Data Breach Today
MAY 18, 2021
Experts Say the Technologies Won't Mean Fewer SOC Analyst Jobs Security orchestration, automation and response technologies, or SOAR, give organizations the ability to manage an increasing number of alerts. But security experts say there's no worry that SOAR will replace people. In fact, SOAR could help with staff retention.
WIRED Threat Level
MAY 17, 2021
Even when you pay for a decryption key, your files may still be locked up by another strain of malware.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
MAY 20, 2021
However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.
Krebs on Security
MAY 21, 2021
One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns. Here’s the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job offer was too-good-to-be-true. Last week, someone began began posting classified notices on LinkedIn for different design consulting jobs at Geosyntec Consultants , an environmental engi
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Security Affairs
MAY 20, 2021
Microsoft released SimuLand, an open-source tool that can be used to build lab environments to simulate attacks and verify their detection. Microsoft has released SimuLand, an open-source lab environment that allows to reproduce the techniques used in real attack scenarios. The tool could be used to test and improve Microsoft solutions, including Microsoft 365 Defender, Azure Defender, and Azure Sentinel defenses against real attack scenarios. “SimuLand is an open-source initiative by Micr
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
MAY 20, 2021
In 2011, Chinese spies stole the crown jewels of cybersecurity—stripping protections from firms and government agencies worldwide. Here’s how it happened.
Krebs on Security
MAY 19, 2021
Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating. Even so, plenty of people willingly abandon a mobile number without considering the potential fallout to their digital identities when those digits invariably get reassigned to someone el
Security Affairs
MAY 20, 2021
Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The RAT was designed to steal data from victims while masquerading as a ransomware attack. The Java-based STRRAT RAT was distributed in a massive spam campaign, the malware shows ransomware-like behavior of appending the file name extension.crimson to
Data Breach Today
MAY 21, 2021
Passport, Credit Card Information Exposed Air India says millions of its customers were affected by a February data breach at SITA, a third-party data processing service based in Switzerland that serves many airlines.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
AIIM
MAY 18, 2021
Quick question: What’s your business’s most prized asset? Is it a tangible asset, like a high-rise building in an upmarket area? Is it owning groundbreaking high-tech tools? What about your inventory, cash, or cash equivalents? In today’s knowledge economy, it's knowledge assets that are vital to a company’s growth. When you think about it, knowledge assets are more important than tangible assets.
WIRED Threat Level
MAY 19, 2021
If clicking crosswalks makes your blood boil, you’re not alone. Fortunately, there are some tips that make solving those challenges way less frustrating.
Security Affairs
MAY 16, 2021
Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti ransomware gang. Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack. The Health Service Executive opted to shut down its infrastructure as a precaution to avoid the threat from spreading.
Data Breach Today
MAY 19, 2021
'It Was the Right Thing to Do for the Country' Colonial Pipeline Co.'s CEO, Joseph Blount, said Wednesday that he authorized the payment of a $4.4 million ransom just hours after the company was hit by a DarkSide ransomware attack, telling The Wall Street Journal, "It was the right thing to do for the country.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Last Watchdog
MAY 18, 2021
Keeping up with the pace of technology, information, and the evolving threat landscape is a challenge for all enterprises. Related: DHS launches 60-day cybersecurity sprints. To make matters more difficult, implementing new security software and processes to address these issues is another big hurdle, often causing disruption—and not the good kind. But with mounting pressure to replace legacy, perimeter-centric defenses with cloud- and hybrid-cloud protection, many organizations are stuck betwee
WIRED Threat Level
MAY 15, 2021
Instead of a hard cutoff, the messaging app will gradually degrade and eventually cease to function if you don’t accept the changes.
Security Affairs
MAY 16, 2021
Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. The Company offers risk management, mutual funds, analysis, financial planning, and advisory services.
Data Breach Today
MAY 21, 2021
House Committee to Probe Ransomware Attack That Led to Pipeline Shutdown After revealing Colonial Pipeline Co. paid attackers $4.4 million after a ransomware attack, CEO Joseph Blount has been scheduled to testify at a House Homeland Security Committee hearing June 9.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
AIIM
MAY 20, 2021
The practice of Knowledge Management carries many benefits for your organization , including increased efficiency, better decision-making, improved customer service, and more. With these benefits in mind, let’s get into specific knowledge management tactics you can use to maximize the use of your company’s knowledge assets - six steps you can start working through today!
WIRED Threat Level
MAY 18, 2021
A new privacy dashboard and “app hibernation” are coming to Google's mobile operating system.
Security Affairs
MAY 18, 2021
Researchers at Tesorion released a decryptor for Judge ransomware that also decrypts files encrypted by the NoCry ransomware. In January this year, we published a blog post on our analysis of the Judge ransomware. We announced a free decryptor for Judge victims in this blog post, which is available through the NoMoreRansom initiative. Our decryptor has been helping victims to recover their files for free since its release.
Data Breach Today
MAY 20, 2021
CEO Sudhakar Ramakrishna Says Clues Come From Analysis of Virtual Builds SolarWinds has uncovered evidence that intruders were in its systems in January 2019, about eight months earlier than originally believed. CEO Sudhakar Ramakrishna says the company discovered the clues by analyzing terabytes of data from its virtual build systems.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
The Last Watchdog
MAY 17, 2021
A greater good has come from Capital One’s public pillaging over losing credit application records for 100 million bank customers. Related: How credential stuffing fuels account takeovers. In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services.
Schneier on Security
MAY 21, 2021
This seems to be a new tactic : Emsisoft has identified two distinct tactics. In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B. The other path involves what Emsisoft calls a “side-by-side encryption” attack, in which attacks encrypt some of an organization’s systems with ransomware A and others with ransomware B.
Security Affairs
MAY 16, 2021
Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco Talos warn that the Pakistan-linked APT group Transparent Tribe expanded its Windows malware arsenal. The group used the new malware dubbed ObliqueRAT in cyberespionage attacks against Indian targets.
Data Breach Today
MAY 21, 2021
Janine Darling of Stash Secure Data on Filling Gaps in Current Solutions 5G technology is only one of the current manifestations that reminds us: Globally, are sensitive data is beyond vulnerable. Janine Darling, founder and CEO of Stash Secure Data, is committed to resolving that vulnerability challenge.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
MAY 15, 2021
Much attention has been paid to the widespread failure to detect the insidious Sunburst malware that the SolarWinds hackers managed to slip deep inside the best-defended networks on the planet. Related: The undermining of the global supply chain. But there’s also an encouraging ‘response’ lesson SolarWinds teaches us, as well. Reacting to the disclosure of this momentous supply-chain hack , many of the breached organizations were able to deploy advanced tools and tactics to swiftly root out Sunb
Schneier on Security
MAY 20, 2021
Bizarro is a new banking trojan that is stealing financial information and crypto wallets. …the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app. Using these sneaky methods, trojan operators will implant the malware onto a target device, where it will install a sophisticated backdoor that “contains more than 100 commands and allows the attackers to steal online banking account credentials,”
Security Affairs
MAY 18, 2021
Uptycs’ threat research team discovered a new botnet, tracked as Simps botnet, attributed to Keksec group, which is focused on DDOS activities. Uptycs’ threat research team has discovered a new Botnet named ‘Simps’ attributed to Keksec group primarily focussed on DDOS activities. We discovered the Simps Botnet binaries downloaded via shell script sample and Remote Code Execution vulnerability exploits by Gafgyt – detailed in our earlier post. .
Expert insights. Personalized for you.
264 
Let's personalize your content