Mon.Mar 23, 2020

COVID-19 Phishing Schemes Escalate; FBI Issues Warning

Data Breach Today

Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people and companies for more than a decade, and promised a Part II to explore who was behind Web Listings.

Sales 140

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CA AG Modifies CCPA Regs - Again

Data Breach Today

Attorney Sadia Mirza Reviews 'Spring Cleaning' of Landmark Privacy Act Amidst the COVID-19 pandemic crisis, the California Attorney General's Office on March 11 released a second modification of the proposed regulations to implement the California Consumer Protection Act.

NEW TECH: Start-up QuoLab enters emerging ‘Security Operations Platform’ — SOP — space

The Last Watchdog

Defending enterprise networks has become a convoluted challenge, one that is only getting more byzantine by the day. I’ve written about the how SIEMs ingest log and event data from all across hybrid networks, and about how UEBA and SOAR technologies have arisen in just the past few years to help companies try to make sense of it all, even as catastrophic breaches persist.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Fintech Firm Finastra Recovering From Ransomware Attack

Data Breach Today

Attackers Targeted Corporate Network, Forcing Company to Shut Down IT Operations Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.

More Trending

COVID-19: Security Risks As Manufacturers Shift Gears

Data Breach Today

As automobile manufacturers and others rush to shift to production of ventilators and other medical equipment and supplies to help fight the COVID-19 pandemic, they must take steps to ensure security, privacy and safety risks are addressed, says technology attorney Steven Teppler

Microsoft Publishes Advisory for Windows Zero-Day

Dark Reading

There is no available patch for the vulnerabilities, which Microsoft says exist in all supported versions of Windows


Russia Blamed for COVID-19 Disinformation Campaigns

Data Breach Today

Pro-Kremlin Outlets Complicating Public Health Response, Nation-State Watchers Warn Disinformation campaigns with ties to Russia are continuing in an attempt to impede other governments' responses to the COVID-19 pandemic, complicating public health efforts to combat the disease, European officials warn

FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert

Dark Reading

Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

BEC Campaign Targets HR Departments: Report

Data Breach Today

Cybercriminal Group TA505 Sending Trojanized CV Files, Prevailian Reports TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme

Hacking Voice Assistants with Ultrasonic Waves

Schneier on Security

I previously wrote about hacking voice assistants with lasers. Turns you can do much the same thing with ultrasonic waves : Voice assistants -- the demo targeted Siri, Google Assistant, and Bixby -- are designed to respond when they detect the owner's voice after noticing a trigger phrase such as 'Ok, Google'.

Paper 84

Coronavirus-themed campaign delivers a new variant of Netwalker Ransomware

Security Affairs

MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware. The number of coronavirus -themed cyberattacks continues to increase, MalwareHunterTeam researchers uncovered a new campaign that is delivering the Netwalker Ransomware, aka Mailto.

Three Ways Your BEC Defense Is Failing & How to Do Better

Dark Reading

Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop


The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

Hackers are offering for sale on the dark web data belonging to 538 million Weibo users, including 172 million phone numbers. Data of 538 million Weibo users are available for sale on the dark web the news was reported by several Chinese media and users on social networks. 107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more.

Sales 83

538 Million Weibo Users' Info for Sale on Dark Web

Dark Reading

The user data, which does not include passwords, purportedly comes from a mid-2019 breach

Sales 77

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. According to the Chinese security firm Qihoo 360’s Netlab team, operators of several botnets , including Chalubo , FBot , and Moobot , targeting LILIN DVRs at least since August 30, 2019.

Protect Your Home Office and Network With These 5 Tips

Adam Levin

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Your password should be include letters, numbers and special characters in a combination you haven’t used on other accounts. You can also create an extra firewall by configuring your router to block unwanted incoming internet traffic. Secure Your Webcam: If you’re using an external webcam for videoconferences, disconnect it when you’re not using it.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Operation Pangea: Europol dismantles criminal gangs selling coronavirus medicine, surgical masks

Security Affairs

Operation Pangea is the name of a joint international operation lead by the Interpol that seized €13 million in counterfeit drugs for care. . The Coronavirus outbreak is sustaining an unprecedented demand in hygiene products, surgical masks, and drugs that could care the COVID infection.

Complimentary Webinar: Intentional Impact – Revolutionizing Your Leadership Approach: Creating IG Champions on 3/26

IG Guru

This complimentary webinar provides a method for creating Records and Information Governance “Champions” in your organization. You will improve your leadership skills with the practical methods demonstrated in this session and you will walk away feeling empowered and encouraged despite the challenges we are currently facing in our industry and across the globe. Deborah Robbins, […].

The University of Utah Health discloses security breach

Security Affairs

The University of Utah Health disclosed a security breach, it has discovered malware on its systems and revealed unauthorized access to some employee email accounts. The University of Utah Health disclosed a security breach, the research hospital has discovered unauthorized access to some employee email accounts along with the presence of malware on its systems. Attackers breached the organization with a phishing attack, the intrusion took place between January 7 and February 21, 2020.

Five Ways to Secure Your Home Office Webcam

Adam Levin

Covid-19 is increasing the number of employees working from home, and more businesses are relying on video conferences as a means of keeping in regular communication. . Follow these tips to make sure your webcam isn’t compromising your privacy and your data: Unplug/disable your camera when it’s not in use: If you’re using an external camera, don’t just turn it off when you’re not in a conference–unplug it completely.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

8 Infosec Page-Turners for Days Spent Indoors

Dark Reading

Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry

Hackers Actively Exploit 0-Day in CCTV Camera Hardware


Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN. IoT Vulnerabilities Botnets CCTV cameras Chalubo DDoS dvr FBot Internet of things ip video camera lilin Mirai botnet Moobot network time protocol NTPDate Qihoo 360 vulnerability

IoT 71

Governance doesn't stop when working from home


The current pandemic has more people working from home than ever before, but that should not stop your organization from being diligent with information governance practices. Just like washing your hands, and social distancing can slow down the spread of germs, steps can be taken to ensure that the health of your information systems stay strong as well. office 365 records management records in the cloud federated records intelligent records management physical records Content Governance

Complimentary Webinars provided by VRC during COVID-19 Pandemic

IG Guru

Vital Records Control (VRC) recognizes the pandemic due to COVID-19 is rapidly changing how we work and learn. As many of the conferences and seminars postpone or cancel due to pandemic, we wish to offer a solution. I will be hosting weekly information governance (IG) webinars. We hope the upcoming webinars will help take your […]. The post Complimentary Webinars provided by VRC during COVID-19 Pandemic appeared first on IG GURU.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Court Observes “Timing is Everything” in Determining When Litigation is Anticipated: eDiscovery Case Law

eDiscovery Daily

Yesterday, I noted that COVID-19 is impacting several courts and closing many – at least for now. But, I also noted that we still have several cases we can cover from earlier this year regarding eDiscovery. Here’s one. In Noah’s Wholesale, LLC v. Covington Specialty Ins.,

OCR Issues Guidance on Telehealth Video Technology: Recommends Business Skype and others

IG Guru

March 17, 2020 Notification of Enforcement Discretion for Telehealth Remote Communications during the COVID-19 Nationwide Public Health Emergency We are empowering medical providers to serve patients wherever they are during this national public health emergency. We are especially concerned about reaching those most at risk, including older persons and persons with disabilities. Roger Severino, […].

How to facilitate remote learning: Part 3 — Peer-to-peer interaction

Jamf on EdTech

To best keep students and educators safe — schools are re-evaluating their teaching practices and learning environments to accommodate an at-home, remote learning experience. In part three of our five-part blog series, we show you ways to promote peer-to-peer interaction