Thu.May 28, 2020

'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data

Data Breach Today

Google: Hackers Using COVID-19 Phishing Themes to Target Businesses "Hack-for-hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services.

Paper 178

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware Gangs' Ruthlessness Leads to Bigger Profits

Data Breach Today

Both the Volume of Successful Attacks and Victims' Payoffs Have Been Rising Ransomware-wielding criminals are growing increasingly ruthless, based on the size of their extortion demands, their increasing propensity to leak data in an attempt to force victims to pay and their greater focus on taking down big targets.

Thermal Imaging as Security Theater

Schneier on Security

Seems like thermal imaging is the security theater technology of today. These features are so tempting that thermal cameras are being installed at an increasing pace.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

How Smaller Companies Can Set Cybersecurity Priorities

Data Breach Today

Consultant Nic Miller Highlights Critical Factors to Consider Small and midsize companies don't need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies

More Trending

LiveJournal Blog Platform Credential Leak: What Happened?

Data Breach Today

Millions of Older Credentials Apparently Used in Credential-Stuffing Attacks The Russian blogging platform LiveJournal confirmed this week that it suffered several brute-force attacks in 2011 and 2012.

Sales 163

Data Loss Spikes Under COVID-19 Lockdowns

Dark Reading

Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy

Safeguarding COVID-19 Research, Other Intellectual Property

Data Breach Today

As cyberthreats to medical research on COVID-19 - and other intellectual property - grow, organzations must take critical steps to prevent the theft of their "innovation capital," says Russell Koste, chief security officer of Alexion Pharmaceuticals

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

The U.S. NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). The U.S.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Bipartisan Bill Would Boost Cybersecurity Research

Data Breach Today

Proposal Would Also Increase Research Investments for AI, Quantum Computing A bipartisan group of lawmakers has introduced a bill that calls for investing $100 billion in research on science and emerging technologies, including cybersecurity, quantum computing and artificial intelligence

NSA Warns Russia's 'Sandworm' Group Is Targeting Email Servers

Dark Reading

The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports

Researcher Contends Trend Micro's RootkitBuster Busted

Data Breach Today

Trend Micro Says It's Working With Microsoft to Revamp Driver Last week, security researcher Bill Demirkapi said that Trend Micro used a trick to get one of its drivers to pass Microsoft's approval process.

IT 149

Some in healthcare are turning to AI to battle COVID-19


While COVID-19 has presented complex, multi-faceted challenges to humanity and the healthcare industry, it has also created a unique opportunity for healthcare to apply AI in creative, problem-solving ways.

Paper 89

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Israel ’s national cyber chief warns of rising of cyber-warfare

Security Affairs

Israel ’s national cyber chief acknowledged the country had thwarted a major cyber attack in April against its water systems. Israel’s national cyber chief Yigal Unna officially confirmed that the country in April had thwarted a major cyber attack against its water systems.

Why Workplace Automation is for Everyone


Workplace automation is starting to become the norm for modern corporations. With automation enabling massive improvements in talent acquisition, employee recruitment, and customer service, it's no surprise that more and more enterprises are jumping on the automation bandwagon.

NSA: Russia's Sandworm Hackers Have Hijacked Mail Servers

WIRED Threat Level

In a rare public warning, the US spy agency says the notorious arm of Russian military intelligence is targeting a known vulnerability in Exim. Security Security / Cyberattacks and Hacks

Hackers Compromise Cisco Servers Via SaltStack Flaws


Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities. Breach Vulnerabilities Cisco cisco breach cisco server critical flaw critical saltstack network compromise salt salt flaw saltstack VIRL-PE server


B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Valak a sophisticated malware that completely changed in 6 months

Security Affairs

Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities.

The pros and cons of vulnerability scanning

IT Governance

Scanning your networks and software for security vulnerabilities is essential for keeping your organisation secure, but it’s not a perfect solution.

3 SMB Cybersecurity Myths Debunked

Dark Reading

Small and midsize businesses are better at cyber resilience than you might think

Security breach impacted Cisco VIRL-PE infrastructure

Security Affairs

Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers.

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

GitHub Supply Chain Attack Uses Octopus Scanner Malware

Dark Reading

Octopus Scanner is a new malware used to compromise 26 open source projects in a massive GitHub supply chain attack


Google TAG report Q1 details about nation-state hacking and disinformation

Security Affairs

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020.

How Elite Protectors Operationalize Security Protection

Dark Reading

There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC

Inside the Hoaxcalls Botnet: Both Success and Failure


The DDoS group sets itself apart by using exploits -- but it doesn't always pan out. IoT Malware Vulnerabilities Web Security abandoned exploits botnet DDoS draytek exploits failures grandstream hoaxcalls Malware analysis Radware symantec web gateway takedown Zyxel

IT 99

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites

Dark Reading

Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign


Ke3chang hacking group adds new Ketrum malware to its arsenal

Security Affairs

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors.

IT 68

Vulnerability Disclosures Drop in Q1 for First Time in a Decade

Dark Reading

Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally