Trending Articles

US Senators Warn of National Security Threats From China

Data Breach Today

Intelligence Committee's Top Republican And Democrat Back DNI Assessment The top Republican and Democrat on the U.S. Senate Intelligence Committee have issued a warning about the national security threats posed by the Chinese government.

IRS to Make ID Protection PIN Open to All

Krebs on Security

The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Serious Apple iOS Exploit Enabled Nearby Device Takeover

Data Breach Today

Zero-Click Exploit' Hacked 'Any Device in Radio Proximity' via WiFi Until May, all Apple iOS devices were vulnerable to a "zero-click exploit" that would have allowed hackers to remotely gain complete control and view all emails, photos, private messages and more, says Google security researcher Ian Beer.

A ‘Magical Bug’ Exposed Any iPhone in a Hacker's Wi-Fi Range

WIRED Threat Level

A Google researcher found flaws in Apple's AWDL protocol that would have allowed for a complete device takeover. Security Security / Cyberattacks and Hacks

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Enigma Machine Recovered from the Baltic Sea

Schneier on Security

Neat story : German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during World War Two which they believe was thrown overboard from a scuttled submarine.

More Trending

'Return to Office' Phishing Emails Aim to Steal Credentials

Data Breach Today

Researchers: Employees Lured With Messages About Shift to Workplace Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office

Bomb Threat, DDoS Purveyor Gets Eight Years

Krebs on Security

A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S.

A Broken Piece of Internet Backbone Might Finally Get Fixed

WIRED Threat Level

Efforts to secure the Border Gateway Protocol have picked up critical momentum, including a big assist from Google. Security Security / Security News

Impressive iPhone Exploit

Schneier on Security

This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device­ — over Wi-Fi, with no user interaction required at all.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Google discloses a zero-click Wi-Fi exploit to hack iPhone devices

Security Affairs

Google Project Zero expert Ian Beer on Tuesday disclosed a critical “wormable” iOS flaw that could have allowed to hack iPhone devices.

Defense Bill Would Restore White House Cybersecurity Post

Data Breach Today

Measure Is the Latest Effort to Revive Position A defense policy bill that Congress plans to vote on later this month now includes a provision that would restore the position of national cyber director at the White House, says Rep. Jim Langevin, D-R.I.

Account Hijacking Site OGUsers Hacked, Again

Krebs on Security

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked.

Potential Nation-State Actor Targets COVID-19 Vaccine Supply Chain

Dark Reading

Companies involved in technologies for keeping vaccines cold enough for safe storage and transportation are being targeted in a sophisticated spear-phishing campaign, IBM says

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Open Source Does Not Equal Secure

Schneier on Security

Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws. Security researchers are fickle and busy people. They do not have the time to examine every piece of source code that is published.

K12 education giant paid the ransom to the Ryuk gang

Security Affairs

Online education giant K12 Inc. was hit by Ryuk ransomware in the middle of November and now has paid a ransom to avoid data leak. The education company Online education giant K12 Inc. has paid a ransom to the ransomware operators after the gang infected its systems in November. K12 Inc.

List of data breaches and cyber attacks in November 2020 – 586 million records breached

IT Governance

We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below.

Baltimore County Public Schools Closed Due to Ransomware Attack

Dark Reading

The incident struck the day before Thanksgiving and interfered with online classes for some 115,000 students, officials report

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Manipulating Systems Using Remote Lasers

Schneier on Security

Many systems are vulnerable : Researchers at the time said that they were able to launch inaudible commands by shining lasers — from as far as 360 feet — at the microphones on various popular voice assistants, including Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant. […].

Paper 99

Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

Security Affairs

E-Land Retail suffered a ransomware attack, Clop ransomware operators claim to have stolen 2 million credit cards from the company. E-Land Retail is a South Korean conglomerate headquartered in Changjeon-dong Mapo-gu Seoul, South Korea.

Canon: Ransomware Attack Exposed Employee Data

Data Breach Today

Company Finally Acknowledges Earlier Incident Exposed Corporate Information Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information, such as Social Security numbers and financial account numbers

What Is the Signal Encryption Protocol?

WIRED Threat Level

As the Signal protocol becomes the industry standard, it's worth understanding what sets it apart from other forms of end-to-end encrypted messaging. Security Security / Privacy

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Inside North Korea's Rapid Evolution to Cyber Superpower

Dark Reading

Researchers examine North Korea's rapid evolution from destructive campaigns to complex and efficient cyber operations

100
100

Media and Marketing Leaders: It’s Time to Stand Up For Truth

John Battelle's Searchblog

Why “information equity” matters. An idea has been tugging at me for months now, one I’ve spent countless hours discussing and debating with leaders in marketing, media, and journalism. And as I often do, I’m turning to writing to see if I can push it into more concrete form.

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

Security Affairs

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913.

Nintendo Hacker's Sentence: 3 Years in Prison

Data Breach Today

Prosecutors Say Ryan Hernandez Used Phishing Emails to Steal Confidential Data A 21-year-old California man who pleaded guilty to repeatedly hacking gaming company Nintendo to steal confidential data has been sentenced to serve three years in federal prison, according to the U.S. Justice Department

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

The US Used the Patriot Act to Justify Logging Website Users

WIRED Threat Level

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news. Security Security / Security News

Driven by Ransomware, Cyber Claims Rise in Number & Value

Dark Reading

Companies are on track to file 27% more cyber claims in 2020, one insurer estimates, while another underwriter finds five out of every 100 companies file a claim each year

Kmart, Latest Victim of Egregor Ransomware – Report

Threatpost

The struggling retailer's back-end services have been impacted, according to a report, just in time for the holidays. Malware Web Security back-end servers cyberattack egregor holiday shopping Kmart ransomware

Retail 104