Fri.Oct 23, 2020

How Police Can Crack Locked Phones—and Extract Information

WIRED Threat Level

A report finds 50,000 cases where law enforcement agencies turned to outside firms to bypass the encryption on a mobile device. Business Business / National Affairs Security

Ransomware Knocks Out Voter Database in Georgia

Data Breach Today

Report: Hall County Continuing to Restore Systems An Oct. 7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. The DoppelPaymer gang has taken credit for the attack

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybercriminals Could be Coming After Your Coffee

Dark Reading

Researchers show no IoT device is too small to fall victim to ransomware techniques

IoT 109

Phishing Campaign Mimics Microsoft Teams Alerts

Data Breach Today

Researchers: Fraudsters Target Office 365 Users to Harvest Credentials Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

New Report on Police Decryption Capabilities

Schneier on Security

There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by law enforcement in the United States.

More Trending

US Treasury Sanctions Russian Institution Linked to Triton Malware

Dark Reading

Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports

99

Massive U.S. Voter Database Offered for Sale

Data Breach Today

Trustwave: Data Comes From Public Sources, Leaks Voter information on as many as 186 million Americans was being offered for sale in an online forum, according to Trustwave. The information apparently came from public sources as well as data leaks

Sales 181

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data.

EU Sanctions 2 Russians for German Parliament Hack

Data Breach Today

European Officials Say Suspected Hackers Worked for Russia's GRU Military Intelligence Unit The European Union has issued sanctions against two Russian nationals alleged to have hacked Germany's lower house of parliament, or Bundestag, in 2015.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

A Pause to Address 'Ethical Debt' of Facial Recognition

Dark Reading

Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology

95

US Officials Blame Election Data Theft on Russian APT Group

Data Breach Today

Berserk Bear' Hacking Team Known for 'Gaining Footholds in Critical Infrastructure' U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and stolen election-related data.

Flurry of Warnings Highlight Cyber Threats to US Elections

Dark Reading

FBI and intelligence officials issue fresh warnings about election interference attempts by Iranian and Russian threat actors

92

LockBit Ransomware Uses Automation Tools to Pick Targets

Data Breach Today

Sophos: Malware Excels at Evading Detection and Picking Specific Victims The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected.

Analysis: The Significance of Russian Hackers' Indictment

Data Breach Today

The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation

Iran-Linked Seedworm APT target orgs in the Middle East

Security Affairs

The Iran-linked cyber espionage group tracked as Seedworm started using a new downloader and is conducting destructive attacks. The Iran-linked cyber-espionage group Seedworm (aka MuddyWater MERCURY , and Static Kitten) was observed using a new downloader in a new wave of attacks.

The US Sanctions Russians For Potentially ‘Fatal’ Malware

WIRED Threat Level

The message is meant to deter any similar attack against US infrastructure. Security Security / National Security

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Nvidia Warns Gamers of Severe GeForce Experience Flaws

Threatpost

Versions of Nvidia GeForce Experience for Windows prior to 3.20.5.70 are affected by a high-severity bug that could enable code execution, denial of service and more.

Cybercriminals Could be Coming After Your Coffee

Dark Reading

Researchers show no IoT device is too small to fall victim to ransomware techniques

IoT 73

COVID-19 Vaccine-Maker Hit with Cyberattack, Data Breach

Threatpost

Reddy's, the contractor for Russia’s “Sputinik V” COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers.

Microsegmentation: The Core of Zero Trust Security

eSecurity Planet

Microsegmentation is a core technology for achieving zero trust security, the idea that no one should be trusted or given more access than needed

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

IoT Device Takeovers Surge 100 Percent in 2020

Threatpost

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.

IoT 110

Survey: EDRM Data Mapping Project Teams Seeks Input

IG Guru

Check out the link to the Survey here. The post Survey: EDRM Data Mapping Project Teams Seeks Input appeared first on IG GURU. eDiscovery IG News Information Governance e-Discovery E-discovery reference model EDRM ESI

Louisiana Calls Out National Guard to Fight Ransomware Surge

Threatpost

An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks. Government Malware Cyberattacks emotet government offices kimjongrat louisiana malware municipal targets national guard ransomware

China: New draft national, harmonised data protection law for Mainland China

DLA Piper Privacy Matters

By Carolyn Bigg , Venus Cheung , Fangfang Song. A first national level personal information protection law for Mainland China has been published, reinforcing and heightening existing data protection compliance obligations for organisations doing business in China.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Ransomware Takes Down Network of French IT Giant

Threatpost

Sopra Steria hit with cyber attack that reportedly encrypted parts of their network on Oct. 20 but has remained mostly mum on details. Malware BazarLoader Universal Health Services cyber attack Cybersecurity digital transformation IT services Point3 Security ransomware ryuk Sopra Steria TrickBot

UWB, Ultrasonic Mesh Provide Indoor or Outdoor Contract Tracing

RFID Global Solution, Inc.

Claire Swedberg, Senior Editor, RFID Journal Schools, construction firms, offices and manufacturers are among those testing a social-distancing and contact-tracing system from RFID Global that privately alerts workers or students regarding unsafe proximity to colleagues; employers or schools can use the data to manage safer operations.

Georgia Election Data Hit in Ransomware Attack

Threatpost

With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure.