Trending Articles

Elite Russian Sandworm Hackers' Epic OPSEC Problem

Data Breach Today

US Indictment Airs Russian Military and Operators' Dirty Laundry An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators.

The Now-Defunct Firms Behind 8chan, QAnon

Krebs on Security

Some of the world’s largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Elite Russian Sandworm Hackers' OPSEC Problem

Data Breach Today

US Indictment Airs Russian Military's Dirty Laundry Although Russia's elite nation-state hackers are capable of waging destructive attacks, the GRU military intelligence Sandworm operators have not been able to remain in the shadows, a U.S. federal grand jury indictment suggests

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

There is no shortage of innovative cybersecurity tools and services that can help companies do a much better job of defending their networks. Related: Welcome to the CyberXchange Marketplace In the U.S. alone, in fact, there are more than 5,000 cybersecurity vendors. For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

B2B 137

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

New Report on Police Decryption Capabilities

Schneier on Security

There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by law enforcement in the United States.

More Trending

6 Russians Indicted for Destructive NotPeyta Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S.

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

WIRED Threat Level

The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history. Security Security / Cyberattacks and Hacks

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry.

Cognitive Technologies White Paper

National Archives Records Express

This post is written by Sharmila Bhatia and Markus Most. We are pleased to announce the release of a white paper on the records management implications of: Internet of Things (IoT) Robotic Process Automation (RPA) Machine Learning (ML) Artificial Intelligence (AI).

Paper 97

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

NSS Labs Shuttered

Dark Reading

The testing firm's website says it has 'ceased operations' as of Oct.

IT 110

US Alleges Iran Sent Threatening Emails to Democrats

Data Breach Today

Iran is Attempting to Intimidate Voters and Manipulate Election, US Officials Warn U.S.

215
215

How Police Can Crack Locked Phones—and Extract Information

WIRED Threat Level

A report finds 50,000 cases where law enforcement agencies turned to outside firms to bypass the encryption on a mobile device. Business Business / National Affairs Security

Four npm packages found opening shells and collecting info on Linux, Windows systems

Security Affairs

On Thursday, four JavaScript packages have been removed from the npm portal because they have been found containing malicious code. NPM staff removed four JavaScript packages from the npm portal because were containing malicious code.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Split-Second Phantom Images Fool Autopilots

Schneier on Security

Researchers are tricking autopilots by inserting split-second images into roadside billboards.

Paper 92

Ransomware Attacks Show Little Sign of Slowing in 2021

Dark Reading

Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks

Facebook Promises Privacy Reform. Critics Aren't Convinced

WIRED Threat Level

In an interview with WIRED, Facebook's chief privacy officers argue that the company has turned a corner. Again. Security Security / Privacy

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online.

Paper 97

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

NSA Advisory on Chinese Government Hacking

Schneier on Security

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers.

US Treasury Sanctions Russian Institution Linked to Triton Malware

Dark Reading

Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports

93

Trickbot Rebounds After 'Takedown'

Data Breach Today

CrowdStrike: Botnet's Activity Has Already Picked Up The recent "takedown" of Trickbot by Microsoft and others had only a temporary effect; the botnet's activity levels have already rebounded, according to Crowdstrike and other security firms

Microsoft Teams Phishing Attack Targets Office 365 Users

Threatpost

Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day

Security Affairs

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day.

The US Sanctions Russians For Potentially ‘Fatal’ Malware

WIRED Threat Level

The message is meant to deter any similar attack against US infrastructure. Security Security / National Security

A Pause to Address 'Ethical Debt' of Facial Recognition

Dark Reading

Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology

90

6 Russians Indicted for NotPeyta Campaign, Other Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Ransomware attackers donate stolen money to charity

IT Governance

A criminal hacking group that extorted millions of dollars in a series of cyber attacks is now donating money to charity. The DarkSide crooks said they wanted to “make the world a better place”, after posting receipts for $10,000 in Bitcoin donations to The Water Project and Children International.

Microsoft took down 120 of 128 Trickbot servers in recent takedown

Security Affairs

Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers.

IoT 92

A Cut Cable Knocked Out Virginia's Voter Registration Site

WIRED Threat Level

Plus: Barnes and Noble got hacked, Zoom adds real end-to-end encryption, and more of the week's top security news. Security Security / Security News