Wed.Jan 20, 2021

'FreakOut' Botnet Targets Unpatched Linux Systems

Data Breach Today

Researchers Says Malicious Network Could Be Used to Launch DDoS Attacks Researchers at Check Point Research are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. The malware is creating a malicious network that has the potential to launch DDoS attacks

191
191

A Site Published Every Face From Parler's Capitol Riot Videos

WIRED Threat Level

Faces of the Riot used open source software to detect, extract, and deduplicate every face from the 827 videos taken from the insurrection on January 6. Security Security / Privacy

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Free Auditing Tool Helps Detect SolarWinds Hackers' Malware

Data Breach Today

FireEye Also Describes Hackers' Tools and Techniques Security firm FireEye has released a free auditing and remediation tool on GitHub that it says can help organizations determine if the hacking group that targeted SolarWinds used similar techniques within their network to gain access to Microsoft Office 365 accounts.

Access 177

Parler Finds a Reprieve in Russia—but Not a Solution

WIRED Threat Level

The far-right platform still hasn't found a US-based home. Where it lands could have serious consequences for its users' privacy. Security Security / Security News

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Malwarebytes CEO: Firm Targeted by SolarWinds Hackers

Data Breach Today

Threat Actors Accessed 'Limited Subset of Internal Company Emails' The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails

Access 165

More Trending

COVID-19 First Anniversary: It's About Vaccines & Variants

Data Breach Today

Pandemic Expert Regina Phelps Says Next Weeks Are Critical As the U.S. marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants.

IT 155

Logic bugs found in popular apps, including Signal and FB Messenger

Security Affairs

Flaws in popular messaging apps, such as Signal and FB Messenger allowed to force a target device to transmit audio to an attacker device.

Tips for a Bulletproof War Room Strategy

Dark Reading

The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets

FireEye releases an auditing tool to detect SolarWinds hackers’ activity

Security Affairs

Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Threatpost

Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite. Vulnerabilities

IT 114

Livecoin halted operations after the December attack

Security Affairs

The Russian cryptocurrency exchange Livecoin has announced it is terminating its operation following the December cyberattack. The Russian cryptocurrency exchange was hacked on Christmas Eve, it published a message on its website warning customers to stop using its services.

How your staff make security decisions: The psychology of information security

IT Governance

Your employees encounter potential cyber security threats on a daily basis. Perhaps there’s a new face in the office that they don’t recognise, or a new password they need to remember, or a database of sensitive information that they need to upload onto the Cloud.

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

Threatpost

The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory. Vulnerabilities

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Sophisticated Watering Hole Attack

Schneier on Security

Google’s Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers (both companies have since patched the security flaws).

IT 76

Malwarebytes Hit by SolarWinds Attackers

Threatpost

The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365. Hacks Vulnerabilities Web Security

Why the human element is an essential part of digital

OpenText Information Management

Although the Covid-19 pandemic remains far from over, the rollout of vaccines around the world brings cause for hope during 2021.

SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration

Dark Reading

During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

The new DevSecOps team is up and running, and you feel ready to take on rising security threats while delivering quality software updates. But that leaves just one question: how do you monitor your new program as effectively and efficiently as possible? Join Shannon Lietz, Director of DevsecOps at Intuit, and award-winning innovator, to learn the answers to these questions so you can lead your DevSecOps team to the top!

New Webinar: Email Management Basics

The Texas Record

Does your work email have you dropping everything and running for the hills? Do your allergies flare up when you contemplate what lies beyond that “sent” folder? Would you like some TSLAC guidance? Worry no more.

Paper 70

Which Records Should We Retain in Paper? A Global Guide to Media, Location, and Transfer Compliance

ARMA International

Just tell me which records we must retain in paper! This is a common frustration among records managers and information governance (IG) professionals.

Paper 63

Investment Scammers Prey on Dating App Users, Interpol Warns

Threatpost

Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers. Hacks Web Security

Office 365 Retention Survey Responses Requested

IG Guru

Organizations are increasingly going to O365 and utilizing technologies like TEAMS, SharePoint and Yammer, among others. Companies are confounded about how to retain that information. This survey will help understand what organizations are doing and better guide them.

IT 56

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

Threatpost

Mystery of spying using popular chat apps uncovered by Google Project Zero researcher. Privacy Vulnerabilities

The Record Keepers’ Rave via The New York Times

IG Guru

Every month, the archival institutions of this nation unleash tiny particles of the past in a frenzy of online revelry. The post The Record Keepers’ Rave via The New York Times appeared first on IG GURU. Archives IG News Archives Hashtag Party New York Times

Digiscribe Announces Acquisition by MetaSource, LLC

Document Imaging Report

Acquisition expands MetaSource’s offices across the United States. New York City, New York – January 5, 2021 – Business process outsourcing provider Digiscribe announced it has been acquired by MetaSource, LLC, a Utah-based, industry-leading digital transformation solutions provider.

London startups follow remote working trend

Information Matters

Pitchbook’s Leah Hodgson has written about the impact of lockdowns on the London startup scene. Like most office-based organisations, startups are questioning the need for expensive office space in the Read more.

52

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

12-18-2020

Document Imaging Report

DIR 12.18.20.

52

Building mobile apps? Read this.

Information Matters

Anyone designing, building or managing mobile apps will want to read the latest research report from App Annie, The State of Mobile 2021. Packed with data from their app monitoring Read more. The post Building mobile apps? Read this. appeared first on Information Matters. News Update Research

52

U.S. Office of the Comptroller of the Currency Finalizes Fair Access Requirements

Data Matters

On January 14, 2021, the U.S. Office of the Comptroller of the Currency (OCC) issued its controversial final rule (Rule) 1 to establish a new requirement for covered banks to provide “fair access” to financial services to both natural persons and legal entities.