Security News > 2022 > February

5 ways to improve the governance of unstructured data. Businesses have to govern their data to keep it clean and organized for better use and Data governance is a collection of processes, roles, policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals with that data.

CISA is putting the thumbscrews on federal agencies to get them to patch an actively exploited Windows vulnerability. The move means that Federal Civilian Executive Branch agencies have until Feb. 18, 2022 to remediate the vulnerability, which affects all unpatched versions of Windows 10.

An unauthenticated API call vulnerability in DPD Group's package tracking system could have been exploited to access the personally identifiable details of its clients. DPD Group is a parcel delivery service with a global presence, shipping around two billion parcels annually worldwide.

Flubot, the Android spyware that's been spreading virally since last year, has hitched its infrastructure wagon up to another mobile threat known as Medusa. That's according to ThreatFabric, which found that Medusa is now being distributed through the same SMS-phishing infrastructure as Flubot, resulting in high-volume, side-by-side campaigns.

The interesting part about where IBM is actually headed is, security and what we actually do in security is about protecting the surface area. When you look at Snyk and Snyk's kind of whole ethos is to say, "Well, that's the core. That's the heart. You have to be developer-first." And the meaning of that, one of my favorite things to do is to talk to a chief security officer and say, "Yes, you're kind of here to sort of help secure the organization and you are the one likely to sign the check, but you're not the most important user of the product." Because the most important user of the product, the biggest risk we both face is the developers don't actually pick it up.

It's more expensive and riskier than ever to launch ransomware attacks, and ransomware groups have responded by mounting fewer attacks with higher ransomware demands, Coveware has reported, finding that the average ransomware payment in the fourth quarter of last year climbed by 130 percent to reach $322,168. First discovered by the MalwareHunterTeam, the operators of the Rust-coded BlackCat ransomware call themselves ALPHV, but the MalwareHunterTeam dubbed them BlackCat after the image used on the payment page the victims must visit on Tor to pay, Bleeping Computer reported.

Collaborate with portions of your Bitwarden Vault with Organizations. You can create an Organization with a free Bitwarden account, but you're limited to only two users and two collections.

Russia arrested six people today, allegedly part of a hacking group involved in the theft and selling of stolen credit cards. Russian media reports that the arrests come at the request of investigators from the Ministry of Internal Affairs of the Russian Federation.

Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. Russian media reports that the arrests come at the request of investigators from the Ministry of Internal Affairs of the Russian Federation.

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. The data breach notification filed with several attorney generals' offices earlier this month says the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud cloud environment before encrypting the data.