Wed.Nov 23, 2022

AxLocker Ransomware Adds a Twist: Stealing Discord Tokens

Data Breach Today

Stolen Tokens Sold to Facilitate Scams Against Cryptocurrency and NFT Enthusiasts Newly spotted AxLocker ransomware, before crypto-locking systems, also steals Discord tokens, which can be sold on cybercrime markets.

Experts claim that iPhone’s analytics data is not anonymous

Security Affairs

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Beating Clever Phishing Through Strong Authentication

Data Breach Today

Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems. But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

Dark Reading

Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents

IoT 99

6 Steps to More Streamlined Data Modeling

Are you a developer, database architect, or database administrator that's new to Cassandra, but been tasked with developing a plan for implementing the technology anyway? Worry no more. Discover a streamlined methodical approach to Apache Cassandra® data modeling.

How Your Organization Can Enhance Its Cybersecurity Posture

Data Breach Today

5 Questions Your Organization Needs to Answer to Better Detect and Defend Against Attacks There are many elements businesses can act on to enhance their cybersecurity strategy. Start by asking yourself these five questions to understand where your business stands and how you can improve

More Trending

Russian KillNet Shuts Down EU Parliament Website With DDoS

Data Breach Today

EU Declares Russia a Terrorist State; Attack Follows DDoS Hits on Eastern Nations Pro-Kremlin KillNet hackers took down the website of the European Parliament on Wednesday in a DDoS attack that came just hours after the legislative body declared Russia a terrorist state.

Ducktail information stealer continues to evolve

Security Affairs

The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn.

Russian Hackers Now Offering Stealer as a Service

Data Breach Today

34 Hacking Groups Sell Model to Spread Malware, Steal Credentials, Researchers Say Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts.

Hot Ticket: 'Aurora' Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors

Dark Reading

The infostealer Aurora’s low detection rates and newcomer status are helping it fly under the radar, as more cybercriminal gangs target cryptocurrency wallets and communications apps

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

Tata Power Attack Linked to Bug in Nearly 20-Year-Old Server

Data Breach Today

Microsoft Confirms 2021 Report, Says 1 Million Boa Servers Still Online Globally Microsoft says vulnerabilities in outdated web servers are responsible for a cyberattack last month against Indian energy giant Tata Power.

How Development Teams Should Respond to Text4Shell

Dark Reading

Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next

93

DOJ Closes Pig-Butchering Domains Tied to Crypto Scams

Data Breach Today

Seized Websites Spoofing the Singapore Monetary Exchange Cost Victims $10 Million The U.S. government seized seven fake cryptocurrency domains used in a confidence scam based on long-term emotional manipulation of victims that netted criminals more than $10 million.

Why Africa's Telecoms Must Actively Collaborate to Combat Fraud

Dark Reading

Unique conditions contribute to outsized telecom fraud across the continent, but working together can bring solutions

88

10 Rules to More Streamlined Data Modeling

Apache Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn 10 rules that will help you perfect your Kafka system to get ahead.

US Army Banks on Cyber Defense Based on Zero Trust - Part 2

Data Breach Today

The U.S. Army has embarked on its zero trust journey for both its information and network operations. Army CIO Dr. Raj Iyer shares how the military and the private sector are partnering to secure cloud infrastructure and solidify threat intelligence capabilities to fight adversaries

Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966

Security Affairs

Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems.

Black Basta Using QBot Malware to Target US-Based Companies

Data Breach Today

QBot Backdoor Opens Systems to Loading Cobalt Strike, Ransomware and Other Malware Researchers say Black Basta is dropping QBot malware in a widespread ransomware campaign targeting mostly U.S.-based based companies.

Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site

Security Affairs

Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website.

Powering Personalization Through Customer Data

Finding the right CDP can help unlock the value of your customer data. This eBook offers guidance on choosing, deploying, and utilizing a CDP, along with a case study on how one bank put data into action to forge stronger connections with customers.

Where Are We Heading With Data Privacy Regulations?

Dark Reading

New laws have made the current US privacy landscape increasingly complex

This gov team is taking Pittsburgh records digital, one scanned file at a time via Technically

IG Guru

Check out the post here. Archives Record Retention Records Management Pittsburgh Records Manager Technically

The US Has a Shortage of Bomb-Sniffing Dogs

Schneier on Security

Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs : Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health and wellness.

Penetration Testing Market Size Is Projected to Reach $5.28B Globally by 2028

Dark Reading

Fueling the trend are the rising adoption of cloud computing solutions, technology advancements, stricter data safety regulations, and the move to digitalization, says Brandessence Market Research

Cloud 70

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

New California Law Adds to Complexity of Content Moderation

Data Matters

States and Congress have been enacting or debating different approaches to online “content moderation” by social media and other internet platforms. California’s “Content Moderation Requirements for Internet Terms of Service” bill (“AB 587”) goes into effect on Jan 1, 2024.

Drive holiday season sales with omnichannel communications

OpenText Information Management

Thanksgiving, Black Friday, Cyber Monday, Giving Tuesday and the lead-up to the holidays are a busy time for everyone. As consumers spend more time on mobile devices, is your brand designing communications for the digital-first paradigm?

Get Pwned, for 30% Less!

Troy Hunt

We've had great feedback from people who have gotten Pwned. Loads of people had told us how much they've enjoyed it and would like to get their friends Pwned too. Personally, I think everyone should get Pwned!

IT 73

UK Finalizes South Korea Adequacy Decision

Hunton Privacy

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

How Can Data Enrichment Turbocharge Your Marketing Strategy?

Cllax

Data is the cornerstone for brands that want to operate at scale and place customers at the heart of everything they do. Everything starts with first-party information, i.e., the data. The post How Can Data Enrichment Turbocharge Your Marketing Strategy? first appeared on Cllax - Top of IT. Article

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. The proposed amendments revise several aspects of the draft Cybersecurity Rule amendments released on July 29, 2022.

A holistic approach to security: Content Filtering and Safe Internet

Jamf

Are your users safe on the internet? Whether working on important job-related tasks or taking part in a collaborative team learning effort – online access to critical resources is at the heart of productivity.