Data Breach Today

SolarWinds Hires Chris Krebs to Reboot Its Cybersecurity

Data Breach Today

Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.

Defining and Refining Next-Gen AML

Data Breach Today

David Stewart of SAS on the Tools and Technologies Deployed to Fight Financial Crimes As the financial payments landscape shifts, and as fraudsters employ new technologies and techniques, institutions are deploying a next generation of anti-money laundering defenses.

IT 259
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Biden Inauguration: Defending Against Cyberthreats

Data Breach Today

Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors As thousands of National Guard troops pour into Washington to provide security for the Jan.

Analysis: 2020 Health Data Breach Trends

Data Breach Today

Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Federal Courts Investigate 'Apparent Compromise' of System

Data Breach Today

Meanwhile, Courts Suspend Use of SolarWinds, Adopt New Document Security Measures The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents.

IT 247

Kaspersky: SolarWinds Backdoor Similar to Russian 'Kazuar'

Data Breach Today

For Example, Both Backdoors Use Same 'Sleeping' Algorithm The "Sunburst" backdoor deployed in the breach of SolarWinds' Orion network monitoring tool uses some of the same code found in the "Kazuar" backdoor, which security researchers have previously tied to Russian hackers, the security firm Kaspersky reports.

Getting the Most Out of an AI Deployment

Data Breach Today

SWIFT's Guy Sheppard on the Challenges of Using AI to Enhance Security Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT

Appeals Court Vacates $4.3 Million HIPAA Penalty

Data Breach Today

What's the Potential Impact on HIPAA Enforcement? In a ruling that could have a profound impact on HIPAA enforcement, a U.S. Court of Appeals has vacated a $4.3

200
200

Sizing Up the Role of Deception Technology

Data Breach Today

Chris Kubic, Former CISO of NSA, on Strategies for Success Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Reserve Bank of New Zealand Investigates Data Breach

Data Breach Today

Hackers Gained Network Access Through Accellion File-Sharing Service The Reserve Bank of New Zealand disclosed Sunday that hackers infiltrated its network after compromising its file-sharing system from Accellion.

How Conti Ransomware Works

Data Breach Today

Researchers Analyze the Severe Threat the Malware Poses Conti ransomware, which emerged eight months ago, poses a severe threat, according to Cybereason's Nocturnus Team, which offers an in-depth analysis of how the malware works

US Commerce, Treasury Hit in Network Intrusions

Data Breach Today

SolarWinds: Flawed Updates in Orion Platform May be Source of Attacks The U.S. Commerce Department confirmed on Sunday it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck.

IT 270

'Scam-as-a-Service' Scheme Spreads

Data Breach Today

Researchers: 40 Gangs Used Phony Classified Ads to Launch Phishing Schemes A Russian-speaking "scam-as-a-service" operation dubbed "Classiscam" is expanding globally, with 40 interconnected gangs in about a dozen countries using fake product advertisements to launch phishing schemes, the security firm Group-IB reports.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Vulnerable Database Exposed UN Employees' Data

Data Breach Today

Microsoft Finds Backdoor, CISA Warns of New Attack Vectors

Data Breach Today

Devastating Scope of Hacking Campaign Expands Microsoft says on Thursday it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.

Capitol Riot: Self-Surveillance Feeds Investigation

Data Breach Today

Archiving, Crowdsourcing and Facial Recognition Help Identify Suspects for FBI Investigators probing the violent storming of the U.S. Capitol by a mob on Wednesday have been seeking images and help in identifying suspects.

Magecart Groups Hide Behind 'Bulletproof' Hosting Service

Data Breach Today

Researchers Find Groups Hiding JavaScript Skimmers and Phishing Pages Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers with RiskIQ.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

SolarWinds Attack: 'This Hit the Security Community Hard'

Data Breach Today

RiskIQ CEO Lou Manousos Details Lessons to Learn in Supply-Chain Attack Aftermath The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ.

Blood Testing Lab Data Leaked

Data Breach Today

After Apparent Ransomware Attack, Patient Information Posted Apex Laboratory a Farmingdale, New York-based blood testing facility, is notifying patients about the leak of their information, including test results. The security incident - which appears to involve ransomware - happened in July

US Treasury Suffers 'Significant' SolarWinds Breach

Data Breach Today

Dozens of Email Accounts' Compromised by Attackers, Says Senior Democratic Senator An ongoing investigation at the U.S.

Access 250

Hacked: US Commerce and Treasury Departments

Data Breach Today

Fellow Victim FireEye Traces Breaches to Trojanized SolarWinds Software Updates The U.S. Commerce Department confirmed on Sunday it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

NSA Warns of Hacking Tactics That Target Cloud Resources

Data Breach Today

Alert Follows Week's Worth of Revelations About SolarWinds Breach The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms.

Cloud 243

FireEye: SolarWinds Hack 'Genuinely Impacted' 50 Victims

Data Breach Today

SolarWinds Describes Attackers' 'Malicious Code Injection'

Data Breach Today

Software Vendor's Infrastructure Penetrated by September 2019 Investigators probing the supply-chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network-monitoring security software builds.

Joker's Stash Reportedly Shutting Down Operations

Data Breach Today

Researchers: Notorious Underground Marketplace Will 'Retire' in February Joker's Stash, the notorious underground marketplace that has specialized in the sale of stolen payment card data, is reportedly shutting down in February with its administrator claiming to "retire" at that time, according to Gemini Advisory.

Sales 169

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Ransomware Disrupts Scottish Environment Protection Agency

Data Breach Today

Conti Gang Claims Credit for Christmas Eve Attack and Data Exfiltration The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages, and warns that ransom-demanding attackers also stole some data.

Parler Content Forcibly Archived by Researchers After Riot

Data Breach Today

Terabytes of Videos, Images and Posts From Conservative Social Media Site Saved Terabytes' worth of posts, images and videos from conservative social media site Parler have been forcibly obtained by security researchers, who have archived the material for investigators in the wake of the violent riot at the U.S. Capitol.

Massive DarkMarket Underground Marketplace Taken Down

Data Breach Today

International Law Enforcement Effort Leads to Arrest of Alleged Operator A global law enforcement operation has taken down DarkMarket, which Europol describes as the world's largest underground marketplace of illegal goods on the dark web.

CISA Warns SolarWinds Incident Response May Be Substantial

Data Breach Today

All Network Assets' Monitored by Backdoored Orion Software May Need Rebuilding Federal, state and local governments are among the many victims of the supply chain attack that backdoored the SolarWinds' Orion network-monitoring software, and victims "may need to rebuild all network assets" being monitored by the software, the U.S.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

FBI Issues Alert Over Growing Egregor Ransomware Threat

Data Breach Today

Bureau And Security Experts Warn About Gang's Effective Extortion Model The FBI has issued a private industry warning over the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.

Ryuk Ransomware Profits: $150 Million

Data Breach Today

Researchers Track Funds in 61 Cryptocurrency Wallets Researchers say cryptocurrency wallets used by the operators behind the Ryuk ransomware strain and the gang's affiliates hold more than $150 million

Analysis: The Latest SolarWinds Hack Developments

Data Breach Today

This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends

Cloud 197

NSA Warns Over Hacking Tactics That Target Cloud Resources

Data Breach Today

Alert Follows Week's Worth of Revelations Over SolarWinds Breach The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms.

Cloud 233

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.