Thu.Sep 09, 2021

Bitcoin Scam Run by Fake Exchange, Report Says

Data Breach Today

Fraudsters Deploy MFA to Give Victims False Sense of Security Researchers have discovered email fraud campaigns in which unidentified threat actors are swindling victims out of bitcoin by tempting them with a substantial amount of tax-free cryptocurrency.

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs

The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked as M?ris.

IoT 110
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybercrime Money Launderer Handed 11-Year Sentence

Data Breach Today

DOJ: High-Level Operative Moved Funds for North Korean Hackers A dual U.S.-Canadian Canadian national has been sentenced to more than 11 years in federal prison for conspiring to launder tens of millions of dollars in wire and bank fraud schemes, according to the U.S.

153
153

International money launderer sentenced to more than 11 years

Security Affairs

A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions of dollars stolen in bank fraud schemes. A Canadian man who conspired to launder tens of millions of dollars stolen bank fraud schemes has been sentenced to 140 months in prison.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

How China’s Information Protection Law Affects Businesses

Data Breach Today

Experts Deconstruct New Law for Global Firms Operating in China China’s personal information protection law focuses in part on localization, stronger security and governance frameworks.

More Trending

National Cyber Director Sees Ransomware As Continuing Threat

Data Breach Today

More Detail on the Juniper Hack and the NSA PRNG Backdoor

Schneier on Security

We knew the basics of this story , but it’s good to have more detail. Here’s me in 2015 about this Juniper hack. Here’s me in 2007 on the NSA backdoor. Uncategorized backdoors China firewall hacking Juniper NSA random numbers

IT 89

You Don't Need to Burn off Your Fingertips (and Other Biometric Authentication Myths)

Troy Hunt

111 years ago almost to the day, a murder was committed which ultimately led to the first criminal trial to use fingerprints as evidence.

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers from AT&T Alien Labs uncovered a new campaign, tracked as Chimaera, conducted by the TeamTNT group , aimed at organizations worldwide.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Hackers Leak 87,000 Fortinet VPN Passwords

eSecurity Planet

In the latest lesson about the importance of patching , the credentials for 87,000 Fortinet FortiGate VPNs have been posted on a dark web forum by hackers. Fortinet confirmed the veracity of the hackers’ claims in a blog post today.

Millions of Microsoft web servers powered by vulnerable legacy software

Security Affairs

CyberNews researchers identified more than 2 million web servers worldwide still running on outdated and vulnerable versions of Microsoft Internet Information Services software.

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

Threatpost

A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. Cloud Security Vulnerabilities

Cloud 102

REvil Ransomware Group Resurfaces After Two Months Away

eSecurity Planet

It was a short hiatus for the REvil ransomware group that signed off in July following several high-profile attacks by the Russia-based crew on such companies as global meat processor JBS and tech services provider Kaseya.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’

Threatpost

John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. Breach Cloud Security Cryptography Hacks InfoSec Insider Malware Mobile Security Vulnerabilities Web Security

Cloud 99

Berger Montague partners with Ricoh to increase efficiency and data security, and expedite workflows via Legal IT Professionals

IG Guru

Check out the article here. The post Berger Montague partners with Ricoh to increase efficiency and data security, and expedite workflows via Legal IT Professionals appeared first on IG GURU.

IT 62

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’

Threatpost

Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. . Hacks Malware Vulnerabilities Web Security

Belgian Council of State Considers Encryption a Sufficient Measure for U.S. Data Transfers

Hunton Privacy

On August 19, 2021, the Belgian Council of State confirmed a decision of the regional Flemish Authorities to contract with an EU branch of a U.S. company using Amazon Web Services (“AWS”).

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

McDonald’s Email Blast Includes Password to Monopoly Game Database

Threatpost

Usernames, passwords for database sent in prize redemption emails. Web Security

New European Union Dual-Use Regulation Enters Into Force

Data Matters

As from September 9, 2021, Regulation (EU) 2021/821 ( EU Dual-Use Regulation Recast ) replaces the existing Council Regulation (EC) 428/2009 setting up the European Union (EU) regime for the control of exports, transfer, brokering, and transit of “dual-use” items ( EU Dual-Use Regulation ).

Weekly Update 260

Troy Hunt

An early one today as I made space in the schedule to get out on the water 😎 I'm really liking the new Apple AirTags, I'm disliking some of the international media coverage about Australia's COVID situation, another gov onto HIBP and a blog post I've wanted to write for a long time on biometrics.

BladeHawk Attackers Target Kurds with Android Apps

Threatpost

Pro-Kurd Facebook profiles deliver '888 RAT' and 'SpyNote' trojans, masked as legitimate apps, to perform mobile espionage. Malware Mobile Security Privacy Web Security

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

UAE Announces New Federal Data Law

Hunton Privacy

This week, the United Arab Emirates (“UAE”) Minister of State for Artificial Intelligence, Digital Economy and Remote Work Applications (the “Minister”) announced that the UAE would introduce a new federal data protection law (“Data Protection Law”), the first federal law of its kind in the UAE.

Thousands of Fortinet VPN Account Credentials Leaked

Threatpost

They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. Malware Vulnerabilities Web Security

Securing the Identities of Connected Cars

Thales Cloud Protection & Licensing

Securing the Identities of Connected Cars. madhav. Thu, 09/09/2021 - 08:46. Manufacturing is one of the most attacked industries, facing a range of cybersecurity challenges.

Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix

Threatpost

An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. Cloud Security Vulnerabilities Web Security

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Stepping Up Your Game When Working from Home

Cllax

The past few years have seen more and more people working from home due to the business sector adapting more convenient and accessible processes. These days, an ambitious entrepreneur could. The post Stepping Up Your Game When Working from Home first appeared on Cllax - Top of IT. Articles

A History of How Technology Has Transformed the Legal Field

Zapproved

From computer automation taking on administrative tasks such as filing and invoicing to advances in artificial intelligence that streamline client intake and provide information on legal options, technology continues to transform the legal field.

Shadow IT Puts Your Cloud Environments – and Your Proprietary Data – at Risk

Adapture

Shadow IT Puts Your Cloud Environments – and Your Proprietary Data – at Risk The number of software services that users have access to has exploded over the past decade.

Cloud 52