Thu.Oct 15, 2020

Another Threat Group Joins Ransomware Extortion Racket

Data Breach Today

FireEye: 'FIN11' Deploys Clop Ransomware A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week.

Sales 240

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

'Lemon Duck' Cryptominer Activity Spikes

Data Breach Today

Cisco Talos: Botnet Targets Windows, Linux Devices to Mine for Monero Researchers at Cisco Talos are warning about a sudden spike in activity related to the "Lemon Duck" cryptominer botnet that mines for monero

Mining 193

Twitter Hack Analysis Drives Calls for Greater Security Regulation

Dark Reading

New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Barnes & Noble Investigates Hacking Incident

Data Breach Today

System Housing Customer Data Accessed; Company Takes Down Nook E-Book Platform Books retailer Barnes & Noble is investigating a security incident involving unauthorized access to its corporate systems, including those storing customers' information.

Retail 173

More Trending

Criminals Still Going Crazy for Cryptocurrency

Data Breach Today

Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek

Security Affairs

The Egregor ransomware gang has hit the game developer Crytek and leaked files allegedly stolen from the systems of the gaming firm Ubisoft.

Iranian Hacking Group Again Targets Universities

Data Breach Today

Malwarebytes: 'Silent Librarian' Seeks Intellectual Property A hacking group with suspected ties to Iran's government is again targeting universities in the U.S. and around the world, according to researchers with security firm Malwarebytes. Silent Librarian" typically attempts to steal intellectual property

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Schneier on Security

Earlier this month, we learned that someone is disrupting the TrickBot botnet network.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

US Indicts Members of Transnational Money-Laundering Organization

Dark Reading

Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges

83

The Media Just Passed a Test It Failed Four Years Ago

WIRED Threat Level

In an interview with WIRED, dean of the Columbia Journalism School Steve Coll says the media has learned some important lessons since 2016 about covering stolen email leaks. Security Security / National Security

IT 82

Barnes & Noble Warns Customers About Data Breach

Dark Reading

Famed bookseller says non-financial data was exposed in a new attack

Cyber insurance: A guide for businesses

IT Governance

Cyber threats are so numerous that it’s impossible to prevent security incidents altogether. That’s why they organisations increasingly relying on cyber insurance policies to cover the costs when data breaches and cyber attacks occur. But just how helpful is cyber insurance?

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Security Affairs

Bookstore giant Barnes & Noble has disclosed a cyber attack and that the threat actors have exposed the customers’ data. Barnes & Noble, Inc. , is an American bookseller with the largest number of retail outlets in the United States in fifty states.

Microsoft Office 365 Accounts a Big Target for Attackers

Dark Reading

Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity

Crooks hit Puerto Rico Firefighting Department Servers

Security Affairs

Puerto Rico’s firefighting department discloses a security breach, hackers breached its database and demanded $600,000. Puerto Rico’s firefighting department discloses a security breach, hackers breached its database and demanded a $600,000 ransom.

Customised Ubiquiti Clients and Randomised MAC Addresses on Apple Devices

Troy Hunt

You know how some people are what you'd call "house proud" in that they like everything very neat and organised? You walk in there and everything is in its place, nice and clean without clutter.

IoT 105

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

The Ruthless Cyber Chaos of Business Recovery

Dark Reading

Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020

71

Critical Magento Holes Open Online Shops to Code Execution

Threatpost

Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database.

Access 101

Zoom now supports end-to-end encrypted (E2EE) calls

Security Affairs

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. The new E2EE feature will be made available for both paid and free accounts.

Barnes & Noble Hack: A Reading List for Phishers and Crooks

Threatpost

Customers' lists of book purchases along with email addresses and more could have been exposed -- and that's a problem. Breach Hacks Web Security barnes & noble data breach email notice Fraud hack personal personal information Phishing PII purchase history reading lists transaction history

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Overcoming the Challenge of Shorter Certificate Lifespans

Dark Reading

We could be in the middle of a major transition to shorter and shorter certificate life spans, which has significant implications for how IT organizations manage certificates across the enterprise

IT 64

Carnival Corp. Ransomware Attack Affects Three Cruise Lines

Threatpost

Hackers accessed personal information of guests, employees and crew for Carnival Cruise, Holland America and Seabourn as well as casino operations. Hacks Malware

As Customer Interest in Consumer Privacy Surges, Companies Should Prioritize Data Privacy

InfoGoTo

Still unconvinced that good data privacy practices also make good business sense? A recent survey showed that U.S.

EDPB Adopts Guidelines on Relevant and Reasoned Objection under Article 60 of the GDPR

Hunton Privacy

During its 39th plenary session on October 8, 2020, the European Data Protection Board (“EDPB”) adopted guidelines on relevant and reasoned objection under the General Data Protection Regulation (“GDPR”) (the “Guidelines”).

GDPR 86

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

How long should you keep your US tax records?

IG Guru

Check out the guidance from the IRS here. The post How long should you keep your US tax records? appeared first on IG GURU. Compliance IG News Record Retention Records Management Risk News Standards IRS Retention Tax Records

Norwegian Government Blames Russia for Hacking Campaign

Adam Levin

The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The attack was deployed in August.

[Podcast] Are You Data Rich, or Data Poor?

AIIM

In this episode of AIIM On Air I am joined by Greg Council, VP Marketing and Product Management at Parascript. Greg is a member of the AIIM leadership council and an expert in digital transformation using tools like advanced data extraction, taxonomy, and search.