Mon.Nov 11, 2019

Microsoft Warns Users: Beware of Damaging BlueKeep Attacks

Data Breach Today

Software Giant Says Exploits Could Expand Beyond Cryptomining Now that security researchers have located the first exploits that take advantage of the BlueKeep vulnerability in Windows, Microsoft is warning users to apply patches the company issued for this flaw before more dangerous exploits merge

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Krebs on Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Election Interference Notification Protocols Unveiled

Data Breach Today

White House Describes Framework for Notifying Public of 2020 Election Interference The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released

203
203

Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure

Security Affairs

Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Democrats Pose Phone Data Privacy Questions to FCC

Data Breach Today

Congressional Letter Criticizes FCC for Not Enforcing Communications Act Democratic members of the House Energy and Commerce Committee have sent a letter to the Federal Communications Commission demanding that it do more to enforce the Communications Act following a report about wireless carriers giving phone data to third parties.

More Trending

Sen. Warner Asks HHS for Answers on Unsecured Medical Images

Data Breach Today

Questions HIPAA Enforcement Agency in Wake of Millions of Patient Files Discovered Online Senator Mark Warner, D-Va.,

161
161

Researchers Find New Approach to Attacking Cloud Infrastructure

Dark Reading

Cloud APIs' accessibility over the Internet opens a new window for adversaries to gain highly privileged access to cloud assets

Insider Threat: Greater Risk Mitigation Required

Data Breach Today

Make Insider Threat Defenses 'Top of the Agenda' Says Veriato's Chris Gilkes Too many organizations are still failing to prioritize mitigating the risk posed by insiders, whether they're malicious actors or model employees who make mistakes that unintentionally lead to a data breach, says Veriato's Chris Gilkes.

Risk 141

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users. ZonaAlarm , the popular security software firm owned by Check Point Technologies, has suffered a data breach.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Take Two: Why Organizations Are Reviewing GDPR Efforts

Data Breach Today

PwC's Polly Ralph on Data Breach Preparation and Remediation Trends The EU's General Data Protection Regulation rewrote the rules of the data privacy and breach notification game when it went into full effect last year.

GDPR 141

ForAllSecure Uncovers Critical Vulnerabilities in Das U-Boot

ForAllSecure

Introduction. This summer, I utilized ForAllSecure Mayhem, a next-generation fuzz testing solution, to analyze software that are heavily used. I felt these types of components in particular deserve more scrutiny from a security perspective.

UAE Forms Defense Firm to Help Tackle Cyberthreats

Data Breach Today

Government and Private Sector Collaborate on Initiative A new defense company has been formed in United Arab Emirates, combining three government-owned and 22 independent companies in an effort to develop technologies to help thwart cyberattacks and repel military drones

Fooling Voice Assistants with Lasers

Schneier on Security

Interesting : Siri, Alexa, and Google Assistant are vulnerable to attacks that use lasers to inject inaudible­ -- and sometimes invisible­ -- commands into the devices and surreptitiously cause them to unlock doors, visit websites, and locate, unlock, and start vehicles, researchers report in a research paper published on Monday.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Privacy Nirvana: Some Assembly Still Required

Data Breach Today

Life Post-GDPR: Veteran CISO Thom Langford Sees Room for Improvement Data privacy discussions must focus not just on collecting, storing and securing data, but also the impetus for doing so - and whether it is being done in an ethical manner, says consultant Thom Lagford, a former CISO, who addresses GDPR compliance issues.

GDPR 141

CERTrating a new Tool to evaluate CERT/CSIRT maturity level

Security Affairs

The Global Cyber Security Center has developed a tool named CERTrating to evaluate the Maturity Level of CERTs and services provided to the Constituency.

IT 77

Despite Instagram Changes, Minors Are Still at Risk

Data Breach Today

Minors With Business Profiles Can Shield Contact Information, But May Be Unaware In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough

Risk 113

Bringing security closer to the data

OpenText Information Management

OpenText is the global leader in Enterprise Information Management (EIM), and the leading provider of content services to the modern enterprise. Simply put, OpenText knows how to manage information in order to deliver a competitive advantage.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Account Fraud Harder to Detect as Criminals Move from Bots to 'Sweat Shops'

Dark Reading

Cheap labor, frequent data breaches, and better fraud detection technology are fueling frustrating changes in attackers' methods

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) warns businesses and netizens of Emotet and BlueKeep attacks in the wild.

DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure

Threatpost

The specific type of TCP attack used in the recent spate of DDoS efforts were TCP SYN-ACK reflection attacks. Web Security amazon DDoS october 2019 Radware tcp reflection attacks telecom networks

Joker's Stash Puts $130M Price Tag on Credit Card Database

Dark Reading

A new analysis advises security teams on what they should know about the underground payment card seller

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Creating Compliance in Chaos: A Consultant's Story

Gimmal

Records and Information Management (RIM) is constantly changing and evolving as record managers begin to realize the benefits of automation in their daily operations.

You May Soon Be Told to “Go Jump in a Lake” for Your ESI: eDiscovery Trends

eDiscovery Daily

A data lake, that is. So, what is it and why should you care? Let’s take a look.

5 Security Processes You Shouldn't Overlook During M&A

Dark Reading

Security needs to be a central element of due diligence if a merger or acquisition is to succeed

Want to plan 80% faster? According to Forrester, IBM can help.

IBM Big Data Hub

Forrester, a leading IT analyst firm, has constructed a Total Economic Impact (TEI) framework with a focus on how IBM Planning Analytics compares to the competition across a variety of metrics—from ROI, to time, to value—and much more.

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Learn the Latest Exploit Techniques at Black Hat Europe

Dark Reading

Master new exploit techniques for Microsoft RDP, Java remote protocols at Black Hat Europe in London next month

60

4 top trends shaping information management

Information Management Resources

Information is the life blood of any business or organization. It helps dictate how businesses form strategies, implement processes and drive results. Data strategy Data management Enterprise information management

IT 57

New: 2019 State of the Internet / Security: Media Under Assault

Dark Reading

It can't be overstated: Web attacks and credential stuffing are real, long-term threats. This white paper, sponsored by Akamai, focuses on how they are impacting the high-tech, video media, and entertainment sectors

Paper 52