Tue.Feb 11, 2020

WiFi: A New Way to Spread Emotet Malware

Data Breach Today

Researchers Say Trojan's Developers Devising Ways to Spread Trojan to More Devices Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.

Crypto AG Was Owned by the CIA

Schneier on Security

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More Phishing Campaigns Tied to Coronavirus Fears

Data Breach Today

Researchers Describe a Wide Variety of Tactics As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets

5 key things to consider when migrating to the cloud

OpenText Information Management

Cloud computing is now touching all aspects of information technology, and document and data archiving is no exception. When it comes to security, cost savings, reliable services and scalability, there is no bigger advantage than storing your most valuable assets in the cloud.

Cloud 105

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

No Surprise: China Blamed for 'Big Data' Hack of Equifax

Data Breach Today

Analysis: Equifax Failed on Security, But Only Governments Can Hold Each Other to Account Who's surprised Chinese military hackers allegedly hacked Equifax?

More Trending

Coding Flaw Exposes Voter Details for 6.5 Million Israelis

Data Breach Today

Failure to Secure API Allowed Unauthenticated Access Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application.

Access 176

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

A security expert discovered that the Cosmetic firm Estée L auder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée L auder that contained 440,336,852 records.

NIST Privacy Framework: The Implementation Challenges

Data Breach Today

Although NIST's new privacy framework is agnostic toward any particular privacy law, "it gives organizations building blocks to help them meet any obligations under any particular law or jurisdiction" says Naomi Lefkovitz, a NIST senior privacy adviser

Good Policy Statements Don’t Micro-manage

ARMA International

Instructions in a policy statement that amount to micro-management confuse rather than clarify the requirements. I’m sure you’ve seen them – policy statements so detailed that they list the steps required.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

Bringing Outsiders Into Your Compliance Team: Four Considerations

Data Breach Today

Hiring third party investigators to bolster your AML and Compliance team? Here's four things to consider before you pick up the phone. Money Laundering investigators are in high demand: banks and other financial institutions have spent almost two decades hiring more and more of them

South Korean Woori Bank is accused of unauthorized use of customer data

Security Affairs

Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the p assword s of 23,000 customer dormant accounts without consent in July 2018.

Hindsight is 2020. Looking back so we can move forward

Thales eSecurity

2020 ends a decade, and the new year prompted me to think “Wow it’s been two decades since we started Vormetric.” And the mission we started then still applies now. Data security is still a problem.

Cloud 89

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks.

IoT 88

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Why Ransomware Will Soon Target the Cloud

Dark Reading

As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud

Securing Containers and Multi-Cloud Operations

Thales eSecurity

The shift toward cloud-native applications is changing the building blocks of IT. Development and maintenance of infrastructure and applications in-house just isn’t an option anymore in many cases.

Cloud 83

Conservative News Sites Track You Lots More Than Left-Leaning Ones

WIRED Threat Level

One analysis of news outlets found that the median popular right-wing site planted 73 percent more cookies than its left-wing counterpart. Security Security / Privacy

IT 83

Adobe addresses 42 flaws in its five products

Security Affairs

Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in five products, dozens of them rated as critical severity.

IT 82

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Macs See More Adware, Unwanted Apps Than PCs

Dark Reading

The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce

82

The US Fears Huawei Because It Knows How Tempting Backdoors Are

WIRED Threat Level

US officials allege that Huawei has backdoors in its technology. The US knows firsthand how powerful those can be. Security Security / National Security

IT 82

Dell SupportAssist flaw exposes computers to hack, patch it asap!

Security Affairs

Dell addresses a flaw in the Dell SupportAssist Client software that could allow local attackers to execute arbitrary code with Administrator privileges. Dell released a security update to address a vulnerability, tracked as CVE-2020-5316 , in its SupportAssist Client software.

IT 79

Repudiation Now Live on Linkedin Learning

Adam Shostack

My course, “ Repudiation in Depth ” is now live on Linkedin Learning. This is the fourth course I’ve created, starting with “ Learning Threat Modeling “, and courses on “ spoofing “, “ tampering “, and now, repudiation.

IT 77

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Keeping a Strong Security Metrics Framework Strong

Dark Reading

Don't just report metrics -- analyze, understand, monitor, and adjust them. These 10 tips will show you how

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

Threatpost

Middleware data was exposed, which can create a secondary path for malware through which applications and data can be compromised.

Cloud 104

The cyber attack the UN tried to keep under wraps via the New Humanitarian

IG Guru

This article discusses how bad actors broke into the UN during the Summer of 2019. The post The cyber attack the UN tried to keep under wraps via the New Humanitarian appeared first on IG GURU.

Risk 72

Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits

Dark Reading

Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

BELGIUM: Belgian DPA reveals its strategy for the next 5 years.

DLA Piper Privacy Matters

By Patrick Van Eecke, Frederik Ringoot and Thomas Gils. The Belgian Data Protection Authority published its strategic plan setting out its policy priorities and strategic objectives for the next five years.

GDPR 71

Can the Government Buy Its Way Around the Fourth Amendment?

WIRED Threat Level

Immigration authorities are purchasing cell phone location data, and it might be totally legal. . Security Security / Privacy

CIA's Secret Ownership of Crypto AG Enabled Extensive Espionage

Dark Reading

Crypto AG made millions selling encryption devices to more than 120 countries, which unknowingly transmitted intel back to the CIA