Thu.Sep 10, 2020

Hackers Use Cloud Monitoring Tool to Install Cryptominers

Data Breach Today

Reports: TeamTNT Using Weave Scope Tool to Target Cloud Platforms TeamTNT, a recently uncovered hacking group, is weaponizing Weave Scope, a legitimate cloud monitoring tool, to help install cryptominers in cloud environments, according to reports from Intezer and Microsoft

Cloud 241

Kids' Smartwatches Are a Security Nightmare Despite Years of Warnings

WIRED Threat Level

Five out of six brands tested by researchers would have allowed hackers to track kids—and in some cases eavesdrop on them. Security Security / Cyberattacks and Hacks

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CISA Warns of Increased DDoS Attacks

Data Breach Today

Security Experts Say Remote Workforce, Online Learning Create Opportunities The U.S. Cybersecurity and Infrastructure Security Agency is warning of an increase in targeted distributed denial-of-service attacks against financial and government organizations worldwide.

Two Years on from GDPR: Has It Driven Growth in Cybersecurity Insurance?

Dark Reading

Whilst GDPR has put the spotlight on data privacy and cyber issues, there are other more prominent trends that are driving a greater take-up of cyber insurance, says Ben Maidment, Class Underwriter - Cyber, Physical & Technology at Brit Insurance

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Microsoft: Russia, China, Iran Hackers Target U.S. Election

Data Breach Today

Most Hacks Against Democratic and Republican Campaigns Blocked Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S. presidential campaigns, Microsoft reports, but the majority of the attacks have been blocked


More Trending

Palo Alto Networks Patches 6 Firewall Vulnerabilities

Data Breach Today

Positive Technologies Describes the Risks Posed by Flaws The security firm Positive Technologies discovered six vulnerabilities in Palo Alto Networks' PAN-OS, the software that runs the company's next-generation firewalls. The firewall developer has issued patches

Risk 193

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million.

Cybersecurity Leadership: The New Threat Landscape

Data Breach Today

CEOs and CISOs on How to Respond to Disruption, Distortion and Deterioration Disruption, distortion and deterioration - these cybersecurity threats are amplified by the ongoing pandemic. Which poses the greatest threat and why?

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR).

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

Fed Studies Development of Digital Dollar

Data Breach Today

The pandemic has accelerated the shift to e-commerce and raised new concerns about the use of paper money. Jim Cunha of the Federal Reserve Bank of Boston describes a collaborative research project with the Massachusetts Institute of Technology to determine the feasibility of a digital alternative

Paper 162

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware.

Think You're Spending Enough on Security?

Dark Reading

While the amount will vary from organization to organization, here are four ways for everyone to evaluate whether they're allocating the right amount of money and resources

Why You Need End-to-End Data Lineage


Not Documenting End-to-End Data Lineage Is Risky Busines – Understanding your data’s origins is key to successful data governance. Not everyone understands what end-to-end data lineage is or why it is important.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Cyber-Risks Explode With Move to Telehealth Services

Dark Reading

The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest

Risk 82

Razer Gaming Fans Caught Up in Data Leak


A cloud misconfiguration at the gaming-gear merchant potentially exposed 100,000 customers to phishing and fraud.

6 Lessons IT Security Can Learn From DevOps

Dark Reading

DevOps has taken over enterprise software development. The discipline has lessons for IT security -- here are a quick half-dozen

IT 80

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans


Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days.".

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Ripple20 Malware Highlights Industrial Security Challenges

Dark Reading

Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years

IoT 78

The Third Edition of Ross Anderson’s Security Engineering

Schneier on Security

Ross Anderson’s fantastic textbook, Security Engineering , will have a third edition. The book won’t be published until December, but Ross has been making drafts of the chapters available online as he finishes them. Now that the book is completed, I expect the publisher to make him take the drafts off the Internet. I personally find both the electronic and paper versions to be incredibly useful. Grab an electronic copy now while you still can. Uncategorized books security engineerin

Paper 71

Zoom Brings Two-Factor Authentication to All Users

Dark Reading

This marks the latest step Zoom has taken to improve user security as more employees work from home

BLURtooth flaw allows attacking Bluetooth encryption process

Security Affairs

Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. A vulnerability dubbed BLURtooth affects certain implementations of Bluetooth 4.0 through 5.0 affects “dual-mode” Bluetooth devices, like modern smartphones.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs

Dark Reading

Criminals have made MSPs a big target of their attacks. That should concern small and midsize businesses a great deal

IT 70

Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Security Affairs

Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software.

Newcastle University becomes latest ransomware victim as education sector fails to heed warnings

IT Governance

Newcastle University is being held to ransom after its systems were infected with malware earlier this month. The DoppelPaymer ransomware gang breached the university’s systems on 4 September , and later that day stole backup files.

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks


The "BLURtooth" flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0. Vulnerabilities Web Security authentication keys Bluetooth bluetooth 4.0 bluetooth 5.0

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

How emerging markets are embracing the post-COVID reality

OpenText Information Management

Innovation is borne out of necessity, opportunity, or both. And that has never been more true than during the pandemic and national lockdowns.

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR).

ThreatConnect Buys Nehemiah Security

Dark Reading

Threat intelligence firm adds Nehemiah's Risk Quantifier to its platform

Risk 62