Sat.Feb 13, 2021 - Fri.Feb 19, 2021

article thumbnail

How to Avoid Phishing Emails and Scams

WIRED Threat Level

It's is a bigger threat than ever. Here are some ways you can defend yourself.

Phishing 139
article thumbnail

Privacy Legislation Progresses in 5 More States

Data Breach Today

States Would Join 3 Others That Have Already Enacted Laws Five states are making progress this year toward passing privacy legislation along the lines of California's Consumer Privacy Act, according to the International Association of Privacy Professionals. Here's a status report.

Privacy 314
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Achieving Seamless eDiscovery

OpenText Information Management

Business and litigation go hand in hand in the 21st century. From litigation support personnel to the lawyers themselves, organizations face a common challenge: how to streamline processes and procedures to simplify and thoroughly respond to on-going litigation requests.

article thumbnail

Bluetooth Overlay Skimmer That Blocks Chip

Krebs on Security

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminal’s ability to read chip-based cards, forcing customers to swipe the stripe instead.

Retail 347
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

What is the Value of Records and Information Management?

AIIM

What is the value of Records and Information Management? To help answer that, take a quick mental inventory of all the technologies your organization utilizes that interact in some way with organizational information. Think about technology like email, personal computers, the web, smart phones, social media, etc. Think about all of the information captured, stored, and created using those technologies.

More Trending

article thumbnail

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

Cybersecurity training has steadily gained traction in corporate settings over the past decade, and rightfully so. In response to continuing waves of data breaches and network disruptions, companies have made a concerted effort and poured substantial resources into promoting data security awareness among employees, suppliers and clients. Safeguarding data in workplace settings gets plenty of attention.

Education 203
article thumbnail

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

Krebs on Security

The leader of Mexico’s Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico’s top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015.

article thumbnail

[Podcast] Remote Working - Start Small, Grow Big

AIIM

The workplace in 2021 will demand a different set of skills. Now more than ever, organizations need to embrace disruption as a springboard for competitive advantage and adopt new ways of working that invigorate organizational performance. The needed capabilities include the ability to leverage remote work as an advantage, increase information agility, and drive business growth despite these challenging times.

Cloud 161
article thumbnail

Microsoft Patches 12-Year-Old Vulnerability

Data Breach Today

Flaw Was Present in Microsoft Defender Since 2009, SentinelOne Finds Microsoft has patched a 12-year-old vulnerability in Microsoft Defender that, if exploited, could enable nonadministrative users to escalate privilege in the application. The patch was made after security firm SentinelOne recently notified Microsoft about the flaw.

Security 345
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. WatchDog is one of the largest and longest-lasting Monero cryptojacking operations uncovered by security experts, its name comes from the name of a Linux daemon called watchdogd.

Mining 145
article thumbnail

France Ties Russia's Sandworm to a Multiyear Hacking Spree

WIRED Threat Level

A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.

Security 145
article thumbnail

Leave.EU donor Arron Banks loses data breach appeal

The Guardian Data Protection

Tribunal ruling noted Brexit campaign and insurance company owned by its key backer had a ‘two-faced approach to regulation’ The Leave.EU campaign and the insurance company owned by the political group’s key financial backer, Arron Banks, have lost an appeal against £105,000 of fines for data protection violations in the wake of the EU referendum campaign.

article thumbnail

Microsoft's Smith: SolarWinds Attack Involved 1,000 Developers

Data Breach Today

Supply Chain Attack Likely Continues, He Tells '60 Minutes' More than 1,000 developers likely worked on rewriting code for the massive SolarWinds supply chain attack that affected many companies and U.S. government agencies, Microsoft President Brad Smith said in a Sunday interview, pointing out the attack is most likely continuing.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine

Security Affairs

An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS. Some affiliated with the Egregor RaaS , not the main ransomware gang, have been arrested as a result of a joint operation conducted by law enforcement in Ukraine and France. Authorities did not reveal the name of the suspects, according to France media the suspects are in contact with Egregor ransomware operators and provided logistical and financial support

article thumbnail

Malware Is Now Targeting Apple’s New M1 Processor

WIRED Threat Level

Two distinct strains of malware have already adjusted to the new silicon just months after its debut.

IT 145
article thumbnail

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. company is known, has been under federal scrutiny for much of the past decade, according to 14 former law enforcement and intelligence officials familiar with the m

article thumbnail

Yandex Insider Causes Breach Involving 4,887 Customers

Data Breach Today

Breach Occurred After System Admin Granted Unauthorized Access Russian-Dutch multinational eCommerce company Yandex sustained a data breach in which 4,887 customer accounts were compromised after an unidentified employee with systems admin privileges gave unauthorized access to attackers.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. The FBI issues this week a Private Industry Notification (PIN) alert to warn companies about the risks of using out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. The alert comes after the recent attacks on the Oldsmar water treatment plant’s network where attackers tried to raise levels of sodium hydroxid

Passwords 145
article thumbnail

The Untold History of America’s Zero-Day Market

WIRED Threat Level

The lucrative business of dealing in code vulnerabilities is central to espionage and war planning, which is why brokers never spoke about it—until now.

Marketing 145
article thumbnail

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Schneier on Security

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers: In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt. Billy] Fair outside. The interaction plays out almost exactly like it did in the department — when Devermont starts asking questions, Fair turns on the music.

Archiving 143
article thumbnail

3 North Koreans Indicted for Stealing $1.3 Billion

Data Breach Today

Federal Prosecutors Say Hackers Work for Military Intelligence Unit Three North Koreans have been indicted for allegedly taking part in a criminal conspiracy to steal or extort $1.3 billion in cryptocurrency and cash from banks and other organizations around the world, the U.S. Justice Department announced Wednesday.

Military 290
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

The malicious code in SolarWinds attack was the work of 1,000+ developers

Security Affairs

Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack. Microsoft’s analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers. Microsoft president Brad Smith provided further details about the investigation of the SolarWinds supply chain attack, the company’s analysis of the malicious code involved in the hack suggests it was the work of a thousand developers.

article thumbnail

Controlling Smart Lights Using Dumb Switches with Shelly and Home Assistant

Troy Hunt

As I progressively make my house smarter and smarter , I find I keep butting against the intersection of where smart stuff meets dump stuff. Take light globes, for example, the simplest circuit you can imagine. Pass a current through it, light goes on. Kill the current, light goes off. We worked that out back in the 19th century and everything was fine. until now.

IoT 143
article thumbnail

Browser Tracking Using Favicons

Schneier on Security

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page name.). Abstract: The privacy threats of online tracking have garnered considerable attention in recent years from researchers and practitioners alike. This has resulted in users becoming more privacy-cautious and browser vendors gradually adopting countermeasures to mitigate certain forms of cookie-based and cookie-less track

Paper 143
article thumbnail

South Korea Claims North Korea Tried Hacking Pfizer

Data Breach Today

Reported Attempt at Stealing COVID-19 Data Comes in Wake of Global Warnings South Korean intelligence officials allege that North Korean hackers attempted to steal COVID-19 vaccine and treatment data by hacking the U.S. pharmaceutical firm Pfizer.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost. ngrok is a cross-platform application used to expose a local development server to the Internet, the server appears to be hosted on a subdomain of ngrok (e

Phishing 144
article thumbnail

A Billion-Dollar Dark Web Crime Lord Calls It Quits

WIRED Threat Level

The “big hack” redux, riot planning on Facebook, and more of the week's top security news.

IT 130
article thumbnail

On Vulnerability-Adjacent Vulnerabilities

Schneier on Security

At the virtual Engima Conference , Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak their exploits to work again. From a MIT Technology Review article : Soon after they were spotted, the researchers saw one exploit being used in the wild.

Security 135