Cloud security breaches consistently make news headlines, yet the stories of these breaches are often framed with vague explanations—a "misconfigured database" or mismanagement by an unnamed third party. Concerns about security have led some CIOs to limit their organizational use of public cloud services. However, the challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology. Full Story: ISACA
UK regulators have closed the books on one of the biggest cyberbreaches in the country's history, fining British Airways roughly US $26 million for the leak of data involving over 400,000 customers. Regulators reduced the proposed fine, citing the pandemic's effects on airlines and British Airways' response.
IBM views the Confidential Computing standard as a key to "unlocking the next generation of cloud adoption," says Hillery Hunter, IBM Cloud's chief technology officer. The process employs encryption that can only be accessed with keys held by the client, meaning the data can't be accessed even when passing through other applications.
Google's Threat Analysis Group says China-backed hacking group APT 31, which is thought to be behind the phishing campaign that targeted Joe Biden's campaign this year, is now posing as antivirus provider McAfee to attack high-profile targets. The group reportedly prompts the victim to install a legitimate version of McAfee antivirus software hosted on GitHub via an email link, while malware is installed simultaneously.
Azure Defender for IoT, Microsoft's security product for internet of things and operational technology devices, has entered public preview. The service alerts IT teams to malware, unauthorized connections and devices, changes to firmware and other security concerns.
The Justice Department recently charged 14 individuals -- in addition to five charged last year -- linked to the QQAAZZ money-laundering group, which has been operating since 2016 and has worked with malware groups such TrickBot, Dridex and GozNym. The group allegedly operated a huge network of bank accounts around the world.
The third quarter brought a significant increase in merger-and-acquisition deals in legaltech, according to investment company Raymond James. About two-thirds of the deals were facilitated by private equity funds, the report found, with the majority of them considered "PE-backed corporate bolt-ons."
A rift seems to have developed between in-house legal departments and law firms to eager to guard the legaltech solutions they develop, observers say. A partner at a UK firm explains a major sticking point: issues that might come up when a client wants to "piggyback off of licensing arrangements that law firms might have to use software."
Australia-based Legaler has launched a charity to crowdfund social justice cases and match them with willing lawyers. The project, called Legaler Aid, is for cases in the US and Australia and uses blockchain to inform donors where their contributions are used in helping litigants "navigate an overpriced legal system."
Google has updated its core search engine with artificial intelligence and machine learning techniques to improve results for users. Chief among the improvements to Search are an algorithm that identifies poorly spelled queries, an AI system that divides broader searches into subtopics, a feature that indexes individual passages from webpages, and an algorithm that identifies a song based on a hum, whistle or tune provided by the user.