Security
MARCH 30, 2021
On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider
Data Breach Today
MARCH 27, 2021
Members of Parliament Targeted by Spear Phishing, German Media Reports Several members of the German parliament, The Bundestag, and political activists in the country were targeted using a spear-phishing campaign, German newsmagazine der Spiegel reported Friday. This is second such incident, following the 2015 parliament hack.
Security Affairs
MARCH 27, 2021
Apple has released new out-of-band updates for iOS, iPadOS, macOS and watchOS to address another zero?day flaw, tracked CVE-2021-1879 , actively exploited. Apple has released a new set of out-of-band patches for iOS, iPadOS, macOS and watchOS to address a critical zero-day vulnerability, tracked as CVE-2021-1879, that is being actively exploited in the wild.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
MARCH 27, 2021
Plus: Fox News gets sued for its election coverage (again), a record ransomware attack, and more of the week’s top security news.
AIIM
MARCH 30, 2021
The notion of Artificial Intelligence has pervaded both the info and tech worlds. Indeed, it's difficult to have a discussion or a webinar without the topics of AI and Robotic Process Automation coming up. And while it might be tempting to dismiss the implications as something from a Hollywood movie of a future world populated by smart robots with super-human characteristics, the truth is that these technologies are already at work today, fueling important changes in the way we do business.
Data Breach Today
APRIL 1, 2021
Requires Rescanning of Networks, Hardening of Infrastructure CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
Security Affairs
APRIL 2, 2021
The United States Department of Justice (DoJ) charged a Kansas man, for accessing and tampering with a public water system. The United States Department of Justice charged Wyatt A. Travnichek (22), of Ellsworth County, Kansas, for accessing and tampering with the computer system of the Ellsworth County Rural Water District. Travnichek accessed the computer system of the Public Water System on or about March 27, 2019, without authorization. “ WYATT A.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
WIRED Threat Level
MARCH 30, 2021
A WIRED investigation has found dozens of kid-focused videos with disturbing thumbnails that the platform serves up on the "Topic" pages of popular games.
AIIM
APRIL 1, 2021
We’ve covered the importance of Information Capture on the blog before and explored how capture represents the first step in the information lifecycle. In this step, we “capture” or gather information into our business ecosystem to store, manage, protect, and ultimately it use for business value. It ALL starts with capture. But, the value of a document is in its content, not whether it was received as an email attachment, captured via a smart phone or tablet, or scanned using a multifunction dev
Data Breach Today
MARCH 29, 2021
Awake Security Finds Connection Between Hafinum Group and Hades Researchers at Awake Security says at least one attack launched by the operators of Hades ransomware has a connection to the China-linked Hafnium group waging attacks on vulnerable Exchange servers.
Security Affairs
MARCH 27, 2021
Clop ransomware operators now email victim’s customers and ask them to demand a ransom payment to protect their privacy to force victims into paying the ransom. Clop ransomware operators are switching to a new tactic to force victims into paying the ransom by emailing their customers and asking them to demand a ransom payment to protect their privacy.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
WIRED Threat Level
MARCH 28, 2021
Sharing is caring—except when it's an unwelcome photo from a rando on the subway. Here's how to lock down your phone and computer.
The Last Watchdog
MARCH 31, 2021
The start of 2021 brings forth a cyber security crossroads. Many people are in the process of shifting back into office operations while balancing the potential risks and benefits of remote work. Related: Breaches spike during pandemic. For some malicious hackers and IT experts, this could represent an opening. From the known compromise vectors to the most recent threats, hackers are constantly on the lookout for new strategies to bypass IT notice, out maneuver defense setups, and take advantage
Data Breach Today
APRIL 2, 2021
Company Called Out by Whistleblower for Attack Response Internet of things vendor Ubiquiti revealed in a security notice that an attacker had attempted to extort money from the company following a December 2020 cyber incident - a fact not mentioned in the company's earlier notice about the attack.
Security Affairs
MARCH 28, 2021
A cyber attack has disrupted the Australian Channel Nine’s live broadcasts, the company was unable to transmit its Sunday morning news program. A cyber attack has hit the Australian Channel Nine’s live broadcasts causing the disruption of its operations. The broadcaster was unable to air its Sunday morning news program, which runs from 7:00 am to 1:00 pm from Sidney. .
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
APRIL 2, 2021
An ex-employee allegedly tampered with a Kansas water system. It was too easy, and it's happening too often.
Threatpost
APRIL 2, 2021
Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon.
Data Breach Today
MARCH 29, 2021
Audit Calls for Prompt Government Action, Especially in Wake of SolarWinds Attack The Government Accountability Office is urging the U.S. government to respond more rapidly to cybersecurity issues, especially in the wake of the SolarWinds supply chain attack that led to the breach of nine federal departments as well as about 100 companies.
Expert insights. Personalized for you.
130 
Let's personalize your content