Tue.Jul 20, 2021

Data Analytics: 3 Critical Questions

Data Breach Today

EY's Maryam Hussain on Launching a Successful Project Launching a successful data analytics project requires asking three critical questions, says Maryam Hussain, partner, forensic and integrity services at Ernst & Young in the U.K.

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

Peter Levashov, appearing via Zoom at his sentencing hearing today.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Can the US Curb China's Cyber Ambitions?

Data Breach Today

Security Experts Weigh the Impact of White House's Latest Cyber Moves Many security experts and analysts are applauding the U.S. for calling out China's cyber behavior, especially after the White House had focused so much attention on Russia's cyber activities. But some are calling for bolder actio

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists.

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

TSA Issues Cybersecurity Requirements for Pipelines

Data Breach Today

Agency Cites 'Ongoing Cybersecurity Threat' The U.S. Transportation Security Administration issued a directive Tuesday requiring owners and operators of oil and natural gas pipelines to implement several cybersecurity controls.

More Trending

Researchers Found Flaws in Telegram's Cryptographic Protocol

Data Breach Today

MTProto Has Since Been Patched Security researchers identified flaws in messaging app Telegram's cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched

A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide

Security Affairs

Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems.

Elekta Health Data Breach Victim Count Grows

Data Breach Today

Swedish Vendor's Recent Cyber Incident Leads to More Notifications The number of U.S. healthcare entities affected by a recent cyber incident targeting a Sweden-based provider of oncology radiation systems and related services is growing.

Kelihos botmaster Peter Levashov gets time served

Security Affairs

A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release for his role in operating the Kelihos botnet.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Case Study: A REvil Ransom Negotiation

Data Breach Today

Security Firm Elliptic Illustrates How Group Was Willing to Reduce Its Demands The blockchain analysis firm Elliptic offers a step-by-step case study, based on its research, of how one victim of the REvil ransomware gang negotiated a lower ransom payment.

A New Approach to Finding Cybersecurity Talent: A Conversation with Alan Paller

eSecurity Planet

A group of technology luminaries have launched an effort to find and train a new generation of cybersecurity talent, an effort that will gain steam tomorrow with The Cyber Talent CIO Forum.

Leak of Alleged Pegasus Target List Restokes Spyware Debate

Data Breach Today

Sales 164

A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root

Security Affairs

Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary code as root.

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

How To Estimate Your Document Automation Potential

AIIM

Understanding the Key Factors that Affect How Much Document Automation You Can Achieve. When the word “automation” is brought up in a conversation, most people think of something that is completely handed over to machines.

Paper 83

Microsoft secured court order to take down domains used in BEC campaign

Security Affairs

Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users. Microsoft’s Digital Crimes Unit (DCU) has seized 17 domains that were used by scammers in a business email compromise (BEC) campaign aimed at its customers.

PRESS RELEASE: 2021 LA ARMA NOSTRA CERTIFICATION REIMBURSEMENT GRANT PROGRAM

IG Guru

Palmyra, NJ (July 15, 2021) – The ARMA International Educational Foundation (Foundation) is pleased to announce it will administer La ARMA Nostra’s 2021 Reimbursement Grant Program.

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

Threatpost

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Vulnerabilities

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year

Thales Cloud Protection & Licensing

Business as Usual During a Terrible, Horrible, No Good, Very Bad Year. madhav. Tue, 07/20/2021 - 09:40. 2020 was a challenging year for the world.

Cloud 105

Law Firm to the Fortune 500 Breached with Ransomware

Threatpost

Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM. Breach Malware Web Security

Announcing OpenText Content Cloud CE 21.3

OpenText Information Management

Succeeding in a modern work landscape of remote resources, dispersed processes and ever-increasing volumes of digital content requires a new generation of content management tools.

Cloud 63

Researchers: NSO Group’s Pegasus Spyware Should Spark Bans, Apple Accountability

Threatpost

Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. Malware Mobile Security Vulnerabilities

12 Plays to Kickstart Your Recruitment Process

To stay ahead in this race, every recruiter needs a good playbook. In this eBook, we lay out 12 recruiting plays that can automate key steps in your recruitment process, helping you reduce both the cost and the time it takes to hire the best candidates.

Announcing OpenText AI and Analytics CE 21.3

OpenText Information Management

The amount of content and data available to organizations is ever-increasing. It’s reached a point where 95% of businesses consider managing unstructured data a problem.

A New Security Paradigm: External Attack Surface Management

Threatpost

Advanced EASM solutions are crucial to automating the discovery of the downstream third-party (or fourth-party, or fifth-party, etc.) IT infrastructures that your organization is exposed to, and may be vulnerable to attack, posing a critical risk for your organization. Sponsored Web Security

Risk 88

Announcing OpenText Security & Protection Cloud CE 21.3

OpenText Information Management

Headline-making events like SolarWinds, Colonial Pipeline, and JBS have exposed a major vulnerability for security teams – a lack of resources to effectively detect and respond to security threats before they become serious breaches.

Cloud 60

MosaicLoader Malware Delivers Facebook Stealers, RATs

Threatpost

The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. Malware Web Security

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Announcing OpenText CE 21.3 for Digital Process Automation

OpenText Information Management

Digital process automation continues to drive digital transformation projects, maximizing the value of information and ensuring governance by automating business processes, enabling better decision-making, and improving customer, partner and employee experiences.

Why Your Business Needs a Long-Term Remote Security Strategy

Threatpost

Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches. Breach Cloud Security InfoSec Insider Malware Mobile Security Web Security

Announcing OpenText Developer Cloud CE 21.3

OpenText Information Management

The new OpenText™ Developer Cloud continues to be updated with our new commercial North American availability zone. Now an OpenText Developer subscriber can deploy their apps for their North American customers in the same high availability area as our Core brand of SaaS products are deployed.

Cloud 56