Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” On April 13, Microsoft said it executed a legal sneak atta

Ransomware 306

Ransomware Cybersecurity Healthcare Access 306

Dark Reading

APRIL 18, 2022

IT departments must account for the business impact and security risks such applications introduce.

Security 133

Security Risk IT 133

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

CMS 145

CMS IoT Passwords IT 145

Data Breach Today

APRIL 19, 2022

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade. The CloudSEK researchers who discovered the malware have not attributed it to any particular group.

IT 324

IT 324

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

APRIL 21, 2022

Today, all organizations are required or encouraged to meet certain standards and regulations to protect their data against cybersecurity threats. The regulations vary across countries and industries, but they are designed to protect customers from the threat of posed data breaches. . Related: The value of sharing third-party risk assessments. With estimates suggesting there are currently over 15 billion user credentials scattered across the dark web, the importance of compliance is clear to se

Compliance 235

Compliance Risk Security Cybersecurity 235

Schneier on Security

APRIL 19, 2022

New paper: “ Planting Undetectable Backdoors in Machine Learning Models : Abstract : Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with

Paper 145

Paper Access IT 145

Data Breach Today

APRIL 22, 2022

SOC.OS Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.

Security 321

Security IT 321

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. youth. Individuals who possess security clearances are not prohibited from traveling to foreign countries; however, there are certain acts and behaviors that may raise foreign influence and/or for

Security 235

Security Risk Military Government 235

AIIM

APRIL 21, 2022

There are two things you should know about me. The first is that I love to eat. I have an appetite that was once described as “alarming.” In my teenage years, I would kick back and devour an entire large pizza in one sitting. As I grew older, I refined my pallet and developed a desire for quality ingredients and a craving for a variety of flavors. The second thing you should know is that I hate to cook.

Customer Experience 151

Customer Experience Digital transformation Insurance Government 151

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

eSecurity Planet

APRIL 18, 2022

Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not. During such reconnaissance operations, attackers collect relevant data about their victims, but it’s not without risks for them.

IT 144

IT Paper Risk Security 144

Data Breach Today

APRIL 22, 2022

Also: FBI's Warning to Healthcare Entities; Ransomware Trends Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the FBI's warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K. government has been infected with NSO Group spyware.

Ransomware 320

Ransomware Government 320

Schneier on Security

APRIL 20, 2022

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

Government 144

Government IT 144

Security Affairs

APRIL 18, 2022

US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog.

IT 145

IT Cybersecurity Risk Security 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Dark Reading

APRIL 19, 2022

Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says.

Security 145

Security IT 145

Data Breach Today

APRIL 20, 2022

Containers Could Exploit the AWS Hot Patch to Take Over Its Underlying Host AWS has fixed "severe security issues" in hot patches it released in December to address the Log4Shell vulnerability in Java applications and containers. Palo Alto Networks' Unit 42 researchers said containers in server or cluster environments can exploit the patch to take over its underlying host.

Security 303

Security IT 303

Daymark

APRIL 19, 2022

If your organization has been working towards NIST 800-171 and is now on the journey to achieve CMMC 2.0 (the Cybersecurity Maturity Model Certification) it can be difficult to understand what you’ve already achieved and what’s left to do. Both standards are intended to reduce threats and strengthen cybersecurity for sensitive government data. Here’s some details on how they relate to each other and what’s involved to take the next steps toward CMMC compliance.

Compliance 120

Compliance Cybersecurity Government IT 120

Security Affairs

APRIL 20, 2022

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online. Below the organizations breached in the last three days, since my previous update: Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs.

Archiving 139

Archiving Access Government IT 139

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Dark Reading

APRIL 21, 2022

Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

Ransomware 140

Ransomware 140

Data Breach Today

APRIL 19, 2022

Tenants Accessed and Apps Such as Slack and Jira Viewed for Only 2 Okta Clients During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.

Access 295

Access IT 295

eSecurity Planet

APRIL 22, 2022

Cyberattacks are not only a technological problem for companies, but they also represent a very real financial threat. That’s where cyber insurance may be able to help. According to the Ponemon Institute and IBM, the global average cost of a data breach is $4.24 million and climbing. And costs can be much higher for some industries and geographic locations (including the United States).

Insurance 119

Insurance Ransomware Cybersecurity Marketing 119

Security Affairs

APRIL 21, 2022

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective against malicious traffic. Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) which is currently developed by Cisco. The software performs real-time traffic analysis and packet logging on Internet Protocol (IP) networks, protocol analysis, content searching and matching.

IT 143

IT Cybersecurity Security Information Security 143

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

IT Governance

APRIL 19, 2022

After a lengthy delay, version 4.0 of the PCI DSS (Payment Card Industry Data Security Standard) was published on 31 March 2022. Although the current version (3.2.1) remains valid until March 2024, organisations that are subject to the PCI DSS should prepare for the update as soon as possible. So, what does that involve? The headline change to PCI DSS v4.0 is the introduction of the “customized approach”.

IT 118

IT Passwords Risk Compliance 118

Data Breach Today

APRIL 18, 2022

Expanded Rewards Follow FBI Attributing Ronin Network Hack to Lazarus Group The U.S. government is offering up to $5 million for information that helps disrupt the illicit flow of funds to North Korea, including via cryptocurrency exchange hacks and ransomware. The expanded reward comes as the FBI has attributed a $620 million cryptocurrency heist to North Korean hackers.

Ransomware 264

Ransomware Government 264

Dark Reading

APRIL 20, 2022

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks.

Phishing 129

Phishing 129

Security Affairs

APRIL 21, 2022

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets.

Access 142

Access Cybersecurity Security IT 142

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Schneier on Security

APRIL 21, 2022

Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists.

115

115

Data Breach Today

APRIL 21, 2022

Security and Ethical Concerns Persist as AI-Driven Lethal Weapon Systems Evolve Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially because lethal weapons keep evolving toward full autonomy but cannot be made hack-proof.

Security 281

Security 281

eSecurity Planet

APRIL 21, 2022

Endpoint detection and response (EDR) solutions typically deploy in a standard configuration meant to deliver the least number of false positive alerts in a generic environment. This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations can tune their EDR systems to fit their organization and improve security.

Security 113

Security Access Sales e-Discovery 113