Trending Articles

Cyber Incident Knocks Construction Firm Palfinger Offline

Data Breach Today

Unknown Attack Has Disrupted the Company's Global IT Infrastructure The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.

International Action Targets Emotet Crimeware

Krebs on Security

Authorities across Europe on Tuesday said they’d seized control over Emotet , a prolific malware strain and cybercrime-as-service operation.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. Related: Digital certificates destined to play key role in securing DX. Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map.

B2B 140

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Security Affairs

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users.

Sales 103

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Why North Korea Excels in Cybercrime

Dark Reading

North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it

IT 112

More Trending

A Site Published Every Face From Parler's Capitol Riot Videos

WIRED Threat Level

Faces of the Riot used open source software to detect, extract, and deduplicate every face from the 827 videos taken from the insurrection on January 6. Security Security / Privacy

Massive Brazilian Data Breach

Schneier on Security

I think this is the largest data breach of all time: 220 million people. Lots more stories are in Portuguese

Ransomware attack hit WestRock IT and OT systems

Security Affairs

Packaging giant WestRock disclosed a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems.

Pay-or-Get-Breached Ransomware Schemes Take Off

Dark Reading

In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

DDoS Attackers Exploit Vulnerable Microsoft RDP Servers

Data Breach Today

Researchers: 33,000 Vulnerable Servers Could Be Used to Amplify Attacks Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify DDoS attacks, according to a report from Netscout, which offers mitigation advice

212
212

Parler Finds a Reprieve in Russia—but Not a Solution

WIRED Threat Level

The far-right platform still hasn't found a US-based home. Where it lands could have serious consequences for its users' privacy. Security Security / Security News

Insider Attack on Home Surveillance Systems

Schneier on Security

No one who reads this blog regularly will be surprised : A former employee of prominent home security company ADT has admitted that he hacked into the surveillance feeds of dozens of customer homes, doing so primarily to spy on naked women or to leer at unsuspecting couples while they had sex. […].

Security firm SonicWall was victim of a coordinated attack

Security Affairs

The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday.

Access 100

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Learn SAML: The Language You Don't Know You're Already Speaking

Dark Reading

Security Assertion Markup Language, a protocol most people use daily to log into applications, makes authentication easier for both admins and users. Here's what you need to know about SAML (and what it has to do with 'GoldenSAML

Fueled by Record Profits, Ransomware Persists in New Year

Data Breach Today

Increasing Ransomware Varieties and Attack Volume Look Set to Continue, Experts Warn Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay.

'2034: A Novel of the Next World War,' an Exclusive Excerpt

WIRED Threat Level

What if things escalated? What if communications were knocked out? What if cyberwar was just the start? A note about this special six-part series. Security Security / National Security

Tory party illegally collected data on ethnicity of 10m voters, MPs told

The Guardian Data Protection

Information commissioner says data was voluntarily deleted amid concerns about ‘weak’ enforcement The Conservative party acted illegally when it collected data on the ethnic backgrounds of 10 million voters before the 2019 general election, the information commissioner has told a committee of MPs.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

KindleDrip exploit – Hacking a Kindle device with a simple email

Security Affairs

KindleDrip : Amazon addressed a number of flaws affecting the Kindle e-reader that could have allowed an attacker to take control of victims’ devices.

How to Better Secure Your Microsoft 365 Environment

Dark Reading

Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments

Cloud 101

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Data Breach Today

Chimera' Exfiltrates Intellectual Property, Personal Data A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to the NCC Group

Flash Is Dead—but Not Gone

WIRED Threat Level

Zombie versions of Adobe’s troubled software can still cause problems in systems around the world. Security Security / Security News

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

How Many COBOL Programmers Does it Take to Change a Lightbulb?

Micro Focus

COBOL’s continued popularity receives further evidence. Digital Marketing expert and avid COBOL fan Mark Plant reports that another major milestone has been met – this time on Facebook. The answer to the jokey headline is: None – that’s a hardware problem of course!

Abusing Windows RDP servers to amplify DDoS attacks

Security Affairs

Threat actors are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. Attackers are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks.

Hacker Pig Latin: A Base64 Primer for Security Analysts

Dark Reading

The Base64 encoding scheme is often used to hide the plaintext elements in the early stages of an attack that can't be concealed under the veil of encryption. Here's how to see through its tricks

Intel Investigating Hack of Confidential Financial Report

Data Breach Today

Incident Forced Intel to Release Results Earlier Than Planned Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned

Access 220

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

2034, Part I: Peril in the South China Sea

WIRED Threat Level

“We've got a ship in duress that hasn't sent out a distress signal. Something doesn't add up.”. Backchannel Security Security / National Security

What is a DoS (Denial-of-Service) Attack?

IT Governance

Denial-of-service (DoS) attacks are intended to shut down or severely disrupt an organisation’s systems. Unlike most cyber attacks, the goal isn’t to steal sensitive information but to frustrate the victim by knocking their website offline.

Risk 81

Cryptomining DreamBus botnet targets Linux servers

Security Affairs

Zscaler’s research team recently spotted a Linux-based malware family, tracked as DreamBus botnet, targeting Linux servers. Researchers at Zscaler’s ThreatLabZ research team recently analyzed a Linux-based malware family, tracked as DreamBus Botnet, which is a variant of SystemdMiner.