2020 and IT - Information Management Today

Microsoft Patch Tuesday, August 2020 Edition

Krebs on Security

AUGUST 11, 2020

The most concerning of these appears to be CVE-2020-1380 , which is a weaknesses in Internet Explorer that could result in system compromise just by browsing with IE to a hacked or malicious website. More information on CVE-2020-1337, including a video demonstration of a proof-of-concept exploit, is available here.

Authentication

Authentication Security IT Access

2020 Security Agenda: Who Owns it?

Data Breach Today

MARCH 6, 2020

ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout.

IT

IT Security Cybersecurity

Patch Tuesday, November 2020 Edition

Krebs on Security

NOVEMBER 10, 2020

” A chief concern among all these updates this month is CVE-2020-17087 , which is an “important” bug in the Windows kernel that is already seeing active exploitation. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users.

Security

Security IT Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Over 400 Cyberattacks at US Public Schools in 2020

Data Breach Today

MARCH 15, 2021

public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. Experts Say Increase Owes to Lack of Funding, Virtual Learning U.S.

Cybersecurity

Cybersecurity IT

7 Questions Every App Team Should Ask

In its 2020 Embedded BI Market Study, Dresner Advisory Services continues to identify the importance of embedded analytics in technologies and initiatives strategic to business intelligence. Which sophisticated analytics capabilities can give your application a competitive edge?

Analytics

2020 Breach Statistics: An Analysis

Data Breach Today

FEBRUARY 5, 2021

data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report. James Lee of the Identity Theft Resource Center Discusses Reasons Behind Breach Decline The decline in the total number of U.S.

Data breaches

Data breaches IT

Microsoft Patch Tuesday, May 2020 Edition

Krebs on Security

MAY 12, 2020

” For example, Satnam Narang from Tenable notes that two remote code execution flaws in Microsoft Color Management ( CVE-2020-1117 ) and Windows Media Foundation ( CVE-2020-1126 ) could be exploited by tricking a user into opening a malicious email attachment or visiting a website that contains code designed to exploit the vulnerabilities. .

Risk

Risk Security IT Access

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware

Ransomware Cybersecurity Education Passwords

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. We’ll likely see this one in the wild soon.

Authentication

Authentication Security Ransomware IT

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Microsoft Patch Tuesday, April 2020 Edition

Krebs on Security

APRIL 14, 2020

Near the top of the heap is CVE-2020-1020 , a remotely exploitable bug in the Adobe Font Manager library that was first detailed in late March when Microsoft said it had seen the flaw being used in active attacks. However, the advisory says this IE bug is likely to be exploited soon. Now for my obligatory disclaimers.

Libraries

Libraries Security Authentication IT

Cybersecurity Plan for 2020 US Election Unveiled

Data Breach Today

FEBRUARY 17, 2020

Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure. CISA Describes Its Role as Security Facilitator The U.S.

Cybersecurity

Cybersecurity Security IT

Mark of Ransomware's Success: $370 Million in 2020 Profits

Data Breach Today

MARCH 5, 2021

Proceeds Boosted via Big Game Hunting, Data Leaking, Hitting Healthcare Sector Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.

Ransomware

Ransomware Marketing Security IT

Microsoft Patch Tuesday, March 2020 Edition

Krebs on Security

MARCH 10, 2020

Recorded Future warns exploit code is now available for one of the critical bugs Redmond patched last month in Microsoft Exchange ( CVE-2020-0688 ), and that nation state actors have been observed abusing the exploit for targeted attacks. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.

Security

Security IT

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Tuesday December 8, 2020 at 11AM PDT, 2PM EST, 7PM GMT. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. How we see shift left is undermining it further.

Security

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

Security Affairs

NOVEMBER 4, 2020

Cyber Defense Magazine November 2020 Edition has arrived. SecurityAffairs – hacking, Cyber Defense Magazine November 2020 ). The post Cyber Defense Magazine – November 2020 has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. Always free, no strings attached.

IT

IT Cybersecurity Marketing Information Security

Patch Tuesday, Good Riddance 2020 Edition

Krebs on Security

DECEMBER 8, 2020

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Mercifully, it does not appear that any of the flaws fixed this month are being actively exploited, nor have any them been detailed publicly prior to today.

Security

Security Risk IT

News Corp says hackers first breached its systems between Feb 2020 and Jan 2022

Security Affairs

FEBRUARY 26, 2023

Now News Corp revealed that the threat actor behind the security breach first gained a foothold in the company infrastructure in February 2020. The investigation conducted by News Corporation (News Corp) revealed that attackers remained on its network for two years. As soon as we became aware of the activity, we notified U.S.

IT

IT Data breaches Insurance Cybersecurity

Inside Webroot 2020 Threat Report

Data Breach Today

MARCH 2, 2020

Hal Lonas of OpenText Shares Cybersecurity Predictions Webroot just released its 2020 Threat Report. How has the landscape changed, and what cybersecurity predictions are made for 2020? Hal Lonas of OpenText shares insights and outlines the next round of research into artificial intelligence and machine learning.

Artificial Intelligence

Artificial Intelligence Cybersecurity IT

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

In this webinar, you'll be provided with a clear overview of the Anti-Money Laundering Act of 2020 (AMLA), which also includes the Corporate Transparency Act (CTA). The AMLA represents the most significant changes in U.S. anti-money laundering laws since the USA PATRIOT Act of 2001.

IT

Patch Tuesday, January 2020 Edition

Krebs on Security

JANUARY 14, 2020

As first reported Monday by KrebsOnSecurity, Microsoft addressed a severe bug ( CVE-2020-0601 ) in Windows 10 and Windows Server 2016/19 reported by the NSA that allows an attacker to spoof the digital signature tied to a specific piece of software. “Imagine if I wanted to pick the lock in your front door,” Green analogized.

Security

Security Authentication IT Access

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Since at least June 2020, and possibly earlier, the cyberespionage group has used the tool GooseEgg to exploit the CVE-2022-38028 vulnerability. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. The vulnerability CVE-2022-38028 was reported by the U.S.

IT

IT Education Cybersecurity Risk

Cyber Defense Magazine – September 2020 has arrived. Enjoy it!

Security Affairs

SEPTEMBER 3, 2020

Cyber Defense Magazine September 2020 Edition has arrived. SecurityAffairs – hacking, Cyber Defense Magazine September 2020). The post Cyber Defense Magazine – September 2020 has arrived. Always free, no strings attached. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IT

IT Cybersecurity Marketing Information Security

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

JANUARY 13, 2020

14, the first Patch Tuesday of 2020. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll Even more so than others. I don’t know…just call it a hunch?”

Military

Military Cybersecurity Encryption Authentication

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises are pouring money into data management software – to the tune of $73 billion in 2020 – but are seeing very little return on their data investments.

Cloud

Cyber Defense Magazine – August 2020 has arrived. Enjoy it!

Security Affairs

AUGUST 5, 2020

Cyber Defense Magazine august 2020 Edition has arrived. Here’s a Yumpu version: www.yumpu.com/en/document/view/63770162/cyber-defense-emagazine-august-2020-edition Enjoy and Thank You for Joining Us! The post Cyber Defense Magazine – August 2020 has arrived. Pierluigi Paganini. appeared first on Security Affairs.

B2C

B2C IT Libraries Information Security

Cyber Defense Magazine – July 2020 has arrived. Enjoy it!

Security Affairs

JULY 2, 2020

Cyber Defense Magazine July 2020 Edition has arrived. Here’s a Yumpu version: www.yumpu.com/en/document/read/63586241/cyber-defense-emagazine-july-2020-edition Enjoy and Thank You for Joining Us! The post Cyber Defense Magazine – July 2020 has arrived. Pierluigi Paganini. appeared first on Security Affairs.

B2C

B2C IT Libraries Information Security

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

Krebs on Security

DECEMBER 2, 2021

They allege that in late December 2020, Sharp applied for a job at another technology company, and then abused his privileged access to Ubiquiti’s systems at Amazon’s AWS cloud service and the company’s GitHub accounts to download large amounts of proprietary data. When FBI agents raided Sharp’s residence on Mar.

Cloud

Cloud Communications Access Marketing

CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 16, 2024

Cisco addressed the flaw in May 2020. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. “An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability.

IT

IT Cybersecurity Authentication Risk

Recovering from a Cyber Attack

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

IBM reported that the total damage from data breaches in 2021 was 4.24M USD (up from 3.86M USD in 2020), easily the highest aggregated amount on record. If your organization stores data and is connected to the Internet, it is not a matter of “if” a cyber-security incident will happen, but “when.”

Data breaches

Top data breaches of 2020 – Security Affairs

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks.

Data breaches

Data breaches Security Sales Archiving

[Podcast] Best of 2020 - A Special Year-End Episode

AIIM

DECEMBER 8, 2020

So it is my pleasure to bring to you this special Best Of 2020 episode where we hear excerpts from many of the interviews we've done over the past 12 months - a sampling of the great guests featured on the show this year. Mike was our most popular interview in 2020. And finally, Mike Steep joins us.

Digital transformation

Digital transformation Records Management Archiving IT

Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs. Pierluigi Paganini.

Security

Security IT Information Security

A threat actor exploited 11 zero-day flaws in 2020 campaigns

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. ” wrote the popular Project Zero researcher Maddie Stone.

Security

Security IT Information Security

Best Practices for Modern Records Management and Retention

Speaker: Sean Baird, Director of Product Marketing at Nuxeo

October 20, 2020 at 11:00 am PDT, 2:00 pm EDT, 7:00 pm BST. Join Sean Baird as he highlights best practices for effective records management and retention. He will explore how digital transformation can counteract the costs, inefficiencies, and end-user considerations that make it difficult to maintain compliance.

Records Management

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020. ” said kapuchin0.

Ransomware

Ransomware Archiving Encryption Cybersecurity

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Security Affairs

NOVEMBER 5, 2020

VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. Pierluigi Paganini.

Cloud

Cloud Access Security IT

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The post Samba addresses the CVE-2020-1472 Zerologon Vulnerability appeared first on Security Affairs.

Authentication

Authentication Passwords Security Government

GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020

Security Affairs

JUNE 29, 2021

Code repository hosting service GitHub announced that it has paid $524,250 through its bug bounty program for 203 vulnerabilities affecting its products and services in 2020. From February 2020 to February 2021, we handled a higher volume of submissions than any previous year. million through its bug bounty program since 2016.

IT

IT Security Cybersecurity Information Security

The Evolution of the Data Team: Lessons Learned From Growing a Team From 3 to 20

Speaker: Mindy Chen, Director of Decision Science, Hudl

August 5, 2020 8 AM PDT, 11 AM EDT, 4 PM BST There is no denying that growing a data team has its challenges. What you plan your data team structure to look like initially may not turn out to be the most effective long term. Reflect on the lessons learned at Hudl and what they would have done differently during their evolution.

IT

Cyber Defense Magazine ? July 2020 has arrived. Enjoy it!

Security Affairs

JUNE 5, 2020

Cyber Defense Magazine June 2020 Edition has arrived. Cyber Defense Magazine June 2020 Edition has arrived. The post Cyber Defense Magazine – July 2020 has arrived. We hope you enjoy this month’s edition…packed with over 165 pages of excellent content. Please read it and share it with your friends. Pierluigi Paganini.

B2C

B2C IT Cybersecurity Information Security

Microsoft accidentally reveals Wormable Win SMBv3 CVE-2020-0796 Flaw

Security Affairs

MARCH 10, 2020

Today Microsoft accidentally leaked info about a new wormable vulnerability (CVE-2020-0796) in the Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796 , is pre- remote code execution vulnerability that resides in the Server Message Block 3.0 CVE-2020-0796 – a "wormable" SMBv3 vulnerability.

Communications

Communications Security IT

VMware discloses critical zero-day CVE-2020-4006 in Workspace One

Security Affairs

NOVEMBER 23, 2020

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. Pierluigi Paganini.

Access

Access Cybersecurity Security IT

Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation

Security Affairs

NOVEMBER 11, 2020

Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. The IT giant also addressed the CVE-2020-17087 Windows flaw that was chained with the CVE-2020-15999 Chrome bug in attacks in the wild. ” states the analysis published by ZDI.

Libraries

Libraries Security Access IT

Microsoft Patch Tuesday, August 2020 Edition

2020 Security Agenda: Who Owns it?

Webinars

Trending Sources

Patch Tuesday, November 2020 Edition

Webinars

Over 400 Cyberattacks at US Public Schools in 2020

7 Questions Every App Team Should Ask

2020 Breach Statistics: An Analysis

Microsoft Patch Tuesday, May 2020 Edition

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Microsoft Patch Tuesday, Sept. 2020 Edition

5 Early Indicators Your Embedded Analytics Will Fail

Microsoft Patch Tuesday, April 2020 Edition

Cybersecurity Plan for 2020 US Election Unveiled

Mark of Ransomware's Success: $370 Million in 2020 Profits

Microsoft Patch Tuesday, March 2020 Edition

Shift Left Security? Development Does Not Want to Own It.

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

Patch Tuesday, Good Riddance 2020 Edition

News Corp says hackers first breached its systems between Feb 2020 and Jan 2022

Inside Webroot 2020 Threat Report

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Patch Tuesday, January 2020 Edition

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Cyber Defense Magazine – September 2020 has arrived. Enjoy it!

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Cyber Defense Magazine – August 2020 has arrived. Enjoy it!

Cyber Defense Magazine – July 2020 has arrived. Enjoy it!

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”

CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog

Recovering from a Cyber Attack

Top data breaches of 2020 – Security Affairs

[Podcast] Best of 2020 - A Special Year-End Episode

Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical

A threat actor exploited 11 zero-day flaws in 2020 campaigns

Best Practices for Modern Records Management and Retention

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020

The Evolution of the Data Team: Lessons Learned From Growing a Team From 3 to 20

Cyber Defense Magazine ? July 2020 has arrived. Enjoy it!

Microsoft accidentally reveals Wormable Win SMBv3 CVE-2020-0796 Flaw

VMware discloses critical zero-day CVE-2020-4006 in Workspace One

Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation

Stay Connected