Thu.Jul 22, 2021

Saudi Aramco Says Supplier Leaked Company Data

Data Breach Today

Cybercriminals Reportedly Demanding $50 Million Payment From Oil Giant Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached.

IT 282

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT 113
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Has REvil Disbanded? White House Says It Doesn't Know

Data Breach Today

Speculation Rages as Notorious Ransomware Operation Remains Quiet and Offline What's up with REvil? Questions have been mounting since the notorious ransomware operation went quiet on July 13, not long after unleashing a mega-attack via remote management software vendor Kaseya's software.

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Patch Roundup: Windows, Linux, Oracle, Juniper

Data Breach Today

Companies Address a Range of Vulnerabilities A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold.

227
227

More Trending

Third Arrest in Connection With 2020 Twitter Hack

Data Breach Today

Spanish Police Arrested UK Citizen Joseph O'Connor at Request of US Prosecutors A U.K. citizen was arrested in Spain Wednesday at the request of the U.S. Justice Department for his alleged role in a July 2020 hack of Twitter and additional incidents involving TikTok and Snapchat.

220
220

Akamai software update triggered a bug that took offline major sites

Security Affairs

Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce.

Kaseya Obtains Decryptor Key

Data Breach Today

Software Firm Helping Customers Affected by Ransomware to Recover The software firm Kaseya Thursday said it has received a decryptor key from a "third-party" that is enabling it to help clients recover from a REvil, aka Sodinokibi, ransomware attack

Nasty Printer Driver Vulnerability

Schneier on Security

From SentinelLabs , a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Hospital Worker Charged in COVID Relief Fraud Case

Data Breach Today

Prosecutors Allege Patients' Information Used for Fake Unemployment Claims Federal prosecutors have charged a former Scripps Health employee in connection with an alleged conspiracy involving the theft of patient information that was then used to submit fraudulent unemployment claims under the COVID-19 relief program.

160
160

Ireland & UK: Latest trends in data subject access requests in pending litigation

DLA Piper Privacy Matters

Authors: Marcus Walsh , David Cook , John Magee. As individuals become more aware of their rights under data protection law, data subject access requests ( DSARs ) are an increasingly frequent concern for organisations both large and small.

Experts Testify on Cyberthreats to Water Treatment Plants

Data Breach Today

Senate Panel Hears Testimony About Vulnerabilities at Facilities U.S. water treatment facilities are increasingly vulnerable to cyberthreats to their IT networks as well as their OT systems, according to experts who testified at a Senate committee hearing this week

IT 134

Group-IB helps Dutch police identify members of phishing developer gang Fraud Family

Security Affairs

Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

The Kaseya Ransomware Nightmare Is Almost Over

WIRED Threat Level

A decryption tool has emerged, meaning any victims whose systems remain locked up can soon breathe easy. Security Security / Cyberattacks and Hacks

7 Hot Cyber Threat Trends to Expect at Black Hat

Dark Reading

A sneak peek of some of the main themes at Black Hat USA next month

89

An Explosive Spyware Report Shows the Limits of iOS Security

WIRED Threat Level

Amnesty International sheds alarming light on an NSO Group surveillance tool—and the gaps in Apple’s and Google's defenses. Security Security / Cyberattacks and Hacks

Protonmail announces new VPN App for Linux

IG Guru

Check out the article here. The post Protonmail announces new VPN App for Linux appeared first on IG GURU. IG News information privacy information security Privacy Security Cybersecurity Linux ProtonMail ProtonVPN VPN

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

Threatpost

Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn. Breach Cloud Security Government Hacks Web Security

Cloud 114

Document Processing Vs. Robotic Process Automation

AIIM

The Difference Between Intelligent Document Processing and RPA — Or Is There One? For many businesses, content and data capture tools are highly sought out, particularly in the banking and insurance sectors.

Critical Jira Flaw in Atlassian Could Lead to RCE

Threatpost

The software-engineering platform is urging users to patch the critical flaw ASAP. Vulnerabilities Web Security

Document Processing Vs. Robotic Process Automation

AIIM

The Difference Between Intelligent Document Processing and RPA — Or Is There One? For many businesses, content and data capture tools are highly sought out, particularly in the banking and insurance sectors.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day

Threatpost

Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come: a fix for what makes iPhones easy prey for Pegasus spyware. Mobile Security Vulnerabilities Web Security

Automating EDI for supply chain efficiency

OpenText Information Management

“Necessity is the mother of invention” — an old proverb that rings especially true today. Driven by change, uncertainty, and opportunity, businesses everywhere are innovating to survive and thrive. In small increments or giant leaps or somewhere in between, innovation is all around us.

Phish Swims Past Email Security With Milanote Pages

Threatpost

The “Evernote for creatives” is anchoring a rapidly spiking phishing campaign, evading SEGs with ease. News Web Security

Regain control over your corporate data

OpenText Information Management

In today’s global economy, business success and growth are affected by rapid changes in market requirements, short innovation cycles and rising demands for internal and external communication.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Industrial Networks Exposed Through Cloud-Based Operational Tech

Threatpost

Critical ICS vulnerabilities can be exploited through leading cloud-management platforms. Cloud Security Critical Infrastructure Vulnerabilities

Cloud 98

Money talks, WeFi listens

OpenText Information Management

It takes money to make money, goes the old saying. And it’s true. Setting up a business requires investment in a place, people and products. Keeping the supply chain running takes money, too. Vendors, even large ones, do not want to tie up liquidity by extending credit to resellers.

IT 60

Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug

Threatpost

A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems. Hacks Vulnerabilities