Wed.Jul 17, 2019

Ransomware: As GandCrab Retires, Sodinokibi Rises

Data Breach Today

Ransom Payments to Crypto-Locking Malware Extortionists Are Surging With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn.

Party Like a Russian, Carder’s Edition

Krebs on Security

“It takes a certain kind of man with a certain reputation.

Video 204

Impact of AMCA Breach Continues to Grow

Data Breach Today

More Victims Identified; Allegations Made in Court Filings The impact of the massive American Medical Collection Agency data breach continues to grow. At least two more laboratories have said their patients' data was potentially compromised by the breach.

Think FaceApp Is Scary? Wait Till You Hear About Facebook

WIRED Threat Level

The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny. Security Security / Privacy

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Suspected Rubella Toolkit Mastermind Arrested

Data Breach Today

20-Year-Old Allegedly Created and Distributed Malicious Tools on Underground Forums A 20-year-old Dutch man suspected of creating the Rubella Macro Builder toolkit and distributing it on underground forums has been arrested by the Dutch National Police, which received assistance from McAfee.

More Trending

Bulgarian Authorities Arrest Suspect in Massive Data Breach

Data Breach Today

20-Year-Old Charged as Investigation Continues Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media report

U.S. Healthcare Industry Needs a Shot in the Arm When it Comes to Data Protection: 70% experienced a breach; Less than 38% are encrypting even as threats increase

Thales eSecurity

If the vast majority of the people in your office knew they would contract the flu today, it’s safe to say most chairs would remain empty. Anyone who actually came to work would avoid others, sanitize drawer handles, wash their hands, and/or wear a mask.

How Deception Technology Is Evolving

Data Breach Today

Deception technology is becoming more sophisticated, enabling organizations to battle against emerging threats, says Alissa Knight, senior analyst at Aite Group, a research and advisory company

Groups 123

Investments in the cloud expected to nearly double over next two years

Information Management Resources

On average, organizations are running 27 percent of their workloads and applications in public clouds and expect this figure to nearly double to 48 percent within the next one to two years. Cloud computing Cloud hosting

Cloud 86

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Proactive Mobile Threat Defense

Data Breach Today

From malware and phishing to cryptojacking and man-in-the-middle attacks, mobile threats are rampant, and organizations need to stay a step ahead. Traditional threat management has been reactive. But IBM and Wandera have joined forces to stop threats dead in their tracks before they get close to your environment

Security Affairs - Untitled Article

Security Affairs

Tesla paid $10,000 a researcher that found a stored cross-site scripting (XSS) vulnerability that could have been exploited to change vehicle information.

Tools 85

HHS manages risk in using cloud through federal program

Information Management Resources

The agency has embraced a government-wide program that provides a standardized approach to the cloud. Cloud computing Data security Cyber security Personally identifiable information Protected health information

Cloud 78

Anti-Debugging Techniques from a Complex Visual Basic Packer

Security Affairs

One of the latest trends for the attackers is to leverage the ISO files to avoid detection, the technique has also been used in a recent Hawkeye campaign. Introduction.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

7 ways AI could make an impact on medical care

Information Management Resources

The technology can be used to aid medical research, assess potential diagnoses and protect networks. Artificial intelligence Medical imaging Robotics Cyber security Radiology

Digital transformation threats and opportunities in travel and transportation

DXC Technology

In travel and transportation most companies today don’t look at customer journeys as a collaborative exercise. They consider their job done when passengers are delivered safely to their appointed destination for their segment.

Software spending way up as the cloud covers more applications segments

Information Management Resources

While total global spending on IT products and services is nearly level with 2018 amounts, investments in enterprise software are up 9 percent this year. Software development Cloud computing Data strategy

Cloud 78

MITRE ATT&CK Framework Not Just for the Big Guys

Dark Reading

At Black Hat, analysts from MITRE and Splunk will detail how organizations of many different sizes are leveraging ATT&CK's common language

106
106

Digital Transformation: Lessons Learned from the World Cup

Micro Focus

Over the past several weeks, the world has been watching the FIFA Women’s World Cup – a global soccer (or football if you’re not from the US) tournament, which highlighted some of the best athletes in the world and culminated in a landmark win for the US team.

For Real Security, Don't Let Failure Be Your Measure of Success

Dark Reading

For too long, we've focused almost exclusively on keeping out the bad guys rather than what to do when they get in (and they will

Security Affairs - Untitled Article

Security Affairs

Threat actors used the Extembro DNS- changer Trojan in an adware campaign to prevent users from accessing security-related websites.

Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices

Threatpost

Identifying tokens and random addresses, meant to create anonymity, do not change in sync on some devices -- opening an attack vector.

Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices

Dark Reading

Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access

Constructing A Digital Transformation Strategy: Putting the Data in Digital Transformation

erwin

Having a clearly defined digital transformation strategy is an essential best practice for successful digital transformation. But what makes a viable digital transformation strategy?

The 10 Essentials of Infosec Forensics

Dark Reading

Whether it's your first investigation or 500th, review the basics of IT forensics to streamline and simplify your discovery

IT 93

Massive Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain

Threatpost

A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale. Web Security 100 million compromised ads advertising supply chain demand side platform Hong Kong Malvertising malware

[Guide] Designing a Data Governance Program in Financial Services

Perficient Data & Analytics

Data is the lifeblood of any company. It is the basis of management decision-making, regulatory supervision, taxation, and investor and market behavior. In recent years, firms have recognized data as an independent asset that should be managed and leveraged to fully reap its benefits.

FaceApp denies storing users' photographs without permission

The Guardian Data Protection

App was launched by Russian developer in 2017 and uses AI to change people’s features The developer of a popular app which transforms users’ faces to predict how they will look as older people has insisted they are not accessing users’ photographs without permission.

StrongPity APT Returns with Retooled Spyware

Threatpost

The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks. Malware alien labs new spyware prometheus StrongPity Watering hole attacks WinRAR

800K Systems Still Vulnerable to BlueKeep

Dark Reading

Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says

Risk 84

How to recover from a cyber attack

IT Governance

One in three UK organisations fell victim to a cyber attack in 2018, costing £17.8 billion in total. Your first – obviously valid – thought might be that we all need to get better at preventing security incidents, but it’s not the whole story.

Turla APT group adds Topinambour Trojan to its arsenal

Security Affairs

Kaspersky researchers revealed that since earlier this year, Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks. Security experts at Kaspersky revealed that the Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks since early 2019.