AIIM
MARCH 11, 2021
What’s the Importance of a Metadata Strategy? Many organizations use metadata in ways that provide significant business value. Every system uses metadata to store and retrieve data. But in too many organizations, every system uses similar but different metadata, with the result that different data structures and approaches make information harder to find and manage, not easier.
Dark Reading
MARCH 11, 2021
Extended detection and response technology goes well beyond endpoint management to provide visibility into networks, servers, cloud, and applications. Could it be the answer to your security challenges?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MARCH 11, 2021
$2 Billion for Security and IT, Rather Than $10 Billion as Originally Proposed The $1.9 billion economic relief package known as the American Rescue Plan, which the House approved Wednesday and President Biden signed Thursday afternoon, includes about $2 billion for cybersecurity and IT modernization, rather than the $10 billion the president originally proposed.
Krebs on Security
MARCH 8, 2021
Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
AIIM
MARCH 9, 2021
Information needs context, and we need to provide that context in a way that doesn't burden users but instead supports them. This means we need to take full advantage of recognition and analytics technologies to streamline and automate how we develop that context. One such tool is Metadata. Metadata offers significant benefits in terms of understanding information in new ways and in being able to leverage that intelligence to drive innovation and the customer experience.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
MARCH 11, 2021
Multiple Systems Impacted, Including Production and Shipping Capabilities The Molson Coors Beverage Company reported Thursday it is in the process of countering a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process. The specific type of attack taking place was not released.
Krebs on Security
MARCH 9, 2021
Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a “web shell” backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim’s other computers.
Security Affairs
MARCH 11, 2021
Intezer experts have spotted a new strain of Linux backdoor dubbed RedXOR that is believed to be part of the arsenal of China-linked Winniti APT. Researchers from Intezer have discovered a new sophisticated backdoor, tracked as RedXOR, that targets Linux endpoints and servers. The malware was likely developed by the China-linked cyber espionage group Winnti. “We have discovered an undocumented backdoor targeting Linux systems, masqueraded as polkit daemon.
The Last Watchdog
MARCH 8, 2021
Like a couple of WWE arch rivals, Apple’s Tim Cook and Facebook’s Mark Zuckerberg have squared off against each other in a donnybrook over consumer privacy. Cook initially body slammed Zuckerberg — when Apple issued new privacy policies aimed at giving U.S. consumers a smidgen more control over their personal data while online. Related: Raising kids who care about their privacy.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
MARCH 8, 2021
Latest Federal Indictment Comes After Tax Evasion Charges Cybersecurity entrepreneur John McAfee, who already faces tax evasion charges, has now been indicted for allegedly using his vast social media following to run cryptocurrency pump-and-dump schemes as well as promote virtual currencies to investors without revealing his stake in them, federal prosecutors say.
Krebs on Security
MARCH 9, 2021
On the off chance you were looking for more security to-dos from Microsoft today…the company released software updates to plug more than 82 security flaws in Windows and other supported software. Ten of these earned Microsoft’s “critical” rating, meaning they can be exploited by malware or miscreants with little or no help from users.
Security Affairs
MARCH 10, 2021
OVH, the largest hosting provider in Europe, has suffered a terrible fire that destroyed the data centers located in Strasbourg. OVH, one of the largest hosting providers in the world, has suffered a terrible fire that destroyed its data centers located in Strasbourg. The news was also confirmed by OVH founder Octave Klaba via Twitter, he also provided a series of updates on the incident.
WIRED Threat Level
MARCH 12, 2021
The streaming service is making account owners enter two-factor codes in a limited test. That's … actually not so bad.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
MARCH 9, 2021
'The Most Widely Successful Wormable Malware Becomes Almost a Permanent Hangover' Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
Schneier on Security
MARCH 12, 2021
Really interesting research : “Exploitation and Sanitization of Hidden Data in PDF Files” Abstract: Organizations publish and share more and more electronic documents like PDF files. Unfortunately, most organizations are unaware that these documents can compromise sensitive information like authors names, details on the information system and architecture.
Security Affairs
MARCH 6, 2021
A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. Unknown threat actors hacked the Verified forum in January, Crdclub in February, and Exploit and Maza in March, the attackers also leaked stolen data and in some cases they offered it for sale. “Since the beginning of the year, Intel 471 has
WIRED Threat Level
MARCH 7, 2021
Your emails know more about you than you might think, like when you open them or when you forward them to others. But you can reclaim your privacy.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
MARCH 9, 2021
Agency Is the Latest Victim of Attacks Exploiting Newly Exposed Flaws A Microsoft Exchange Server at the European Banking Authority, a regulatory agency of the European Union, was hacked. But the agency says there are no indications of data exfiltration.
Schneier on Security
MARCH 10, 2021
Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. The attacker was first detected by one group on Jan. 5 and another on Jan. 6, and Microsoft acknowledged the problem immediately. During this time the attacker appeared to be relatively subtle, exploiting particular targets (although we generally lack insight into who was targeted).
Security Affairs
MARCH 6, 2021
After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install is vulnerable. This week Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild.
WIRED Threat Level
MARCH 10, 2021
A patch for the vulnerabilities China exploited has been released. Now, criminal groups are going to reverse engineer it—if they haven’t already.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
MARCH 9, 2021
Proposal Comes as SolarWinds, Microsoft Exchange Hacks Are Investigated Legislation introduced in the House would allow U.S. citizens to file lawsuits against foreign governments - and employees and agents of those countries - to hold them liable if a cybersecurity incident causes damages. But one legal expert says such a law could do more harm than good.
Schneier on Security
MARCH 9, 2021
How is this even possible? …26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013Â2017, which indicates a lack of recent software updates,” the reported stated. 26%!?
Security Affairs
MARCH 12, 2021
Researchers at Trustwave spotted a new malspam campaign that is abusing icon files to trick victims into installing the NanoCore Trojan. Researchers at Trustwave have spoted a new malspam campaign that is abusing icon files to trick victims into executing the NanoCore remote access Trojan. The emails use a. zipx file attachment, a. zipx file is a ZIP archive compressed using the most recent compression methods of the WinZip archiver to provide optimal results.
WIRED Threat Level
MARCH 12, 2021
Twitch and YouTube chess star Levy Rozman has faced over a week of sustained harassment after calling out an alleged cheater.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Data Breach Today
MARCH 10, 2021
'Arson Cats' Researchers Say Device Flaws Gave Them Full Access to Verkada Cameras The "Arson Cats" research group says it was able to exploit flaws in internet-accessible security cameras built by Silicon Valley "cloud-based enterprise video security" startup Verkada to access live video and audio feeds from inside Tesla, Okta and Cloudflare offices, plus healthcare facilities and prisons.
Schneier on Security
MARCH 8, 2021
Interesting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification. In 2019, Mladenov et al. revealed various parsing vulnerabilities in PDF viewer implementations.They showed attacks that could modify PDF documents without invalidating the signature.
Security Affairs
MARCH 12, 2021
Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities. Researchers at Check Point Research team reported that threat actors are actively exploiting the recently disclosed ProxyLogon zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in a
Expert insights. Personalized for you.
166 
Let's personalize your content