Fri.Sep 13, 2019

Analysis: The Impact of Business Email Compromise Attacks

Data Breach Today

This week's ISMG Security Report analyzes the cost of business email compromise attacks and the recent arrest of dozens of suspects. Also featured: updates on the easy availability of low-cost hacking tools and the latest payment card fraud trends

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group , Bluenoroff , and Andarial.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Credit Card Theft Ringleader Pleads Guilty

Data Breach Today

Fin7 Gang Tied to Theft of 15 Million Payment Cards From Restaurant Chains and Others One of the three Ukrainian men charged with leading the notorious Fin7 hacking group, which prosecutors say stole 15 million payment cards, has pleaded guilty to two federal charges

226
226

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

PSD2 Authentication Requirements: The Implementation Hurdles

Data Breach Today

Banks, Merchants, Processors Struggling to Comply With Mandate Because banks, fintech firms, merchants and payments processors in the EU have struggled to meet the Sept.

More Trending

Calif. May Ban Facial Recognition in Police Body Cameras

Data Breach Today

Legislation Awaits Governor's Signature Lawmakers in California have voted to ban the use of facial recognition technology within the body cameras that police wear. The measure now awaits the governor's signature

176
176

When Biology Becomes Software

Schneier on Security

All of life is based on the coordinated action of genetic parts (genes and their controlling sequences) found in the genomes (the complete DNA sequence) of organisms. Genes and genomes are based on code-- just like the digital language of computers.

Ransomware Gangs Practice Customer Relationship Management

Data Breach Today

Ransomware-wielding attackers treat infecting endpoints as a business and put customer relationship management principles to work, says Bill Siegel, CEO of ransomware incident response firm Coveware. He notes criminals "go after the low-hanging fruit because it's cheap and the conversion rate is high

6 Questions to Ask Once You've Learned of a Breach

Dark Reading

With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions

GDPR 85

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

For Sale: Admin Access Credentials to Healthcare Systems

Data Breach Today

Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights

Sales 137

Malware Linked to Ryuk Targets Financial & Military Data

Dark Reading

A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information

Tips on Countering Insider Threat Risks

Data Breach Today

Insider threats are difficult to counter. What happens when an employee goes rogue, and how do you catch them? Charles Carmakal of Mandiant, who says his firm is dealing with more insider threat investigations, shares tips for better defenses

Risk 129

Taking a Fresh Look at Security Ops: 10 Tips

Dark Reading

Maybe you love your executive team, your security processes, tools, or strategy. Maybe you hate them. Whatever the situation, it's likely at some point that things will have changed

IT 80

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Threatpost

At every turn, the info-stealer uses legitimate services to get around normal email, endpoint and network defenses. Facebook Malware Web Security astaroth attack analysis Brazil cofense information stealer legitimate services phishing campaign spy trojan Youtube

US Sanctions 3 Cyber Attack Groups Tied to DPRK

Dark Reading

Lazarus Group, Bluenoroff, and Andariel were named and sanctioned by the US Treasury for ongoing attacks on financial systems

76

iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts

Threatpost

Apple will not fix the glitch until the release of iOS 13.1 later in September. Hacks Mobile Security apple Apple hack Apple vulnerability ios 13 iOS 13.1 iphone iPhone X lock screen bypass patch Vulnerability Disclosure

How Do Patient Portals Work?

Record Nations

A patient portal is a secure online platform that allows patients to access their health records at any time and anywhere, as long as they have an internet connection. Patients can log on from their computer or smartphone using a secure username and password.

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Smart Watches and Cheating on Tests

Schneier on Security

The Independent Commission on Examination Malpractice in the UK has recommended that all watches be banned from exam rooms, basically because it's becoming very difficult to tell regular watches from smart watches. cheating internetofthings

IT 70

How Patient Portals Benefit You As Well As Your Patients

Record Nations

A patient portal is a secure website that gives patients easy, 24-hour access to their personal health information from anywhere with an internet connection. Portals benefit both patients as well as providers.

3 ways a data catalog can help optimize your business

IBM Big Data Hub

The best data catalogs can automate the process to collect, classify and profile data to ensure the highest standards of quality. Here are three popular use cases detailing why companies are moving towards IBM’s Watson Knowledge Catalog

90

WordPress XSS Bug Allows Drive-By Code Execution

Threatpost

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. Vulnerabilities Web Security cross-site scripting drive-by attack gutenberg editor patch remote code execution version 5.2.3 vulnerability website takeover wordpress XSS

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

US Sanctions 3 Cyberattack Groups Tied to DPRK

Dark Reading

Lazarus Group, Bluenoroff, and Andariel were named and sanctioned by the US Treasury for ongoing attacks on financial systems

61

North Korean Spear-Phishing Attack Targets U.S. Firms

Threatpost

Researchers warn that U.S. firms are being targeted with legitimate - but trojanized - documents that are often socially engineered to a tee.

The consequence of valuing data

Information Management Resources

I have read widely in information theory and despite the rhetoric, there remains ample disagreement in research circles that data has an implied value independent of use or context. Data strategy Data management Data science

Cybercriminals Adding Sophistication to BEC Threats

Threatpost

New tactics aimed at business executives and users are being used to reap greater reward from email based fraud, which continues to rise, researchers said. Government Hacks Malware Web Security BEC Business Email Compromise Department of Justice email email threats Operation reWired

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

Will the CCPA define the future of data privacy in the U.S.?

Information Management Resources

California’s privacy law is already spurring other states to develop new legislation. Hundreds of bills that address privacy, cybersecurity and data breaches are pending across the 50 states, territories and the District of Columbia. Data privacy rules Data security GDPR

AI and the Impact On Fighting Card Fraud

Rippleshot

Increasingly, as fraudsters get smarter and faster, you'll find the mention of AI in discussions about tools to combat the rise of card fraud. Security professionals have already bought in and are leading the charge for more advanced technology investments.

IT 52

The Benefits of Combining Secure Offsite Storage with Professional Document Scanning

Archive Document Data Storage

Do you dread searching through disorganised file rooms to find a hard copy document? Are you fed up of wasting time removing staples from documents and then wrestling with the office scanner to make a digital copy?

Paper 52