Mon.Aug 19, 2019

Credential Stuffing Attacks vs. Brute Force Attacks

Data Breach Today

What They Are and How to Handle Them To explore how credential stuffing attacks and brute force attacks differ, we need to understand what they are and how they operate. Here is a quick summary

132
132

The Rise of “Bulletproof” Residential Networks

Krebs on Security

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers.

Retail 237

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning.

MY TAKE: Can embedding security deep inside mobile apps point the way to securing IoT?

The Last Watchdog

IoT 166

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

FBI Arrests Nigerian Suspect in $11 Million BEC Scheme

Data Breach Today

Scam Targeted UK Affiliate of US Heavy Equipment Firm Caterpillar, Prosecutors Allege The FBI has arrested a Nigerian businessman for allegedly carrying out an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar

More Trending

Effectively Addressing Policy Change Management

Data Breach Today

Baruch Thee of Tufin Shares Recommendations Organizations need to move away from manual processes and take an automated approach to policy change management, says Baruch Thee of Tufin

194
194

Influence Operations Kill Chain

Schneier on Security

Influence operations are elusive to define. The Rand Corp.'s s definition is as good as any: "the collection of tactical information about an adversary as well as the dissemination of propaganda in pursuit of a competitive advantage over an opponent."

Using AI to Proactively Address Third-Party Risk

Data Breach Today

Microsoft's Abbas Kudrati Shares Recommendations Third-party risk assessments need to be ongoing, and artificial intelligence can play an important role, says Microsoft's Abbas Kudrati

China Attacks Hong Kong Protesters With Fake Social Posts

WIRED Threat Level

Twitter and Facebook say they’ve taken down misinformation campaigns from China that cast pro-democracy activists as ISIS members and cockroaches. Security Security / Security News

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

GAO: Army's New Cyber Units Understaffed and Underequipped

Data Breach Today

Audits Finds Army Rushed New Units Into Service To better prepare for cyberthreats posed by Russia and China, the U.S. Army has been building cyber and electronic warfare units.

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal and organizational data. The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source.

The State of API Security

Data Breach Today

Jacques Declas of 42Crunch on the Need for Frequent Security Updates The lifecycle of security needs to match the lifecycle of APIs, which get replaced very frequently, says Jacques Declas of 42Crunch

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. .

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Analysis: The Growth of Mobile Fraud

Data Breach Today

Why is fraud that originates on mobile devices growing at such a rapid rate? Brooke Snelling and Melissa Gaddis of iovation offer an analysis in this joint interview

138
138

Backdoored Webmin versions were available for download for over a year

Security Affairs

Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix.

Case Study: Improving ID and Access Management

Data Breach Today

What are some of moves that organizations can make to improve their identity and access management? Veda Sankepally, an IT security manager at managed care company Molina Healthcare, describes critical steps in this case study interview

Access 132

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t)

WIRED Threat Level

Apple reintroduced a previously fixed bug in iOS 12.4, which has led to a jailbreak revival. Security Security / Security News

Coordinated Ransomware Attack Hits 23 Texas Government Agencies

Threatpost

Researchers say that the targeted ransomware cyberattack on 23 Texas local and state entities represents a shift from "attacks of opportunity" to more targeted, malicious attacks. Government Malware cyberattack malware ransom ransomware state and government ransomware Texas government ransomware

Modern Technology, Modern Mistakes

Dark Reading

As employees grow more comfortable using new technologies, they could inadvertently be putting their enterprises at risk. And that leaves security teams having to defend an ever-expanding attack surface

Risk 106

VLC Media Player Allows Desktop Takeover Via Malicious Video Files

Threatpost

VideoLAN has released an updated version of its VLC Player to fix over a dozen bugs. Malware Vulnerabilities desktop takeover malicious video file MKV Open Source tracker Torrent videolan VLC player vulnerability

IT 111

Towns Across Texas Hit in Coordinated Ransomware Attack

Dark Reading

The state government and cybersecurity groups have mobilized to respond to a mass ransomware attack that simultaneously hit 23 different towns statewide

Google Nest Security Cam Bugs Allow Device Takeover

Threatpost

Eight vulnerabilities would allow a range of attacker activities, including taking the Nest camera offline, sniffing out network information and device hijacking. IoT Vulnerabilities Bugs device takeover DoS google nest home security camera offline security problems vulnerabilities

Finding Answers In Your Data Should Not Be a Chore

Perficient Data & Analytics

I hate looking for clothes to wear, especially if I’m in a hurry. Sometimes life gets crazy and my favorite shirt may still be in the dryer, or I can’t find the match to a sock I already have in my hand. Something easy can turn into a chore very quickly when things aren’t organized.

Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware

Threatpost

A detailed look at underground forums shows that cybercriminals aren't sure where to look on the heels of the GandCrab ransomware group shutting its doors - and low-level actors are taking advantage of that by developing their own strains.

Instagram Added to Facebook Data-Abuse Bounty Program

Dark Reading

Social media giant also launches invitation-only bug bounty program for 'Checkout on Instagram

87

How to architect your software delivery value stream around flow

Information Management Resources

Leading firms are focused on addressing impediments to flow so that they can successfully reduce the time to value of their software products

57

Compliance Training? What Compliance Training?

Dark Reading

Employees can run. but they can't hide. Or can they

Easing the journey to AI through full-function, untimed trials and streamlined database upgrades

IBM Big Data Hub

Choosing the right data management solutions as the foundation for AI is crucial. Enabling AI optimization and usability is paramount, as is easy scalability to accommodate the increasing amount of data used by AI applications.

Cloud 80

VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk

Dark Reading

A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system