Fri.Oct 08, 2021

Data Breach Reports Rise as Supply Chain Attacks Surge

Data Breach Today

US Breach Notification Transparency Declining, Identity Theft Resource Center Warns The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns.

The Netherlands declares war on ransomware operations

Security Affairs

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Nobelium Makes Russia Leader in Cyberattacks

Data Breach Today

Microsoft: 58% of Attacks Reported Worldwide Originated From Russia Microsoft, in its annual threat review report, Digital Defense, says 58% of cyberattacks worldwide over the past year originated in Russia. And 92% of the Russia-based threat activity came from the nation-state threat group Nobeliu

IT 242

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. On Wednesday, Google announced to have warned approximately 14,000 Gmail users that they had been targeted by nation-state hackers.

Monitoring AWS Container Environments at Scale

In this eBook, learn how to monitor AWS container environments at scale with Datadog and which key metrics to monitor when leveraging two container orchestration systems (ECS and EKS).

Apache Issues Another Emergency Patch for Exploited Flaws

Data Breach Today

110,000 Servers Exposed to Active Attacks; US Government Urges Immediate Patching Apache HTTP Server users are being warned to install yet another patch, as a fix released Wednesday was incomplete and introduced a new flaw. The U.S.

More Trending

Netherlands Says Armed Forces May Combat Ransomware Attacks

Data Breach Today

Officials and Experts Debate Legality, Diplomatic Ramifications of the Statement The Dutch government says it may use intelligence agencies or military services to counter cyberattacks - including ransomware attacks - that threaten the country's national security.

58% of all nation-state attacks in the last year were launched by Russian nation-state actors

Security Affairs

Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies. Microsoft revealed that most of the cyber attacks on US government agencies are orchestrated by Russia-linked cyberespionage groups.

ISMG Editors’ Panel: First Fatality Linked to Ransomware?

Data Breach Today

OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace via OCR Listserv

IG Guru

Today, the U.S.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Finding New Ways to Disrupt Ransomware Operations

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the arrest of two suspects tied to a major ransomware group in Ukraine. Also featured: Introducing "The Ransomware Files" and defining the next-gen CISO

North American Orgs Hit With an Average of 497 Cyberattacks per Week

Dark Reading

A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began

72

Silicon Valley VC Firm Leaked 'Deal Flow' Data

Data Breach Today

Plug and Play Ventures Left an Amazon S3 Bucket Open to the Internet A Silicon Valley venture capital firm that runs a matchmaker service linking investors with startups exposed 6GB of data, including deal flow information pertaining to investors and startups.

IT 172

Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw

Security Affairs

Apache Software Foundation has released HTTP Web Server 2.4.51 to completely address a vulnerability that has been actively exploited in the wild. Apache Software Foundation has released HTTP Web Server 2.4.51

IT 70

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Efforts to Incentivize Healthcare Sector Cyber Investments

Data Breach Today

Erik Decker, CISO of Intermountain Health, on Ways to Bolster Security Posture A federal law signed earlier this year amending the HITECH Act could help incentivize many healthcare sector entities to bolster their cybersecurity programs, says federal adviser Erik Decker, CISO of Intermountain Health, who suggest other incentives, as well.

White House, Congress Target Ransomware Payments

eSecurity Planet

The surge in ransomware attacks in the last year have spurred attempts by government officials to bolster cybersecurity defenses, and those actions advanced on multiple fronts this week. In an op-ed piece published by CNBC, U.S.

Principles of Sustainable Cybersecurity

Data Breach Today

Deepayan Chanda Discusses Reliability, Accuracy, Architecture and Resiliency Deepayan Chanda discusses the four principles of cybersecurity - reliability, accuracy, architecture and resiliency - that he believes cover most of the aspects of how CISOs can maintain the level of cybersecurity that their organzations need to sustain attacks.

'FontOnLake' Malware Family Targets Linux Systems

Dark Reading

Researchers report that the location of its C2 server and the countries where samples were uploaded may indicate targets include Southeast Asia

IT 67

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Google Says Russian APT Targeting Journalists, Politicians

Data Breach Today

Company Outlines Added Security for High-Profile Users, Announces 2FA Enrollment Some 14,000 Google users were warned of being suspected targets of Russian government-backed threat actors on Thursday.

Qualys Automates Ransomware Risk Assessment

eSecurity Planet

Qualys this week launched a new Ransomware Risk Assessment Service that’s designed to help enterprises understand their potential exposure to ransomware and automate the process of patching any associated vulnerabilities or misconfigurations.

Risk 64

Analyzing the Results of the 2021 Cybersecurity Complexity Study, EU & UK

Data Breach Today

Martin Cook, Sr.

Patch 'Immediately': Apache Issues Software Fix Amid Zero-Day Attacks

Dark Reading

CISA reports it's seeing ongoing scanning for the flaws and expects the activity to accelerate

IT 60

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Mental Health And The Workplace

Hanzo Learning Center

It's stressful for workers these days, and Covid-19's impact has been far-reaching on economic activity and our way of working both now and in the future.

IT 56

Continuous Authentication Tech Looms Large in Deployment Plans

Dark Reading

Security leaders are interested in continuous authentication technologies, especially behavioral-based capabilities

CIPL Publishes White Paper on Organizational Accountability in Privacy Enforcement

Hunton Privacy

On October 6, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth published a white paper on “Organizational Accountability in Data Protection Enforcement – How Regulators Consider Accountability in their Enforcement Decisions” (the “Paper ”).

Paper 78

Hardware Bolsters Medical Device Security

Dark Reading

New microprocessor technologies like secure enclaves and cryptography acceleration enable hardware to better safeguard medical devices

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Electronic Records Day 2021

The Texas Record

Today we celebrate Electronic Records Day, which raises awareness about the crucial need to manage and preserve government electronic records (e-records).

71% of Security Pros Find Patching to be Complex and Time Consuming, Ivanti Study Confirms

Dark Reading

Challenges with lack of time and vulnerability and patching prioritization are putting organizations at increased risk of cyberattacks

Risk 55

Fast and Free Method to Make Caricature of Yourself – Caricaturer.io

Cllax

There are thousands of editing tools nowadays, and digital creations are more advanced than ever. The manual work we do towards art has gotten fewer because of the convenient tools. The post Fast and Free Method to Make Caricature of Yourself - Caricaturer.io first appeared on Cllax - Top of IT.

IT 26