Trending Articles

Building Trust in Quantum Computing

Data Breach Today

William Dixon of World Economic Forum on the Need to Create a Coalition William Dixon of the World Economic Forum is calling for the formation of a "quantum computing security coalition" to help build trust in the technology, which could play a key role in enhancing security

179
179

Hacking a Coffee Maker

Schneier on Security

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it.

IoT 99

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Want Your Coffee Machine Back? Pay a Ransom

Data Breach Today

Research Highlights Danger of Insecure Firmware in Line of Coffee Machines An internet-connected coffee machine is the IoT latest device to show security problems. Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water.

IoT 221

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam. A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them.

More Trending

FBI, CISA Warn of Election Results Disinformation Campaigns

Data Breach Today

Nation-States, Others Could Try to Undermine Confidence in Election Process With less than 45 days to go before the November election, the FBI and CISA have issued a warning that nation-state hackers and cybercriminals may attempt to spread disinformation regarding the final vote tallies as a way to undermine confidence in the voting process.

249
249

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Krebs on Security

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented case of a cyberattack causing a fatality.

Ransomware attack on Tyler Technologies might be worse than initially thought

Security Affairs

Customers of Tyler Technologies are reporting finding suspicious logins and previously unseen remote access tools on their infrastructure. Tyler Technologies, Inc. is the largest provider of software to the United States public sector.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

179 Arrested in Massive Global Dark Web Takedown

WIRED Threat Level

Operation Disruptor is an unprecedented international law enforcement effort, stemming from last year’s seizure of a popular underground bazaar called Wall Street Market. Security Security / Security News

Cybercrime Review: Hackers Cash in on COVID-19

Data Breach Today

Phishing, Spam, Malware, Social Engineering and Other Recent Attack Trends Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king.

Who is Tech Investor John Bernard?

Krebs on Security

John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his wife on their honeymoon in India.

Information Governance Community Mourns the Loss of Les Bossert and Bob Haskins

IG Guru

Hard to believe the industry lost two great volunteers and people this week. Below is a message from the ICRM regarding Mr. Les Bossert followed by the message from i-Sigma regarding Mr. Bob Haskins.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Victims of ThunderX ransomware can recover their files for free

Security Affairs

Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files.

How Twitter Survived Its Biggest Hack—and Plans to Stop the Next One

WIRED Threat Level

On July 15, Twitter melted down. On Election Day, that's not an option. Security Security / Cyberattacks and Hacks

IT 104

Can Schools Pass Their Biggest Cybersecurity Test Yet?

Dark Reading

Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks

On Executive Order 12333

Schneier on Security

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware.

The Election Threats That Keep US Intelligence Up at Night

WIRED Threat Level

Government officials have increasingly sounded alarms on the risks of foreign interference and disinformation campaigns leading up to—and after—November 3. Security Security / National Security

Risk 78

Cybersecurity Firm McAfee Files for IPO

Data Breach Today

Separately, Ivanti Buys Security Firms MobileIron and Pulse Secure McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market.

Making the Case for Medical Device Cybersecurity

Dark Reading

With an increasing number of Internet-connected medical devices in use to manage diabetes, protection against a variety of wireless network attacks could very well be a matter of life and death for patients

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Amazon Delivery Drivers Hacking Scheduling System

Schneier on Security

IT 87

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Windows XP Source Code Got Leaked All Over the Internet

WIRED Threat Level

Plus: A cruel phishing test, ransomware hits Russia, and more of the week's top security news. Security Security / Security News

FBI Warns: Credential Stuffing Attacks on the Rise

Data Breach Today

Stolen Credentials, Lack of MFA Leading to Millions in Banking Losses The FBI is warning organizations in the financial sector about an increase in botnet-launched credential stuffing attacks that are leading to the theft of millions.

188
188

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

State-Sponsored Hacking Groups Increasingly Use Cloud & Open Source Infrastructure

Dark Reading

Microsoft shuts down Azure Active Directory instances used by attackers to evade detection and warns that the use of open source tools by espionage groups is growing

Cloud 72

Universal Health Services Ransomware Attack Impacts Hospitals Nationwide

Threatpost

The Ryuk ransomware is suspected to be the culprit. Critical Infrastructure Malware death Downtime employees Hospitals patient safety Ransomware Attack ryuk UHS united health services

Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Security Affairs

Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium.

Cloud 89