Krebs on Security
MAY 4, 2021
When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. When cybercriminals develop the same habit, it can eventually cost them their freedom. Our passwords can say a lot about us, and much of what they have to say is unflattering.
Data Breach Today
MAY 1, 2021
Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and firms in the wake of the attack that targeted SolarWinds in 2020. The agency notes that attackers could use IT exploits to pivot to OT systems.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
MAY 3, 2021
New deepfake products and services are cropping up across the Dark Web.
AIIM
MAY 4, 2021
How will humanity survive the AI revolution? Simple—we become superhuman. That is the subject of our new AIIM On Air interview with author and researcher Alex Bates. In his book " Augmented Mind, " Alex explains how the combination of AI with human intelligence – what he calls Intelligence Augmentation -- has revolutionary potential. After a decade on the front lines of AI research and implementation facilitating the collaboration of humans and AI, Bates created a global mastermind network of ap
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Krebs on Security
MAY 5, 2021
Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
The Last Watchdog
MAY 3, 2021
Encryption agility is going to be essential as we move forward with digital transformation. Refer: The vital role of basic research. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. But cryptography historically has been anything but agile; major advances require years, if not decades, of inspired theoretical research.
AIIM
MAY 6, 2021
This post is focused on the following topics. You may click these links to jump to a specific section: What Is Knowledge Management? Tacit Knowledge vs. Explicit Knowledge. Strategies for Making Tacit Knowledge More Explicit. What Is Knowledge Management? According to the late Carl Frappaolo, one of the leading practitioners and analysts in the knowledge management space, “Knowledge Management is the leveraging of collective wisdom to increase responsiveness and innovation.”.
Krebs on Security
MAY 7, 2021
John Bernard , a pseudonym used by a convicted thief and con artist named John Clifton Davies who’s fleeced dozens of technology startups out of an estimated $30 million, appears to have reinvented himself again after being exposed in a recent investigative series published here. Sources tell KrebsOnSecurity that Davies/Bernard is now posing as John Cavendish and head of a new “private office” called Hempton Business Management LLP.
Data Breach Today
MAY 7, 2021
Having a VPN Isn't Enough Anymore
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
MAY 7, 2021
CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, all easily searchable and conveniently stored in one place.
WIRED Threat Level
MAY 4, 2021
A family-run psychotherapy startup grew into a health care giant. It was a huge success—until the data breach and the anonymous ransom notes sent to clients.
Schneier on Security
MAY 4, 2021
This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi.
Data Breach Today
MAY 4, 2021
But Is It Time to Overhaul the Rule Itself? The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule. But is it time to update the security rule itself?
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
MAY 1, 2021
Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on data theft. Recently the Babuk ransomware operators made the headlines for the ransomware attack against the DC Police Department. Experts believe that the decision of the group to leave the ransomware practice could be the result of an operational error, it was a bad idea to threaten the US police department due to information that it manages.
DLA Piper Privacy Matters
MAY 4, 2021
Authors: Katharina Pauls and Katia Helbig. In a legal dispute to be decided by the German Federal Labor Court, the court had the opportunity to rule on the highly controversial scope of the right to information under Art. 15 GDPR. Specifically, the issue was whether or to what extent Art. 15 GDPR grants a right to receive copies of e-mails. This question is controversially discussed, particularly in the employment context.
Schneier on Security
MAY 7, 2021
A new draft of an Australian educational curriculum proposes teaching children as young as five cybersecurity: The proposed curriculum aims to teach five-year-old children — an age at which Australian kids first attend school — not to share information such as date of birth or full names with strangers, and that they should consult parents or guardians before entering personal information online.
Data Breach Today
MAY 7, 2021
Agency Offers In-Depth Analysis, Risk Mitigation Advice The Cybersecurity and Infrastructure Security Agency has issued an alert providing more details on the threat posed by FiveHands ransomware attacks and offering risk mitigation tips.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
MAY 3, 2021
Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses and consumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you can find some of the most common causes of data breaches. However, you will also be surprised to learn that most breaches result from inadequate data security measures.
eSecurity Planet
MAY 3, 2021
MITRE Engenuity last month released the latest MITRE ATT&CK evaluations of endpoint security products, and the results contain some pretty big surprises. MITRE doesn’t analyze or comment on the evaluations and instead just makes the data available for vendors and cybersecurity buyers to use as they see fit. That said, the raw numbers alone contain some interesting insights.
Schneier on Security
MAY 6, 2021
Nice video of a talk by Chris Shore on the history of Colossus.
Data Breach Today
MAY 5, 2021
ISP Belnet Targeted by Waves of Attacks The websites of about 200 public and private entities in Belgium were knocked fully or partially offline Tuesday by a distributed denial-of-service attack against the publicly funded internet service provider Belnet.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
MAY 1, 2021
Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The vendor doesn’t provide technical details of the attacks, it is not clear if the ransomware gang exploited know vulnerabilities. “The QNAP security team has detected suspicious ransomware in the wild known as AgeLocker, which has the potential to affect QNAP NAS devices.R
Thales Cloud Protection & Licensing
MAY 6, 2021
Harness the Power of Recurring Business Models. jstewart. Thu, 05/06/2021 - 16:01. The experts call it many things: digital transformation, servitization strategies, and business model diversification. Regardless of the name, the end result is the same: recurring revenues. During the Covid-19 crisis, companies that have successfully invested and executed recurring business models have proven more resilient than those who have not.
Schneier on Security
MAY 5, 2021
There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago. Details : The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains
Data Breach Today
MAY 7, 2021
Check Point Report Describes Flaw's Technical Details A severe vulnerability in a system on certain Qualcomm chips, which has been patched, potentially could have enabled attackers to remotely control Android smartphones, access users' text messages and listen in on conversations, according to a new report from Check Point Software Technologies.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
MAY 6, 2021
Experts spotted a new malware, dubbed Moriya rootkit, that targets Windows systems as part of cyberespionage campaign dubbed TunnelSnake. An unclassified threat actor employed a new stealthy malware, dubbed Moriya rootkit, to compromise Windows systems. Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been active since at least 2018.
WIRED Threat Level
MAY 1, 2021
Warrantless searches, tracking troops, and more of the week’s top security news.
Threatpost
MAY 7, 2021
NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities.
Expert insights. Personalized for you.
347 
Let's personalize your content