Krebs on Security
JANUARY 6, 2022
Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it.
Dark Reading
JANUARY 6, 2022
Attackers use the comment feature in Google Docs to email victims and lure them into clicking malicious links.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
JANUARY 2, 2022
The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA! — Powerful Greek Army (@PowerfulGRArmy) January 2, 2022.
The Last Watchdog
JANUARY 6, 2022
Cyber threats continue to gain momentum and there are still not enough ways to counter it. Related: Why the ‘Golden Age’ of cyber espionage is upon us. The global threat intelligence market size was estimated at $10.9 billion in 2020 and will grow to $16.1 billion by 2025. Yet, according to the study by the Ponemon Institute, the number of insider leaks has increased by 47 percent in 2020 compared to 2018.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
eSecurity Planet
JANUARY 6, 2022
About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Third-party security, ransomware , artificial intelligence (AI) and decentralized finance (DeFi) are some of the threats you can expect to see more of this year – with the potential for far worse results than we’ve seen in the past. Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
JANUARY 2, 2022
The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. Impresa owns SIC TV channel, and Expresso newspaper, among other leading media, like several magazine publications. The attack took place during the New Year holiday, the websites of the Impresa group, the SIC TV channels, and the Expresso were forced offline.
The Last Watchdog
JANUARY 4, 2022
APIs are putting business networks at an acute, unprecedented level of risk – a dynamic that has yet to be fully acknowledged by businesses. Related: ‘SASE’ framework extends security to the network edge. That said, APIs are certain to get a lot more attention by security teams — and board members concerned about cyber risk mitigation — in 2022.
Thales Cloud Protection & Licensing
JANUARY 5, 2022
Trends and Predictions for 2022 – More of the Same? madhav. Wed, 01/05/2022 - 05:12. What will 2022 bring for cybersecurity? Are we going to see more of the same as we did in 2021? During the latest Thales Security Sessions podcast , hosted by Neira Jones, I had the pleasure to discuss what we can expect in 2022 with Andy Green, CISO at Gemserv, and how the many changes have impacted the security landscape.
Schneier on Security
JANUARY 6, 2022
DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% jump over 2020 (23.6 billion). That’s big. Even so, the company, which bills itself as the “Internet privacy company,” offering a search engine and other products designed to “empower you to seamlessly take control of your personal information online without any tradeoffs,” remains a rounding error compared to Google
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
JANUARY 7, 2022
The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 million users, the attack took place before the holidays. Stolen data are now available for sale on multiple cybercrime forums. FlexBooker is an online appointment scheduling platform that allows users to schedule appointments and sync employee calendars.
Hunton Privacy
JANUARY 6, 2022
Stephen Mathias from Kochhar & Co. reports that on December 16, 2021, the Indian Joint Parliamentary Committee (the “JPC”) submitted its report on India’s draft Data Protection Bill (the “Bill”). The Bill is now likely to be passed by Parliament in its next session, beginning in February 2022, and likely will enter into force in the first half of 2022.
Dark Reading
JANUARY 4, 2022
Security Pro File: The years at the National Security Agency shaped Vinnie Liu's views on security. "We're missionaries, not mercenaries," he says.
Threatpost
JANUARY 7, 2022
There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
JANUARY 6, 2022
NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. The New York State Office of the Attorney General (NY OAG) has warned 17 companies that roughly 1.1 million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve botnets trying stolen login credentials usually obtained through phishing attacks and data breaches.
OpenText Information Management
JANUARY 7, 2022
Following the turbulence that the last two years have brought to the Healthcare industry, this sector is ripe for transformation. As is true in many industries, success is dependent upon the effective use of data drawn from every source possible and securely shared across the organization. Here’s how I see the year playing out for … The post 2022 predictions for Healthcare providers appeared first on OpenText Blogs.
Dark Reading
JANUARY 6, 2022
A handful of malicious tools that emerged last year showed threat actors may be getting more serious about attacking Apple macOS and iOS environments.
Threatpost
JANUARY 6, 2022
ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
JANUARY 1, 2022
U.S. online store PulseTV disclosed a potential credit card data breach, more than 200,000 customers have been impacted. U.S. online store PulseTV has disclosed a credit card data breach that has impacted more than 200,000 customers. According to the notification letter published by the Office of the Maine Attorney General, VISA informed the company on March 8, 2021, that its website (www.pulsetv.com) was a common point of purchase for some unauthorized credit card transactions due to a possible
WIRED Threat Level
JANUARY 3, 2022
You’ll never be able to get a clean slate—but you can significantly downsize your digital footprint.
Dark Reading
JANUARY 5, 2022
The Malsmoke attack group is behind a campaign that has exploited the Microsoft e-signature verification tool to target 2,100 victims.
Threatpost
JANUARY 6, 2022
A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
JANUARY 2, 2022
Microsoft released an emergency patch to fix the Y2k22 bug that is breaking email delivery on on-premise Microsoft Exchange servers. Microsoft has rolled out an emergency fix that addresses the Y2k22 bug that is breaking email delivery on on-premise Microsoft Exchange servers since January 1st, 2022. “We have addressed the issue causing messages to be stuck in transport queues of on-premises Exchange Server 2016 and Exchange Server 2019.
Schneier on Security
JANUARY 7, 2022
Norton 360 can now mine Ethereum. It’s opt-in, and the company keeps 15%. It’s hard to uninstall this option.
Dark Reading
JANUARY 4, 2022
If the CISO is responsible for the security of the organization, then that same person also should be responsible for both security and IT infrastructure.
Threatpost
JANUARY 6, 2022
The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Security Affairs
JANUARY 6, 2022
North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s Eve festivities as a lure.
Hunton Privacy
JANUARY 4, 2022
On December 20, 2021, the UK Information Commissioner’s Office (“ICO”) launched a public consultation on its regulatory approach. The consultation involves three separate documents – the ICO’s Regulatory Action Policy (“RAP”), Statutory Guidance on the ICO’s Regulatory Action , and Statutory Guidance on the ICO’s PECR Powers. The RAP sets forth the ICO’s risk-based approach to regulatory action and explains the factors the ICO considers before taking regulatory action, how the ICO works with oth
Dark Reading
JANUARY 7, 2022
The most successful strategies for protecting IT and OT from growing threats will include use of both the ISO 27000 series and ISA/IEC 62443 family of standards.
Expert insights. Personalized for you.
349 
Let's personalize your content