Wed.Jun 24, 2020

Ransomware Gangs Go (Lady) Gaga for Data Breaches

Data Breach Today

Extortionists Exfiltrating Data Before Crypto-Locking Systems Many ransomware gangs hell-bent on seeing a criminal payday have now added data-exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data.

COVID-19 Risks of Flying

Schneier on Security

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer than any other time in my adult life -- and I have no future flights scheduled.

Risk 102

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Evil Corp's 'WastedLocker' Campaign Demands Big Ransoms

Data Breach Today

Researchers: Cybercrime Group, Formerly Known for Dridex, Is Not Exfiltrating Data The Evil Corp cybercrime group, originally known for the Dridex banking Trojan, is now using new ransomware called WastedLocker, demanding ransom payments of $500,000 to $1 million, according to security researchers at NCC Group's Fox-IT.

Frost & Sullivan databases available for sale on a hacker forum

Security Affairs

business consulting firm Frost & Sullivan suffered a data breach, a threat actor is offering for sale its databases on a hacker forum. firm Frost & Sullivan suffered a data breach, data from an unsecured backup that were exposed on the Internet was sold by a threat actor on a hacker forum.

Sales 102

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Sodinokibi Ransomware Gang Targets POS Software

Data Breach Today

Symantec: Attackers Use Weaponized Cobalt Strike to Spread Malware The Sodinokibi ransomware gang is targeting point-of-sale payment device software after infecting networks with its crypto-locking malware, according to Symantec

More Trending

Getting the Most From Information Security Investments

Data Breach Today

How to Avoid Addressing Problems 'Too Far Downstream' Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We We are addressing problems too far downstream," he say

Von der Leyen said Chinese cyberattacks on EU hospitals cannot be tolerated

Security Affairs

European Commission President Ursula von der Leyen called out China for launching cyberattacks EU hospitals and health care institutions during the COVID-19 pandemic.

IT 93

$90 Million Seized in Fraud Case Tied to BTC-e Exchange

Data Breach Today

Russian Alexander Vinnik Charged in Connection With Fraud Scheme Police have confiscated $90 million from a company allegedly owned by Alexander Vinnik, who is accused of money laundering and defrauding individuals through BTC-e, a cryptocurrency exchange he controlled

180
180

REvil ransomware gang scans healthcare victim’s network for PoS systems

Security Affairs

Symantec researchers observed REvil ransomware operators scanning one of their victim’s network for Point of Sale (PoS) servers. Symantec researchers observed REvil ransomware operators scanning one of their victim’s network for Point of Sale (PoS) servers.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Nurses Allege Hospital Falsified COVID-19 Testing

Data Breach Today

Average Cost of a Data Breach: $116M

Dark Reading

Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches

Using AI for Improved Threat Detection

Data Breach Today

Enterprises need to move away from manual threat detection methods to leverage artificial intelligence, which can help boost defenses, says Dr. Jassim Haji, president of Artificial Intelligence Society, Bahrain Chapter

Google Will Delete Your Data by Default—in 18 Months

WIRED Threat Level

Starting today, the search giant will make a previously opt-in auto-delete feature the norm. Security Security / Privacy

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Advantage CISO: Why Cybersecurity Should Shine in 2021

Data Breach Today

Expel CISO Bruce Potter on How to Influence Strategy and Budget It's a good time to be a CISO. You have the board's attention, and now you can use your position to ensure appropriate resources to tackle key challenges such as identity & access, cloud application security and third-party risk.

VMware addresses critical flaws in Workstation and Fusion

Security Affairs

VMware addressed 10 vulnerabilities affecting its ESXi, Workstation and Fusion products, including critical and high-severity code issues on the hypervisor.

Black Hat Survey: Breach Concerns Hit Record Levels Due to COVID-19

Dark Reading

Annual "Black Hat USA Attendee Survey" indicates unprecedented concern over possible compromises of enterprise networks and US critical infrastructure

80

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Security Affairs

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Self-Propagating Lucifer Malware Targets Windows Systems

Threatpost

A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Malware Vulnerabilities Web Security Apache Struts command and control cryptojacking DDoS Exploit Lucifer malware Microsoft Windows oracle weblogic Windows XMRig miner

No Internet Access? Amid Protests, Here's How to Tell Whether the Government Is Behind it

Dark Reading

Government-mandated Internet shutdowns occur far more regularly than you might expect

Cryptocurrency Pump and Dump Scams

Schneier on Security

Really interesting research: " An examination of the cryptocurrency pump and dump ecosystem ": Abstract : The surge of interest in cryptocurrencies has been accompanied by a proliferation of fraud. This paper examines pump and dump schemes.

Paper 71

Necessity drives innovation in public sector

OpenText Information Management

As COVID-19 has swept the globe, it has sent many public sector organizations into crisis mode. The response from government agencies and departments has been impressive as they moved to handle these circumstances with a speed that few would have thought possible.

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Emerging Ransomware Targets Photos, Videos on Android Devices

Threatpost

The CryCryptor malware strain is a brand-new family of threats, leveraging COVID-19 to spread. Government Malware Mobile Security Vulnerabilities Android Canada contact tracing app COVID-19 crycryptor crydroid decryptor tool ESET google play Malware analysis mobile app new strain Pandemic ransomwar

“BlueLeaks” Exposes Huge Trove of Law Enforcement Data

Adam Levin

269 gigabytes of potentially sensitive data collected from more than 200 police departments across the country were leaked online last week. The data, called “BlueLeaks,” was shared online by a group called Distributed Denial of Secrets, or DDoSecrets), a Wikileaks-style organization committed to “enabling the free transmission of data in the public interest.”.

New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire

Threatpost

The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security

Rethinking Enterprise Access, Post-COVID-19

Dark Reading

New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

7 Considerations for a Smooth Video Conference

IG Guru

by Andrew Ysasi, MS June 24, 2020 Many of us have transitioned to working from home due to COVID-19, and some of us may not return to an office setting for quite some time.

Risk 60

An approach towards application containerization

OpenText Information Management

Organizations are slowly moving towards containerizing their existing software applications that are developed on varying platforms and technologies. But a few questions arise when we talk about containers: What exactly are they?

Cloud 59

Apple Buys Fleetsmith

Dark Reading

The fleet management company becomes part of Apple in a deal announced today

55