Fri.Jun 26, 2020

Payment Card Skimmer Attacks Hit 8 Cities

Data Breach Today

Trend Micro: 5 of the Cities Had Previously Been Victims of Magecart-Style Attacks Eight U.S.

Sales 230

Good Cyber Hygiene in a Post-Pandemic World Starts with Us

Dark Reading

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Attackers Target Vulnerable Exchange Servers

Data Breach Today

Microsoft Urges Patching, Other Mitigation Steps Microsoft is warning its customers that attackers are increasingly targeting unpatched Exchange servers, with a significant uptick in activity since April

IT 216

5 New InfoSec Job Training Trends: What We're Studying During COVID-19

Dark Reading

With the pandemic uprooting networks and upending careers, which security skills are hot -- and which are not

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Analysis: Keeping IoT Devices Secure

Data Breach Today

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 181

More Trending

Hackers Used Malicious Docker Images to Mine Monero

Data Breach Today

Researchers Found Images on Docker Hub That Contained Cryptominers A recently uncovered cryptomining scheme used malicious Docker images to hide cryptocurrency mining code, according to an analysis from Palo Alto Networks' Unit 42

Mining 180

An Embattled Group of Leakers Picks Up the WikiLeaks Mantle

WIRED Threat Level

After releasing over a million hacked law enforcement files, DDoSecrets got banned from Twitter. But it has no plans to slow down. Security Security / Security News

IT 97

Breach Aftermath: Authorities Order Lab to Improve Security

Data Breach Today

LifeLabs' 2019 Breach Exposed Data on 15 Million Canadians Canadian information privacy regulators have ordered medical testing laboratory LifeLabs to improve its data security practices following their investigation of a 2019 breach that exposed the health data of 15 million individuals

Police arrested 32 people while investigating underground economy forum

Security Affairs

German Police have arrested 32 individuals and detained 11 after a series of raids targeting users of an illegal underground economy forum.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Satori Botnet Co-Creator Sentenced

Data Breach Today

Justice Department Also Unseals Indictments of Alleged Co-Conspirators in DDoS Attacks A man from the state of Washington has been sentenced to 13 months in federal prison for his role in developing the Satori botnet, which was used to conduct several large-scale DDoS attacks.

170
170

Crooks hide e-skimmer code in favicon EXIF Metadata

Security Affairs

Malwarebytes experts observed crooks hiding a software skimmer in the EXIF metadata of an image that was surreptitiously loaded by compromised online stores.

How Amazon and Walmart Could Fix IoT Security

Data Breach Today

Bruce Schneier Says Pressure on Retailers Could Fix Insecure IoT Supply Chains IoT devices can be made cheaply and quickly. But as a result, they may lack adequate security features.

IoT 170

The Unintended Harms of Cybersecurity

Schneier on Security

Interesting research: " Identifying Unintended Harms of Cybersecurity Countermeasures ": Abstract: Well-meaning cybersecurity risk owners will deploy countermeasures (technologies or procedures) to manage risks to their services or systems.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

PCI Council's Efforts to Fight Fraud During COVID-19 Crisis

Data Breach Today

Troy Leach of the PCI Security Standards Council discusses how the shift to card-not-present transactions during the COVID-19 pandemic has created new fraud-fighting challenges and offers an update on pending standards revisions

Good Cyber Hygiene in a Pandemic-Driven World Starts with Us

Dark Reading

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them

TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

Threatpost

App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity. Mobile Security Privacy Android apple clipboard cut and paste Data Privacy ios mobile app Mysk tiktok Tommy Mysk vulnerability

Major US Companies Targeted in New Ransomware Campaign

Dark Reading

Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Fake Contact Tracing Apps Spreading Malware, Ransomware

Travis Taylor

Phony contact-tracing apps meant to mitigate the spread of the Covid-19 pandemic are installing ransomware on mobile devices. One app billed itself, “The Covid-19 Tracer App,” claiming to be an official mobile app of the Canadian government’s coronavirus contact tracing effort.

SOC Wins & Losses

Dark Reading

While the security operations center is enjoying a higher profile these days, just one-fourth of security operations centers actually resolve incidents quickly enough

The resilient procurement organization

OpenText Information Management

Recently, the world has dramatically changed – including the marketplace for goods and services, up-ending and shifting supply and demand dynamics for procurement professionals.

ECM 69

8 U.S. City Websites Targeted in Magecart Attacks

Lindsey O'Donnell

Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident. Web Security card skimmer city websites click2gov Credit Card Theft data breach local government breach magecart

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Do I Need a Data Catalog?

Michael Adjei

If you’re serious about a data-driven strategy , you’re going to need a data catalog. Organizations need a data catalog because it enables them to create a seamless way for employees to access and consume data and business assets in an organized manner.

DarkCrewFriends Returns with Botnet Strategy

Threatpost

The botnet can be used to mount different kinds of attacks, including code-execution and DDoS. Malware Vulnerabilities Web Security botnet Check Point code execution Content Management Systems darkcrewfriends file upload vulnerability php servers zero-day

Will telehealth fundamentally change Life Sciences?

OpenText Information Management

Telehealth has come to prominence with the Covid-19 pandemic. A technology area that we’d been talking about for decades suddenly became front and center in healthcare delivery. Telehealth is only going to grow moving forward so what could this mean for the Life Sciences sector?

Five steps to jumpstart your data integration journey

IBM Big Data Hub

As coined by British mathematician Clive Humby, "data is the new oil." Like oil, data is valuable but it must be refined in order to provide value. Organizations need to collect, organize, and analyze their data across multi-cloud, hybrid cloud, and data lakes.

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

10 steps to modern ESI investigations

OpenText Information Management

Modern electronically stored information (ESI) investigations – interrogating a large collection of electronic documents to quickly answer the key questions and locate the critical evidence – are intensely demanding in every sense of the word.

Risk 59

Legendary Help: Delivering a home-away-from-home experience every single time

Rocket Software

Although the restaurant industry may be experiencing a shift due to COVID-19, that doesn’t mean that they’ve stopped thinking about how to optimize business. With many restaurants closed or facing changes to how they operate, this makes it an ideal time to reconsider their systems.

‘Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards

Tara Seals

The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases. Government Web Security Aleksei Burkov carding store cardplanet credit cards criminal sentencing Dark Web Department of Justice payment cards prison