Wed.Jan 13, 2021

Capitol Breach: Cybersecurity Lessons to Apply

Data Breach Today

Brian Honan: Security Professionals Can Take Action to Minimize Risks The physical breach of the U.S.

GUEST ESSAY: 5 steps for raising cyber smart children — who know how to guard their privacy

The Last Watchdog

Today’s children are online at a young age, for many hours, and in more ways than ever before. As adults, we know that bad online decisions can have negative or dangerous effects for years to come. Related: Web apps are being used to radicalize youth. The question isn’t whether we should educate children about online safety, but how we can best inspire them to learn to be thoughtful, careful, and safe in the cyber world for their lifetime. For adults doing the teaching, it’s no easy task.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mimecast Says Hackers Compromised Digital Certificate

Data Breach Today

Email Security Company Says Fewer Than 10 Customers Targeted Email security provider Mimecast says hackers compromised a digital certificate that encrypts data that moves between several of its products and Microsoft's servers, putting organizations at risk of data loss

How Law Enforcement Gets Around Your Smartphone's Encryption

WIRED Threat Level

New research has dug into the openings that iOS and Android security provide for anyone with the right tools. Security Security / Privacy

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Watering Hole Operation Leveraged Zero-Day Exploits

Data Breach Today

Google Project Zero Offers Analysis of Hacking Campaign Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices

More Trending

'SolarLeaks' Site Claims to Offer Attack Victims' Data

Data Breach Today

Advertised: Unverified Cache of Stolen Microsoft, Cisco, FireEye and SolarWinds Data A new leaks site claims to be selling data stolen via the SolarWinds supply-chain attack from Cisco, FireEye Microsoft and SolarWinds.

Understanding TCP/IP Stack Vulnerabilities in the IoT

Dark Reading

Internet of Things devices are highly susceptible to attacks, breaches, and flaws emanating from issues within the TCP/IP network communications architecture. Here's an overview of what you need to know to mitigate risks

IoT 86

Reducing Fraud Through Advanced IVR Technologies

Data Breach Today

Reducing Fraud Through Advanced IVR Technologies This podcast explores the security risks materializing as a result of the pandemic the readiness of enterprises to handle fraud risks (particularly in the IVR) and recommended strategies to secure the IVR

Risk 156

Rogue Android RAT emerges from the darkweb

Security Affairs

Experts discovered an Android Remote Access Trojan, dubbed Rogue , that can allow to take over infected devices and steal user data. Rogue is a new mobile RAT discovered by researchers from Check Point while investigating the activity of the darknet threat actors known as Triangulum and HeXaGoN Dev.

Cloud 82

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Mobile RAT for Android Offered on Darknet Forums

Data Breach Today

Researchers: 'Rogue' Steals Data, Delivers Other Malware A recently identified mobile remote access Trojan dubbed "Rogue," which exploits Google's Firebase development platform, targets Android devices to exfiltrate personal data and can deliver other malware, according to Check Point Research.

Sales 148

On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security

Schneier on Security

Smart commentary : …I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S.

COVID-19 Vaccine Documents, Personal Data Leaked

Data Breach Today

Information Stolen From European Medicines Agency Documents on COVID-19 vaccines and medications - including some containing personal information - that were stolen in a cyberattack last month on the European Medicines Agency have been leaked on the internet

Huntress Acquires EDR Technology From Level Effect

Dark Reading

Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Beat the Bad Guys: Contact Center Security Solutions For Fraud Detection For 2021 and Beyond

Data Breach Today

Beat the Bad Guys: Contact Center Security Solutions For Fraud Detection For 2021 and Beyond Explore Evolving Challenges and Solutions in The Fight Against Fraud.

The Data-Centric Path to Zero Trust

Dark Reading

Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future

76

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

Threatpost

On the heels of a cyberattack on the EMA, cybercriminals have now leaked Pfizer and BioNTech COVID-19 vaccine data on the internet. Hacks Vulnerabilities

107
107

Attackers targeted Accellion FTA in New Zealand Central Bank attack

Security Affairs

The root cause for the hack of the New Zealand Central Bank was the Accellion FTA (File Transfer Application) file sharing service. During the weekend, the New Zealand central bank announced that a cyber attack hit its infrastructure.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

High-Severity Cisco Flaw Found in CMX Software For Retailers

Threatpost

Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers. Vulnerabilities

A 12-point framework for operational resilience

DXC

Businesses today must take a new approach to operational resilience so that they can be more adept at anticipating disruptive events and agile in responding to and recovering from them.

Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation

Dark Reading

Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities

66

Microsoft Patch Tuesday for January 2021 fixes 83 flaws, including an actively exploited issue

Security Affairs

Microsoft Patch Tuesday security updates for January 2021 address 83 vulnerabilities, including a critical flaw actively exploited in the wild.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

New German fine: EUR 10.4 million for unlawful CCTV

Data Protection Report

A German state data protection authority has issued a fine of EUR 10.4m against a mid-size online retailer who allegedly violated the EU General Data Protection Regulation (GDPR) by monitoring their employees using CCTV.

How Amazon Sidewalk Works—and Why You May Want to Turn It Off

WIRED Threat Level

The premise is convenient. But the e-commerce giant's privacy track record isn't exactly inspiring. Gear Gear / How To and Advice Security

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove

Threatpost

Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. Malware Vulnerabilities Web Security

Catches of the month: Phishing scams for January 2021

IT Governance

The start of 2021 is looking an awful lot like the end of 2020 – not least when it comes to cyber crime. Scammers are as active now as they ever have been, so it’s essential that you remain vigilant in the post-Christmas period.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

InfoGov World 2021 Show including Training and Job Fair Announced

IG Guru

The post InfoGov World 2021 Show including Training and Job Fair Announced appeared first on IG GURU. Business CIGO CIGOA Education ICRM IG News Information Governance Webinar Event Infogov World Privacy Today

Reserve Bank of New Zealand Data Breach Caused by Antiquated Third Party Software

Adam Levin

The data breach of the Reserve Bank of New Zealand has been attributed to the compromise of a third party file sharing service. “A

TikTok Takes Teen Accounts Private

Threatpost

The company announced accounts for ages 13-15 will default to privacy setting, among other safety measures. Privacy Web Security