Thu.Jun 17, 2021

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Data Breach Today

16 Critical Infrastructure Sectors Especially Off Limits - Or Else, President Warns U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit this week, saying that should Russia continue to launch cyberattacks against U.S.

241
241

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cyberium Domain Targets Tenda Routers in Botnet Campaign

Data Breach Today

AT&T Alien Labs: Hackers Used Mirai Variant MooBot Malware hosting domain Cyberium has spread multiple Mirai variants, including one that targeted vulnerable Tenda routers as part of a botnet campaign, AT&T Alien Labs reports

239
239

Over a billion records belonging to CVS Health exposed online

Security Affairs

Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

India Moves Toward Limiting What Telecom Tech Can Be Used

Data Breach Today

As 'Trusted Telecom Portal' Launched, Chinese Vendors May Be Excluded From Market In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers

More Trending

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Data Breach Today

Experts Discuss Impact of 'Transformational Moment' After U.S.

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software.

Top Database Security Solutions for 2021

eSecurity Planet

No matter the breakthrough, no matter the latest fad or trend, the database remains a foundational component to IT ecosystems.

Cloud 77

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

[Podcast] The Future of AI is Today

AIIM

The notion of Artificial Intelligence has pervaded both the business world and popular culture.

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database.

Paul van Oorschot’s Computer Security and the Internet

Schneier on Security

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Uncategorized books computer security

IT 74

The return of TA402 Molerats APT after a short pause

Security Affairs

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

Mission Critical: What Really Matters in a Cybersecurity Incident

Dark Reading

The things you do before and during a cybersecurity incident can make or break the success of your response

The Cl0p Bust Shows Exactly Why Ransomware Isn’t Going Away

WIRED Threat Level

Ukrainian authorities managed to make some high-profile arrests. But nothing’s going to change until Russia does the same. Security Security / National Security

Texas Amends Breach Notification Law to Require Public Reporting of Breach Notices

Hunton Privacy

On June 14, 2021, Texas Governor Greg Abbott signed HB 3746 , a bill amending Texas’s data breach notification law.

Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes

Threatpost

An email campaign asking victims to call a bogus number to suspend supposedly fraudulent subscriptions got right past Microsoft's native email controls. Web Security

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

One in Five Manufacturing Firms Targeted by Cyberattacks

Dark Reading

Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production

Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages

Threatpost

An hour-long outage hit airlines, banks and the Hong Kong Stock exchange. It's thought to have been caused by a DDoS mitigation service. Cloud Security Critical Infrastructure

IT 86

Data Breaches Surge in Food & Beverage, Other Industries

Dark Reading

Six previously "under-attacked" vertical industries saw a surge in data breaches last year due to COVID-19 related disruptions and other factors, new data shows

CVS Health Records for 1.1 Billion Customers Exposed

Threatpost

A vendor exposed the records, which were accessible with no password or other authentication, likely because of a cloud-storage misconfiguration. Cloud Security Web Security

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Cyberattacks Are Tailored to Employees. Why Isn't Security Training?

Dark Reading

Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account

Risk 56

Threat Actors Use Google Docs to Host Phishing Attacks

Threatpost

Exploit in the widely used document service leveraged to send malicious links that appear legitimate but actually steal victims credentials. Hacks Web Security

EU: Second wave of noyb complaints targets cookie banners

DLA Piper Privacy Matters

Authors: Heidi Waem and Simon Verschaeve. Recently, the European Center for Digital Rights (better known as noyb), founded by privacy activist Max Schrems, announced a new initiative that focuses on compliance of cookie banners in Europe.

GDPR 56

Cisco Smart Switches Riddled with Severe Security Holes

Threatpost

The intro-level networking gear for SMBs could allow remote attacks designed to steal information, drop malware and disrupt operations. Vulnerabilities

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Google Launches SLSA, a New Framework for Supply Chain Integrity

Dark Reading

The "Supply chain Levels for Software Artifacts" aims to ensure the integrity of components throughout the software supply chain

52

NARA calls in DoD to help resolve its backlog of veteran records requests

IG Guru

Check out the article here. The post NARA calls in DoD to help resolve its backlog of veteran records requests appeared first on IG GURU. Archives FOIA IG News Records Management Standards Backlog DoD NARA

FOIA 52

Episode 217: What Fighting Pirates Teaches Us About Ransomware

The Security Ledger

Criminal gangs swoop in on unsuspecting merchants to seize their goods. Behind the scenes, rival nations turn a blind eye or offer them safe harbor, in exchange for cooperation. Sound familiar? It should.