Trending Articles

Cybercrime Carnage: Cryptocurrency-Targeting Attacks Abound

Data Breach Today

From Cryptojacking to Exchange Hacks to Scam Token Contracts, Innovation Abounds While the cybercrime story for 2022 has yet to be fully written, cryptocurrency theft will no doubt have a starring role.

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Krebs on Security

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh , which claims to be based in the United States.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

LockBit 3.0 Says It's Holding a Canadian City for Ransom

Data Breach Today

Ransomware Attack Locks Up Westmount Services and Takes Down Email System The nefarious LockBit 3.0 cybercriminal group is claiming responsibility for the ransomware attack that halted municipal services and shut down employee email accounts in Westmount, Quebec, giving the city a deadline of Dec.

GUEST ESSAY: What ‘self-sovereign-identities’ are all about — and how SSIs can foster public good

The Last Watchdog

Government assistance can be essential to individual wellbeing and economic stability. This was clear during the COVID-19 pandemic, when governments issued trillions of dollars in economic relief. Related: Fido champions passwordless authentication. Applying for benefits can be arduous, not least because agencies need to validate applicant identity and personal identifiable information (PII).

6 Steps to More Streamlined Data Modeling

Are you a developer, database architect, or database administrator that's new to Cassandra, but been tasked with developing a plan for implementing the technology anyway? Worry no more. Discover a streamlined methodical approach to Apache Cassandra® data modeling.

Computer Repair Technicians Are Stealing Your Data

Schneier on Security

Laptop technicians routinely violate the privacy of the people whose computers they repair: Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops.

More Trending

Google Blocks 231B Spam, Phishing Emails in Past 2 Weeks

Dark Reading

Google Workspace's team is seeing a spike in phishing and spam hitting Gmail — up 10% in just the last two weeks

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

The Last Watchdog

Endpoints are where all are the connectivity action is. Related: Ransomware bombardments. And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management.

How to Avoid Black Friday Scams Online

WIRED Threat Level

Tis the season for swindlers and hackers. Use these tips to spot frauds and keep your payment info secure. Security Security / Security Advice Gear / How To and Advice

Experts found a vulnerability in AWS AppSync

Security Affairs

Amazon Web Services (AWS) fixed a cross-tenant vulnerability that could have allowed attackers to gain unauthorized access to resources.

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

Ontario Teachers’ Data Stolen in Ransomware Attack

Data Breach Today

Victims Notified of Ransomware Attack Six Months After the Incident A cyberattack on a Canadian teachers’ union gave thieves access to sensitive data of more than 60,000 members The union is yet to disclose the exact number of affected individuals, but stated that both former and current members are impacted.

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

Dark Reading

As the open source social media network blows up due to Twitter's troubles, researchers caution about vulnerabilities within the application

The Ninth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available

Data Matters

What is Cyber Extortion and How Can It Be Prevented?

IT Governance

Organisations that suffer security incidents are sometimes said to be victims of “cyber extortion”, but it’s often unclear what exactly that phrase means.

10 Rules to More Streamlined Data Modeling

Apache Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn 10 rules that will help you perfect your Kafka system to get ahead.

Experts claim that iPhone’s analytics data is not anonymous

Security Affairs

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users.

AxLocker Ransomware Adds a Twist: Stealing Discord Tokens

Data Breach Today

Stolen Tokens Sold to Facilitate Scams Against Cryptocurrency and NFT Enthusiasts Newly spotted AxLocker ransomware, before crypto-locking systems, also steals Discord tokens, which can be sold on cybercrime markets.

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

Dark Reading

Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents

IoT 99

Twitter v. Musk illustrates how sources of discoverable ESI are more diverse than ever 

OpenText Information Management

By now, we all know that Elon Musk has finally completed his purchase of Twitter, but that purchase was anything but a smooth process. It only occurred after Twitter filed suit against Musk after he terminated his bid to acquire Twitter (only to subsequently revive the bid and complete the purchase).

IT 86

Powering Personalization Through Customer Data

Finding the right CDP can help unlock the value of your customer data. This eBook offers guidance on choosing, deploying, and utilizing a CDP, along with a case study on how one bank put data into action to forge stronger connections with customers.

A Recent, Complex, Ransomware Campaign

KnowBe4

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022.

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP).

Cybercrime Forum Dumps Stolen Details on 5.4M Twitter Users

Data Breach Today

But Information Compiled by Other Attackers May Involve Millions of Other Accounts Information amassed on 5.4 million Twitter users by an attacker who abused one of the social network's APIs has been dumped online for free.

For Gaming Companies, Cybersecurity Has Become a Major Value Proposition

Dark Reading

New users and monetization methods are increasingly profitable for gaming industry, but many companies find they have to stem growth in cheats, hacks, and other fraud to keep customers loyal

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Apple’s Device Analytics Can Identify iCloud Users

Schneier on Security

CyberheistNews Vol 12 #47 [Heads Up] Watch Out for This Tricky New Tactic Called Clone Phishing

KnowBe4

Cybercrime KnowBe4

A flaw in some Acer laptops can be used to bypass security features

Security Affairs

ESET announced the discovery of a vulnerability impacting Acer laptops that can allow an attacker to deactivate UEFI Secure Boot. ESET researchers announced in a series of tweets the discovery of a vulnerability impacting Acer laptops, the issue can allow an attacker to deactivate UEFI Secure Boot.

Multiple Arrests in Coordinated African Cyber Operation

Data Breach Today

Law Enforcement Agencies Also Took Down 200,000 Cyber Infrastructure Crooks A 27-nation joint investigation in Africa led to the arrest of 11 cybercrooks accused of defrauding $800,000 from victims across the world.

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Cybersecurity Consolidation Continues, Even as Valuations Stall

Dark Reading

Financing and acquisitions are trending toward smaller deals, which means fewer high-valuation purchases and funding, but likely fewer post-merger layoffs as well

The US Has a Bomb-Sniffing Dog Shortage

WIRED Threat Level

Finding high-quality detection canines is hard enough—and the pandemic only dug a deeper hole. Security Security / National Security

There’s No Such Thing as a Free Yeti, Only Social Engineering Tactics

KnowBe4

It’s easy to think of the typical online holiday scam as something that affects mostly individuals. Sad, maybe, and unfortunate, but not something that might seriously threaten a business, or another organization. Social Engineering

IT 61