2020 - Information Management Today

4 State AGs Punch EyeMed With $2.5 M Fine for 2020 Breach

Data Breach Today

MAY 17, 2023

million fine as part of a settlement in the aftermath of a 2020 email phishing incident that affected 2.1 NJ, Pennsylvania, Oregon, Florida Settlements Follow Earlier Fines by NY Regulators The attorneys general of four states have smacked vision care provider EyeMed Vision Care with a $2.5 million individuals in the United States.

Phishing

NY AG Fines Practice Management Firm $550K in 2020 Breach

Data Breach Today

MAY 23, 2023

Practicefirst Failed to Patch Critical Firewall Flaw That Led to Breach, AG Says A practice management software firm has agreed to pay a $550,000 fine and implement a comprehensive data security program to settle an enforcement action by New York state regulators after a 2020 ransomware attack that affected 1.2

Ransomware

Ransomware Security

Microsoft Patch Tuesday, August 2020 Edition

Krebs on Security

AUGUST 11, 2020

The most concerning of these appears to be CVE-2020-1380 , which is a weaknesses in Internet Explorer that could result in system compromise just by browsing with IE to a hacked or malicious website. More information on CVE-2020-1337, including a video demonstration of a proof-of-concept exploit, is available here.

Security

Security Authentication Access IT

Webinars

The Power of Storytelling in Risk Management

ERM Program Fundamentals for Success in the Banking Industry

MORE WEBINARS

Patch Tuesday, November 2020 Edition

Krebs on Security

NOVEMBER 10, 2020

” A chief concern among all these updates this month is CVE-2020-17087 , which is an “important” bug in the Windows kernel that is already seeing active exploitation. “With no details provided by Microsoft, we can only assume this is the bypass of CVE-2020-16875 he had previously mentioned,” Childs said.

Security

Security Risk IT

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this webinar, you'll be provided with a clear overview of the Anti-Money Laundering Act of 2020 (AMLA), which also includes the Corporate Transparency Act (CTA). The AMLA represents the most significant changes in U.S. anti-money laundering laws since the USA PATRIOT Act of 2001.

IT

Justice Department Probing 2020 Federal Court System Breach

Data Breach Today

JULY 29, 2022

Senator Accuses Court System of Hiding Attack and National Security Consequences A 2020 breach of US courts' digital docketing system was done by three foreign actors, said Rep. Jerry Nadler, D-N.Y., House Judiciary Committee chairman.

Security

Microsoft Patch Tuesday, June 2020 Edition

Krebs on Security

JUNE 9, 2020

Perhaps most troubling of these ( CVE-2020-1301 ) is a remote code execution bug in SMB capabilities built into Windows 7 and Windows Server 2008 systems — both operating systems that Microsoft stopped supporting with security updates in January 2020. Trend Micro’s Zero Day Initiative June 2020 patch lowdown.

Security

Security Authentication IT

Analysis: 2020 Health Data Breach Trends

Data Breach Today

JANUARY 4, 2021

Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020.

Data breaches

Data breaches Phishing Ransomware Security

Microsoft Patch Tuesday, October 2020 Edition

Krebs on Security

OCTOBER 13, 2020

Worst in terms of outright scariness is probably CVE-2020-16898 , which is a nasty bug in Windows 10 and Windows Server 2019 that could be abused to install malware just by sending a malformed packet of data at a vulnerable system. CVE-2020-16898 earned a CVSS Score of 9.8 (10 10 is the most awful).

Security

Security Cybersecurity IT

Report by Dresner Advisory Services: Embedded Business Intelligence Market Study

According to the 2020 Dresner Embedded Business Intelligence Market Study, embedded business intelligence is crucial for application success. This report explores the current state of BI and why application teams are increasingly choosing an embedded solution.

Marketing

2020 Breach Statistics: An Analysis

Data Breach Today

FEBRUARY 5, 2021

data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report. James Lee of the Identity Theft Resource Center Discusses Reasons Behind Breach Decline The decline in the total number of U.S.

Data breaches

Data breaches IT

Microsoft Patch Tuesday, May 2020 Edition

Krebs on Security

MAY 12, 2020

” For example, Satnam Narang from Tenable notes that two remote code execution flaws in Microsoft Color Management ( CVE-2020-1117 ) and Windows Media Foundation ( CVE-2020-1126 ) could be exploited by tricking a user into opening a malicious email attachment or visiting a website that contains code designed to exploit the vulnerabilities.

Security

Security Risk Access IT

Over 400 Cyberattacks at US Public Schools in 2020

Data Breach Today

MARCH 15, 2021

public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. Experts Say Increase Owes to Lack of Funding, Virtual Learning U.S.

Cybersecurity

Cybersecurity IT

Undetected Attacks Against Middle East Targets Conducted Since 2020

Dark Reading

MAY 30, 2023

Targeted attacks against Saudi Arabia and other Middle East nations have been detected with a tool that's been in the wild since 2020.

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

US Intelligence Reports: Russia, Iran Targeted 2020 Election

Data Breach Today

MARCH 17, 2021

intelligence agency reports conclude that Russia and Iran tried to interfere in the 2020 presidential election via disinformation campaigns, but found "no indication that any foreign actor attempted to alter any technical aspect of the voting process," including voting results.

Netscout: 10 Million DDoS Attacks in 2020

Data Breach Today

JANUARY 27, 2021

Researchers Say Pandemic Triggered Surge in Activity The number of distributed denial-of-service attacks launched in 2020 surpassed 10 million, up from 8.5 million in 2019, according to NetScout's Atlas Security Engineering and Response Team.

Security

Third Arrest in Connection With 2020 Twitter Hack

Data Breach Today

JULY 22, 2021

Justice Department for his alleged role in a July 2020 hack of Twitter and additional incidents involving TikTok and Snapchat. Spanish Police Arrested UK Citizen Joseph O'Connor at Request of US Prosecutors A U.K. citizen was arrested in Spain Wednesday at the request of the U.S. This is the third arrest in the Twitter case so far.

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. . We’ll likely see this one in the wild soon.

Security

Security Ransomware Authentication IT

5 Essential Pieces of a Prospecting Solution

Advertiser: ZoomInfo

Is your team focused on building a reliable tech stack for 2020? Forward thinking sales leaders are starting to prioritize technology initiatives. As organizations chase new revenue targets, B2B sales leaders must examine cutting edge prospecting solutions that proactively help reps identify, connect with, and close qualified buyers faster.

B2B

Microsoft Patch Tuesday, April 2020 Edition

Krebs on Security

APRIL 14, 2020

Near the top of the heap is CVE-2020-1020 , a remotely exploitable bug in the Adobe Font Manager library that was first detailed in late March when Microsoft said it had seen the flaw being used in active attacks. Further reading: Qualys breakdown on April 2020 Patch Tuesday. SANS Internet Storm Center on Patch Tuesday.

Security

Security Libraries Authentication IT

Compliance Lessons From 2020 Fraud Cases

Data Breach Today

JANUARY 5, 2021

Panel of Experts Discusses How Technology Can Mitigate Large-Scale Global Fraud What compliance lessons can be learned from major fraud cases in 2020, including the Goldman Sachs bribery case, the Wirecard mass corruption case and the Novartis bribery case? A panel of experts offers in-depth analysis.

Compliance

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Krebs on Security

APRIL 16, 2021

13, 2020, someone uploaded a suspected malicious file to VirusTotal , a service that scans submitted files against more than five dozen antivirus and security products. “In August 2020, a U.S.-based 13, 2020 someone uploaded a file with that same name and file hashes. Image: VirusTotal.com.

Security

Security Authentication Cybersecurity Access

Intelligence Reports: Russia, Iran Targeted 2020 Election

Data Breach Today

MARCH 16, 2021

intelligence agency reports conclude that Russia and Iran tried to interfere in the 2020 presidential election, but their attempts to manipulate votes proved unsuccessful. But Attempts to Manipulate Votes, Change Outcome Were Unsuccessful U.S.

Security

Security Access

2020 Database Strategies and Contact Acquisition Survey Report

Advertiser: ZoomInfo

This report aims to highlight the current state of B2B database and contact acquisition strategies and organizations’ goals to leverage data to fuel their go-to-market strategies in 2020 and beyond.

Authentication

Health Data Breaches in 2020: Ransomware Incidents Dominate

Data Breach Today

OCTOBER 13, 2020

Blackbaud, Magellan Health Incidents Trigger Numerous Breach Notifications Hacking incidents involving ransomware attacks continue to dominate the 2020 health data breach tally, with incidents affecting two companies - Blackbaud and Magellan Health - accounting for numerous breach notifications by their clients.

Data breaches

Data breaches Ransomware

Microsoft Patch Tuesday, March 2020 Edition

Krebs on Security

MARCH 10, 2020

Recorded Future warns exploit code is now available for one of the critical bugs Redmond patched last month in Microsoft Exchange ( CVE-2020-0688 ), and that nation state actors have been observed abusing the exploit for targeted attacks. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.

Security

Security IT

Mark of Ransomware's Success: $370 Million in 2020 Profits

Data Breach Today

MARCH 5, 2021

Proceeds Boosted via Big Game Hunting, Data Leaking, Hitting Healthcare Sector Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.

Ransomware

Ransomware Security Marketing IT

RSA 2020: The Show Must Go On

Data Breach Today

FEBRUARY 13, 2020

Coronavirus Will Not Alter Plans for Event in San Francisco While public health concerns over the spread of the coronavirus are leading to the cancellation of some international events, the RSA Conference 2020 will proceed as scheduled in San Francisco Feb.

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises are pouring money into data management software – to the tune of $73 billion in 2020 – but are seeing very little return on their data investments.

Cloud

Cybersecurity Plan for 2020 US Election Unveiled

Data Breach Today

FEBRUARY 17, 2020

Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure. CISA Describes Its Role as Security Facilitator The U.S.

Cybersecurity

Cybersecurity Security IT

2020 Predictions: Targeted Ransomware and 5G Vulnerabilities

Data Breach Today

MARCH 10, 2020

WatchGuard's Corey Nachreiner on Threat Report's Top 3 Predictions New ransomware variants are targeting managed service and cloud service providers: This is one of the predictions made by WatchGuard Technologies for 2020. CTO Corey Nachreiner discusses the top three predictions.

Ransomware

Ransomware Cloud

Patch Tuesday, Good Riddance 2020 Edition

Krebs on Security

DECEMBER 8, 2020

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load.

Security

Security Risk IT

The Best of RSA Conference 2020

Data Breach Today

MARCH 25, 2020

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.

Information Security

Information Security Security

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

February 27, 2020 9:30AM PST, 12:30PM EST, 5:30PM GMT. How a platform-based approach can solve modern content challenges. Strategies to avoid the risks of modernization by future-proofing your organizational infrastructure.

ECM

Inside Webroot 2020 Threat Report

Data Breach Today

MARCH 2, 2020

Hal Lonas of OpenText Shares Cybersecurity Predictions Webroot just released its 2020 Threat Report. How has the landscape changed, and what cybersecurity predictions are made for 2020? Hal Lonas of OpenText shares insights and outlines the next round of research into artificial intelligence and machine learning.

Artificial Intelligence

Artificial Intelligence Cybersecurity IT

Patch Tuesday, January 2020 Edition

Krebs on Security

JANUARY 14, 2020

As first reported Monday by KrebsOnSecurity, Microsoft addressed a severe bug ( CVE-2020-0601 ) in Windows 10 and Windows Server 2016/19 reported by the NSA that allows an attacker to spoof the digital signature tied to a specific piece of software.

Security

Security Authentication Access IT

RSA Conference 2020 Preview

Data Breach Today

FEBRUARY 18, 2020

"The Human Element" is the theme of the RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud. Britta Glade, a conference director, previews the event.

Security

8 Takeaways: The Cryptographer's Panel at RSA 2020

Data Breach Today

MARCH 5, 2020

For 2020, the panel focused on such topics as facial recognition, election integrity and the never-ending crypto wars, while giving shout-outs to bitcoin and blockchain.

Blockchain

Blockchain Privacy

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Tuesday December 8, 2020 at 11AM PDT, 2PM EST, 7PM GMT. How a belief that DevOps resources are jack of all trades can increase your risks, not lessen. Slowing down development is not a skills gap it is just a gap in perspective and integration. How we see shift left is undermining it further.

Security

Hindsight Is 2020

Data Breach Today

FEBRUARY 13, 2023

Here's Where Risk Management Is in 2023 This discussion on risk management emphasizes the challenges of implementing effective risk management practices in the real world, using the pandemic as a global example of risk management.

Risk

2020 Security Agenda: Who Owns it?

Data Breach Today

MARCH 6, 2020

ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout.

Security

Security Cybersecurity IT

CVE-2020-15782 flaw in Siemens PLCs allows remote hack

Security Affairs

MAY 28, 2021

Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782 , that could be exploited by remote and unauthenticated attackers to bypass memory protection. Claroty’s blog post describes the PLC sandbox and the role CVE-2020-15782 could play in an attack.

Cybersecurity

Cybersecurity Access Security Information Security

Top data breaches of 2020 – Security Affairs

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks.

Data breaches

Data breaches Security Archiving Passwords

Improve Onboarding with User-Centered Design

Speaker: Dr. Kate Wolin, Founder, Circea

Wednesday September 9th, 2020 at 9:30AM PDT, 12:30 PM EST, 4:30PM GMT How to articulate behavior change techniques to be used in patient onboarding. The difference between engagement and a process and outcome. Application of patient-centered design to evaluate and refine onboarding strategies.

4 State AGs Punch EyeMed With $2.5 M Fine for 2020 Breach

NY AG Fines Practice Management Firm $550K in 2020 Breach

Webinars

Trending Sources

Microsoft Patch Tuesday, August 2020 Edition

Webinars

Patch Tuesday, November 2020 Edition

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Justice Department Probing 2020 Federal Court System Breach

Microsoft Patch Tuesday, June 2020 Edition

Analysis: 2020 Health Data Breach Trends

Microsoft Patch Tuesday, October 2020 Edition

Report by Dresner Advisory Services: Embedded Business Intelligence Market Study

2020 Breach Statistics: An Analysis

Microsoft Patch Tuesday, May 2020 Edition

Over 400 Cyberattacks at US Public Schools in 2020

Undetected Attacks Against Middle East Targets Conducted Since 2020

5 Early Indicators Your Embedded Analytics Will Fail

US Intelligence Reports: Russia, Iran Targeted 2020 Election

Netscout: 10 Million DDoS Attacks in 2020

Third Arrest in Connection With 2020 Twitter Hack

Microsoft Patch Tuesday, Sept. 2020 Edition

5 Essential Pieces of a Prospecting Solution

Microsoft Patch Tuesday, April 2020 Edition

Compliance Lessons From 2020 Fraud Cases

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Intelligence Reports: Russia, Iran Targeted 2020 Election

2020 Database Strategies and Contact Acquisition Survey Report

Health Data Breaches in 2020: Ransomware Incidents Dominate

Microsoft Patch Tuesday, March 2020 Edition

Mark of Ransomware's Success: $370 Million in 2020 Profits

RSA 2020: The Show Must Go On

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Cybersecurity Plan for 2020 US Election Unveiled

2020 Predictions: Targeted Ransomware and 5G Vulnerabilities

Patch Tuesday, Good Riddance 2020 Edition

The Best of RSA Conference 2020

How to Solve 4 Common Challenges of Legacy Information Management

Inside Webroot 2020 Threat Report

Patch Tuesday, January 2020 Edition

RSA Conference 2020 Preview

8 Takeaways: The Cryptographer's Panel at RSA 2020

Shift Left Security? Development Does Not Want to Own It.

Hindsight Is 2020

2020 Security Agenda: Who Owns it?

CVE-2020-15782 flaw in Siemens PLCs allows remote hack

Top data breaches of 2020 – Security Affairs

Improve Onboarding with User-Centered Design

Stay Connected