Mon.Jun 29, 2020

UCSF Med School Pays $1.1 Million Ransom

Data Breach Today

After Ransomware Attack, School Cites Need to Restore Data Related to 'Academic Work' The University of California San Francisco says it paid a $1.14 million ransom earlier this month to obtain decryptor keys to unlock several servers within its school of medicine that were struck with ransomware

iPhone Apps Stealing Clipboard Data

Schneier on Security

iOS apps are repeatedly reading clipboard data , which can include all sorts of sensitive information. While Haj Bakry and Mysk published their research in March, the invasive apps made headlines again this week with the developer beta release of iOS 14.

IT 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Co-Creator of Site That Sold Payment Card Data Pleads Guilty

Data Breach Today

Infraud Organization's Site, Shuttered in 2018, Tied to $530 Million in Fraud A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty

183
183

University of California SF Pays Ransom After Medical Servers Hit

Dark Reading

As one of at least three universities hit in June, the school paid $1.14 million to cybercriminals following an attack on "several IT systems" in the UCSF School of Medicine

IT 112

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Fxmsp Hackers Behind AV Source Code Heist: Still Operating?

Data Breach Today

Remote-Access Vendor Promised to Make Buyers 'Invisible God of Networks' Is the Fxmsp hacking operation still in business? Experts say Fxmsp earned $1.5 million in illicit profits, thanks to a botnet-based business model that enabled the group to sell remote access to hacked networks.

Access 170

More Trending

OnDemand | New Threats in the Age of the Dynamic Workforce

Data Breach Today

How the Dynamic Workforce is Changing Threat Detection and Response View this webinar to learn strategies to mitigate cyberattack risk in the 'new normal' and what you can do to continue to stay ahead of the curve

Risk 161

REvil operators threaten to leak files stolen from Australian firm Lion

Security Affairs

Australian beverage company Lion announced that it has found no evidence that hackers have stolen information from its systems. The Australian brewery and dairy conglomerate Lion suffered two cyber attacks in a few days this month.

Data Breach Settlement Has an Unusual Provision

Data Breach Today

No 'Global Cap' on Payment of Claims A preliminary settlement in a class action data breach lawsuit against Iowa Health System - which does business as UnityPoint Health - contains an unusual provision that could prove quite costly

Chinese tax software bundled with GoldenSpy backdoor targets western companies

Security Affairs

A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Magecart Card Skimmer Hidden in Image's EXIF Metadata

Data Breach Today

Malwarebytes Researchers Find Malicious JavaScript in WordPress Plugin Payment card hackers are now hiding malicious JavaScript inside an image's EXIF metadata and then sneaking the image onto e-commerce sites, according to the security firm Malwarebytes

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis.

Japan's IoT Scanning Project: Insecure Devices Found

Data Breach Today

But Port Scanning Project Found Small Number of Problematic Devices Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors.

IoT 147

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

The University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data after a ransomware attack. Late last week, the University of California San Francisco (UCSF) admitted having paid roughly $1.14

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Hacking Timeline: Fxmsp's Rise and Apparent Fall

Data Breach Today

Group Refined Network Intrusions and Malware to Build a Better Botnet, Experts Say How long does it take to become a reliable, trusted seller in the cybercrime-as-a-service ecosystem? For the Fxmsp hacking collective, experts say the answer is about a year.

IT 141

Marketers: Your Role In Social Discourse Is Critical

John Battelle's Searchblog

How Brands Can Fix the Relationship Between Platforms, Audiences, and Media Companies (Hint: It’s Not a Boycott). Second of a series. The first post reviews the media and platform ecosystem, and laments the role brand marketers have played in its demise.) .

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021 , in the operating system ( PAN?OS

Files Stolen from 945 Websites Discovered on Dark Web

Dark Reading

Researchers who found the archived SQL files estimate up to 14 million people could be affected

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Empowering your workforce

OpenText Information Management

Ensuring business productivity in today’s uncertain times has put security, accessibility, and collaboration at the forefront of every business. While societal changes mandate staying home to ensure safety, business is adjusting to a new way of working.

Office 365 users that are returning to the workplace targeted with Coronavirus training resources

Security Affairs

Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation.

Russian Cybercriminal Behind CardPlanet Sentenced to 9 Years

Dark Reading

Aleksei Burkov will go to federal prison for operating two websites built to facilitate payment card fraud, hacking, and other crimes

83

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Threatpost

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased. Newsmaker Interviews Podcasts Privacy ai amazon data bias Data Privacy facial recognition IBM law enforcement Microsoft

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

Dark Reading

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources

IT 80

REvil Ransomware Gang Adds Auction Feature for Stolen Data

Threatpost

An anonymous bidding mechanism enhances the REvil group's double-extortion game. Breach Hacks Malware Privacy anonymous bidder auction site cybercriminal forum Dark Web data theft exfiltrated data GandCrab Grubman Shire Meiselas & Sacks Monero ransomware revil travelex underground site XMR

Five real-life Netezza performance server use cases

IBM Big Data Hub

Follow @IBMAnalytics. Right now, businesses are focused on getting the most out of their Data and AI platform without overspending to make sure it is operational and running productive workloads. This means having an always-on, 24x7 system that can handle huge spikes in workloads when needed.

IT 73

Driving innovation in the energy industry

OpenText Information Management

Worldwide demand for energy is growing faster than ever, leading to rapid changes in the energy industry and in the wider world beyond. Deloitte predicts companies in the oil and gas sector in 2020 will be “walking the tightrope,” and need to keep vigilant for both risks and opportunities.

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

HackerOne Reveals Top 10 Bug-Bounty Programs

Dark Reading

Rankings based on total bounties paid, top single bounty paid, time to respond, and more

70

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Threatpost

The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.

IoT 97

Disposition 101 Webinar Now Available

The Texas Record

We are very excited to announce the newly revamped Disposition 101 webinar, which is now available on our website along with several other free records management webinars and supplemental resources.