Sat.Sep 05, 2020 - Fri.Sep 11, 2020

article thumbnail

Cyber Incidents Disrupt More Schools

Data Breach Today

Districts in Connecticut, Florida Among the Latest Targets The start of classroom instruction at Hartford Public Schools in Connecticut was canceled Tuesday as a result of a ransomware attack - the latest in a series of cyber incidents to disrupt schools this fall. Last week, online instruction at Miami-Dade County Public Schools in Florida was disrupted.

article thumbnail

Russian Indicted in Tesla Ransom Scheme

Data Breach Today

Faces Five Years in Prison If Convicted in Connection With Thwarted Scam A federal grand jury has formally indicted a Russian national in connection with a thwarted attempt at stealing corporate data from electric vehicle manufacturer Tesla so it could be used to extort a $4 million ransom.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Building human-centered AI

DXC Technology

For all the hype and excitement surrounding artificial intelligence right now, the AI movement is still in its infancy. The public perceptions of its capabilities are painted as much by science fiction as by real innovation. This youth is a good thing, because it means we can still affect the course of AI’s impact. If […]. The post Building human-centered AI appeared first on DXC Blogs.

article thumbnail

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users. The majority of the most dangerous or “critical” bugs deal with issues in Microsoft’s various Windows operating systems and its web br

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Adequacy

Data Protector

In data protection law, transfers of personal data must be safeguarded by written contracts between the parties. If the personal data is transferred from the EU to a country which the European Commission has not been recognised as having adequate data protection standards, special clauses, known as SCCs are usually inserted in these contracts. In July 2020, a decision by the European Court of Justice made it virtually impossible for companies to determine whether the SCCs must be supplemented by

More Trending

article thumbnail

[Podcast] Achieving Cloud Content Harmony – Access with Control

AIIM

Cloud Content Management has the power to change the game for businesses of all sizes and types. This powerful technology and its massively scalable storage and operational power can crunch large sets of data, use analytics to understand it, and provide the security needed to lock it all down. But this great power needs balance! There must be harmony between access to the information and control of the information.

Cloud 129
article thumbnail

Decrypting TLS connections with new Raccoon Attack

Security Affairs

Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications. Security researchers from universities in Germany and Israel have disclosed the details of a new timing attack, dubbed Raccoon, that could allow malicious actors to decrypt TLS-protected communications. The timing vulnerability resides in the Transport Layer Security (TLS) protocol and hackers could exploit it to access sensitive data in transit.

article thumbnail

Why You Need End-to-End Data Lineage

erwin

Not Documenting End-to-End Data Lineage Is Risky Busines – Understanding your data’s origins is key to successful data governance. Not everyone understands what end-to-end data lineage is or why it is important. In a previous blog , I explained that data lineage is basically the history of data, including a data set’s origin, characteristics, quality and movement over time.

article thumbnail

Blackbaud Ransomware Victim Count Climbing

Data Breach Today

Health Data Breach Tally Shows Impact of Vendor Breach The May ransomware attack on cloud-based fundraising database management vendor Blackbaud continues to rack up victims in the healthcare sector. Here's the latest tally.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

CEOs Could Be Held Personally Liable for Cyberattacks that Kill

Threatpost

As IT systems, IoT and operational technology converge, attacks on cyber-physical systems in industrial, healthcare and other scenarios will come with dire consequences, Gartner predicts.

IoT 123
article thumbnail

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). Security experts from ESET discovered a new piece of malware, tracked as CDRThief, that targets the Linux VoIP platform, Linknat VOS2009/3000 softswitches, to steal call data records (CDR) from telephone exchange equipment.

Metadata 143
article thumbnail

CIPL and DSCI Publish Report on Enabling U.S.-India Data Transfers

Hunton Privacy

The Centre for Information Policy Leadership at Hunton Andrews Kurth (“CIPL”) and the Data Security Council of India (“DSCI”) have published a report on Enabling Accountable Data Transfers from India to the United States under India’s Proposed Personal Data Protection Bill (the “Report”). CIPL and DSCI put forward this joint Report to highlight the importance of continued flows of data between India and the U.S. following the expected passage of new comprehensive data protection legislation in I

article thumbnail

Court Dismisses Privacy Case Against Google, Medical Center

Data Breach Today

But Judge Opens the Door to Filing an Amended Complaint A federal judge has dismissed a lawsuit filed last year against Google and the University of Chicago Medicine involving complex privacy and other issues related to the use of patients' de-identified electronic health record data. But the court left the door open to filing an amended complaint.

Privacy 319
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans

Threatpost

Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days.".

article thumbnail

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services. K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stage

article thumbnail

Portland, Oregon Becomes First Jurisdiction in U.S. to Ban the Commercial Use of Facial Recognition Technology

Hunton Privacy

On September 9, 2020, Portland, Oregon became the first jurisdiction in the country to ban the commercial use of facial recognition technology in public places within the city, including stores, restaurants and hotels. The city Ordinance was unanimously passed by the Portland City Council and will take effect on January 1, 2021. The City Council cited as rationale for the Ordinance documented instances of gender and racial bias in facial recognition technology, and the fact that marginalized com

article thumbnail

BEC Scam Losses Surge as the Number of Attacks Diminish

Data Breach Today

Cosmic Lynx the First Russian Gang to Enter the BEC Game The average amount stolen in a business email compromise (BEC) scam increased 48% during the second quarter of 2020, however, this transpired as the number of attacks decreased during that period, reports the Anti-Phishing Working Group.

Phishing 305
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

A Florida Teen Shut Down Remote School With a DDoS Attack

WIRED Threat Level

Plus: Predictive policing taken even farther, Amazon surveillance of private Facebook groups, and more of the week’s top security news.

Security 134
article thumbnail

Newcastle University infected with DoppelPaymer Ransomware

Security Affairs

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide info about the family of ransomware behind the attack, but the DoppelPaymer ransomware operators are claiming to be responsible.

article thumbnail

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation

Threatpost

Attackers check the victims' Office 365 credentials in real time as they are typed into the phishing landing page, by using authentication APIs.

Phishing 122
article thumbnail

Operators Behind ProLocker Ransomware Seek 'Big Game'

Data Breach Today

Group-IB: Attackers Now Using Qbot Trojan and Demand Huge Ransoms Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports. The gang has recently started to use the Qbot banking Trojan.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Next-Gen Firewalls 101: Not Just a Buzzword

Dark Reading

In a rare twist, "next-gen" isn't just marketing-speak when it comes to next-gen firewalls, which function differently than traditional gear and may enable you to replace a variety of devices.

Marketing 109
article thumbnail

FBI issued a second flash alert about ProLock ransomware in a few months

Security Affairs

FBI issued a second flash alert about ProLock ransomware stealing data, four months after the first advisory published by the feds on the same threat. The FBI has issued the 20200901-001 Private Industry Notification about ProLock ransomware stealing data on September 1st. The fresh alert is the second one related to this threat, the first one (MI-000125-MW Flash Alert) was published on May 4th, 2020.

article thumbnail

Letter to 20 years ago

Imperial Violet

I noticed that I have not posted anything here in 2020! There's a bunch of reasons for this: the work I'm doing at the moment does not lend itself so well to blog posts, and life intervenes, leaving less time for personal projects. But in order to head off the risk that I'll post nothing at all this year I pulled something from one of my notebooks. 2020 is a round number so I decided to do some reflection and this was a letter that I imagined writing to myself 20 years ago.

Paper 104
article thumbnail

Online Voting Startup Wants to Limit Some Security Research

Data Breach Today

Voatz Files Amicus Brief In Case Headed to the US Supreme Court In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities. The amicus brief is part of a U.S. Supreme Court case that could redefine a federal computer law.

Security 291
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Catches of the month: Phishing scams for September 2020

IT Governance

In our latest round-up of phishing scams, we look at a novel Instagram scam that targets victims through their direct messages, review the latest campaign that imitates Microsoft Office’s log-in page and discuss how even a cyber security training provider can fall for a malicious email. Instagram ‘help centre’ scam steals your login details. Cyber criminals are targeting Instagram users via direct messages, according to cyber security researchers at Trend Micro.

Phishing 108
article thumbnail

Hackers use overlay screens on legitimate sites to steal Outlook credentials

Security Affairs

Experts spotted a phishing campaign that employees overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the targets. The overlay screens are displayed on top of legitimate webpages to trick victims into providing their credentials. “Message quarantine phish are back, this time with a

Phishing 144
article thumbnail

EDPB Creates Taskforces on Complaints and Supplementary Measures for Data Transfers Following Schrems II Decision

Hunton Privacy

On September 4, 2020, the European Data Protection Board (the “EDPB”) announced that it established two taskforces following the judgment of the Court of Justice of the European Union (“CJEU”) in the Schrems II case. The first taskforce will process and uniformly respond to complaints received by data protection authorities following the Schrems II judgment.