Wed.Nov 25, 2020

Home Depot Settles 2014 Breach Lawsuit for $17.5 Million

Data Breach Today

Home Supply Retailer Must Also Implement Several Cybersecurity Protocols The Home Depot reached a $17.5 million settlement in a class-action lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million of the retailer's customers.

Retail 228

Do You Know Who's Lurking in Your Cloud Environment?

Dark Reading

A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform

Cloud 95
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

FBI Warns of Uptick in Ragnar Locker Ransomware Activity

Data Breach Today

Bureau Says the Attacks Are Hitting Many Sectors The FBI has sent out a private industry alert warning about increasing attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year.

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Botnet Operators Drop Banking Trojans for Ransomware

Data Breach Today

More Trending

Google Removes 2 Android Apps That Collected User Data

Data Breach Today

Palo Alto Networks Discovers Problem in Baidu Apps Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs

Group-IB supported an INTERPOL-led operation Falcon targeting business email compromise cybercrime gang from Nigeria, dubbed TMT.

Linux Botnet Disguises Itself as Apache Server

Data Breach Today

Researchers: Operators of Stantinko Botnet Putting More Emphasis on Stealth The latest Linux version of the Stantinko botnet is designed to disguise the malware as an Apache server to help better avoid security tools and remain hidden, according to Intezer Labs

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Threatpost

The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.

IoT 107

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Hackers Exploit MobileIron Flaw

Data Breach Today

NCSC: Nation-State Hackers, Others Leveraging Remote Code Execution Bug The U.K. National Cyber Security Center is warning that nation-state hackers and cybercriminals are exploiting a remote vulnerability in MobileIron's mobile device management tool to target organizations in the country

IoT Unravelled Part 3: Security

Troy Hunt

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together.

IoT 107

Insurance Fraud is Evolving: So Must Our Response

Data Breach Today

Dennis Toomey explains why the industry must turn not only to sophisticated tools and technologies, but also unite around a strategy based on collaboration - in order to tackle insurance fraud

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

Retail giant Home Depot has agreed to a $17.5 million settlement in a multi-state investigation of the data breach that the company suffered in 2014. The US largest home improvement retailer giant Home Depot agrees to $17.5 million settlement over the 2014 data breach.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Top Enterprise Encryption Products

eSecurity Planet

Encryption remains a mainstay of IT security technology, a critical tool for protecting sensitive data. We evaluate the top encryption solutions

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

Security Affairs

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems.

MDM 72

Critical MobileIron RCE Flaw Under Active Attack

Threatpost

Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.

Watch out, WAPDropper malware could subscribe you to premium services

Security Affairs

Researchers spotted a new mobile malware dubbed WAPDropper that subscribes users to legitimate premium-rate services. Security researchers from Check Point have spotted a new malware family dubbed WAPDropper that targets mobile phone users to subscribe them to legitimate premium-rate services.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

How To Keep Cybersecure Over the Holidays

Adam Levin

The holiday season is one of the busiest times of the year for scammers and hackers. Shoppers and philanthropists are both easier targets during the busy holiday season. The Covid-19 pandemic has meant increased virtual visits with loved ones, and of course remote work.

Belden discloses data breach as a result of a cyber attack

Security Affairs

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information.

How to Update Your Remote Access Policy – And Why You Should Now

Threatpost

Reducing the risks of remote work starts with updating the access policies of yesterday.

Why Security Awareness Training Should Be Backed by Security by Design

Dark Reading

Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Tips for Building a Robust Secure Coding Program

Rocket Software

Software code — whether it’s on mobile devices, personal computers, servers or mainframes — runs the risk of getting hacked. In turn, this can give hackers control of a device or application and lead to loss of user access, service and organizational secrets, and damage to the system.

Risk 60

Major BEC Phishing Ring Cracked Open with 3 Arrests

Threatpost

Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares. Government Malware Web Security arrests BEC BEC attacks Business Email Compromise cybercriminals global attacks interpol malware nigeria scam social engineering

Cyber Public Health

Schneier on Security

In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine. Uncategorized cybersecurity infrastructure threat models video

IT 59

IoT Unravelled Part 4: Making it All Work for Humans

Troy Hunt

The first few parts of this series have all been somewhat technical in nature; part 1 was how much of a mess the IoT ecosystem is and how Home Assistant aims to unify it all, part 2 got into the networking layer with both Wi-Fi and Zigbee and in part 3 , I delved into security.

IoT 85

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Prevention Is Better Than the Cure When Securing Cloud-Native Deployments

Dark Reading

The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur

Cloud 57

Bringing Focus to Information Governance for Credit Unions via Credit Union Times

IG Guru

Photo by rupixen.com on Unsplash Check out the article here. The post Bringing Focus to Information Governance for Credit Unions via Credit Union Times appeared first on IG GURU.

Remote Training for Local Governments!

The Texas Record

We are excited to announce that we will be conducting free introductory records management classes via Zoom for local governments on: Local Governments: Records Management Basics Tuesday, December 15, 2020 – 9:00a.m.-12:00 12:00 p.m. Central) – Register here!