Mon.Jun 29, 2020

UCSF Med School Pays $1.1 Million Ransom

Data Breach Today

After Ransomware Attack, School Cites Need to Restore Data Related to 'Academic Work' The University of California San Francisco says it paid a $1.14 million ransom earlier this month to obtain decryptor keys to unlock several servers within its school of medicine that were struck with ransomware

University of California SF Pays Ransom After Medical Servers Hit

Dark Reading

As one of at least three universities hit in June, the school paid $1.14 million to cybercriminals following an attack on "several IT systems" in the UCSF School of Medicine

IT 110

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Co-Creator of Site That Sold Payment Card Data Pleads Guilty

Data Breach Today

Infraud Organization's Site, Shuttered in 2018, Tied to $530 Million in Fraud A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty

196
196

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

Researchers revealed that the number of daily brute-force attacks on Windows RDP has doubled during the pandemic lockdown. Security experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Fxmsp Hackers Behind AV Source Code Heist: Still Operating?

Data Breach Today

Remote-Access Vendor Promised to Make Buyers 'Invisible God of Networks' Is the Fxmsp hacking operation still in business? Experts say Fxmsp earned $1.5 million in illicit profits, thanks to a botnet-based business model that enabled the group to sell remote access to hacked networks.

Access 186

More Trending

OnDemand | New Threats in the Age of the Dynamic Workforce

Data Breach Today

How the Dynamic Workforce is Changing Threat Detection and Response View this webinar to learn strategies to mitigate cyberattack risk in the 'new normal' and what you can do to continue to stay ahead of the curve

Risk 172

Marketers: Your Role In Social Discourse Is Critical

John Battelle's Searchblog

How Brands Can Fix the Relationship Between Platforms, Audiences, and Media Companies (Hint: It’s Not a Boycott). Second of a series. The first post reviews the media and platform ecosystem, and laments the role brand marketers have played in its demise.) .

Data Breach Settlement Has an Unusual Provision

Data Breach Today

No 'Global Cap' on Payment of Claims A preliminary settlement in a class action data breach lawsuit against Iowa Health System - which does business as UnityPoint Health - contains an unusual provision that could prove quite costly

Chinese tax software bundled with GoldenSpy backdoor targets western companies

Security Affairs

A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Magecart Card Skimmer Hidden in Image's EXIF Metadata

Data Breach Today

Malwarebytes Researchers Find Malicious JavaScript in WordPress Plugin Payment card hackers are now hiding malicious JavaScript inside an image's EXIF metadata and then sneaking the image onto e-commerce sites, according to the security firm Malwarebytes

REvil operators threaten to leak files stolen from Australian firm Lion

Security Affairs

Australian beverage company Lion announced that it has found no evidence that hackers have stolen information from its systems. The Australian brewery and dairy conglomerate Lion suffered two cyber attacks in a few days this month.

Japan's IoT Scanning Project: Insecure Devices Found

Data Breach Today

But Port Scanning Project Found Small Number of Problematic Devices Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors.

IoT 153

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Hacking Timeline: Fxmsp's Rise and Apparent Fall

Data Breach Today

Group Refined Network Intrusions and Malware to Build a Better Botnet, Experts Say How long does it take to become a reliable, trusted seller in the cybercrime-as-a-service ecosystem? For the Fxmsp hacking collective, experts say the answer is about a year.

IT 141

Files Stolen from 945 Websites Discovered on Dark Web

Dark Reading

Researchers who found the archived SQL files estimate up to 14 million people could be affected

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Threatpost

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased. Newsmaker Interviews Podcasts Privacy ai amazon data bias Data Privacy facial recognition IBM law enforcement Microsoft

Office 365 users that are returning to the workplace targeted with Coronavirus training resources

Security Affairs

Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Russian Cybercriminal Behind CardPlanet Sentenced to 9 Years

Dark Reading

Aleksei Burkov will go to federal prison for operating two websites built to facilitate payment card fraud, hacking, and other crimes

75

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

The University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data after a ransomware attack. Late last week, the University of California San Francisco (UCSF) admitted having paid roughly $1.14

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

Dark Reading

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources

IT 73

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021 , in the operating system ( PAN?OS

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

HackerOne Reveals Top 10 Bug-Bounty Programs

Dark Reading

Rankings based on total bounties paid, top single bounty paid, time to respond, and more

69

Empowering your workforce

OpenText Information Management

Ensuring business productivity in today’s uncertain times has put security, accessibility, and collaboration at the forefront of every business. While societal changes mandate staying home to ensure safety, business is adjusting to a new way of working.

Disposition 101 Webinar Now Available

The Texas Record

We are very excited to announce the newly revamped Disposition 101 webinar, which is now available on our website along with several other free records management webinars and supplemental resources.

REvil Ransomware Gang Adds Auction Feature for Stolen Data

Threatpost

An anonymous bidding mechanism enhances the REvil group's double-extortion game. Breach Hacks Malware Privacy anonymous bidder auction site cybercriminal forum Dark Web data theft exfiltrated data GandCrab Grubman Shire Meiselas & Sacks Monero ransomware revil travelex underground site XMR

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Transform your bottom line with SAP S/4HANA

OpenText Information Management

Guest blog by Simon Carpenter, Centre of Expertise Lead, SAP UK & Ireland I’m not surprised many businesses find it tough committing to an SAP S/4HANA upgrade.

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Threatpost

The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.

IoT 92

Leveraging cloud technologies for OpenText Enterprise Content Services (ECS) software

OpenText Information Management

For many of us, moving to the cloud invokes memories of moving to virtualized environments many years ago.