Sat.Dec 01, 2018

What the Marriott Breach Says About Security

Krebs on Security

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties.

MITRE evaluates Enterprise security products using the ATT&CK Framework

Security Affairs

The MITRE Corporation’s ATT&CK framework has been used to evaluate the efficiency of several enterprise security products designed by several vendors.

Weekly Update 115

Troy Hunt

I'm pushing this out a day late so firstly, apologies for the break in what's otherwise a pretty steady cadence. But having said that, as I say at the start of this video I've really been struggling with work / life balance lately.

IoT 71

ETERNALSILENCE – 270K+ devices vulnerable to UPnProxy Botnet build using NSA hacking tools

Security Affairs

Over 270,000 connected devices run vulnerable implementations of UPnP, threat actors are attempting to recruit them in a multi-purpose botnet. In April, Akamai reported that threat actors compromised 65,000 home routers by exploiting vulnerabilities in Universal Plug’N’Play (UPnP) , experts tracked the botnet as UPnProxy. Now the company provided an update to its initial analysis revealing a disconcerting scenario, UPnProxy is still up and running.

Tools 87

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

A Dunkin' Donuts Hack, a Fake FedEx Site, and More Security News This Week

WIRED Threat Level

Scam centers, exposed massage company data, and more of the week's top security news. Security

Data 58