Fri.Sep 11, 2020

US Election Hack Attacks Traced to Russia, China, Iran

Data Breach Today

Microsoft: Democratic and Republican Campaigns Targeted; Most Attacks Blocked Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S.

214
214

Adequacy

Data Protector

In data protection law, transfers of personal data must be safeguarded by written contracts between the parties.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

DOJ Says Russian Went Beyond Election Disinformation

Data Breach Today

Faces Wire Fraud Charge in Connection With Stolen Funds A Russian national who is allegedly part of an ongoing disinformation campaign targeting the upcoming U.S. election faces a charge of conspiracy to commit wire fraud, according to the U.S. Justice Department

210
210

The Best Privacy-Friendly Alternatives to Google Maps

WIRED Threat Level

Google Maps is arguably the easiest mapping service to use, but that doesn't mean it's the most secure. Security Security / Security Advice

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Linux Malware Targets VoIP Networks to Steal Metadata

Data Breach Today

CDRThief' Malware Appears Designed for Espionage or Fraud A recently uncovered Linux malware variant dubbed "CDRThief" is targeting VoIP networks to steal phone metadata, such as caller IP addresses, ESET reports. The malware appears to be designed for cyberespionage or fraud

More Trending

Ransomware Gangs Find Fresh Ways to Make Victims Pay

Data Breach Today

The latest edition of the ISMG Security Report analyzes how criminals keep finding new ways to make ransomware victims pay. Also featured: Preventing digital currency counterfeits; a proposed health data privacy framework

Decrypting TLS connections with new Raccoon Attack

Security Affairs

Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications.

Tally of Those Affected by Blackbaud Hack Soars

Data Breach Today

Reports of Breaches, Including One Affecting 1 Million, Continue to Mount The number of individuals affected by the May ransomware attack on cloud-based software vendor Blackbaud continues to soar. And breach reports tied to the incident now total over 170, according to one estimate

Spear-Phishers Leverage Office 365 Ecosystem to Validate Stolen Creds in Real Time

Dark Reading

New attack technique uses Office 365 APIs to cross-check credentials against Azure Active Directory as victim types them in

94

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

Operators Behind ProLocker Ransomware Seek 'Big Game'

Data Breach Today

Group-IB: Attackers Now Using Qbot Trojan and Demand Huge Ransoms Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports.

3 Secure Moments: A Tranquil Trio of Security Haiku

Dark Reading

Placid poems to quiet the infosec pro's harried mind. (Or Or placid, by infosec standards

Bug-Reporting Blues: The Vulnerability Disclosure Challenge

Data Breach Today

Daniel Cuthbert Analyzes Frequent Coordinated Disclosure Hurdles Facing Researchers Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert.

Ranking National Cyber Power

Schneier on Security

Harvard Kennedy School’s Belfer Center published the “ National Cyber Power Index 2020: Methodology and Analytical Considerations.” ” The rankings: US China UK Russia Netherlands France Germany Canada Japan Australia.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Zeppelin Ransomware Floats Back Into View

Data Breach Today

Updated Trojan Downloader Helps Avoid Detection After a six-month hiatus, the Zeppelin ransomware variant returned in late August, according to Juniper Threats Labs. The malware now uses an updated Trojan downloader to better hide its activities from security tools

Ransomware Hits US District Court in Louisiana

Dark Reading

The ransomware attack has exposed internal documents from the court and knocked its website offline

Threat actors target WordPress sites using vulnerable File Manager install

Security Affairs

Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager.

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation

Threatpost

Attackers check the victims' Office 365 credentials in real time as they are typed into the phishing landing page, by using authentication APIs.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Great news, now you can protect your Zoom account with 2FA

Security Affairs

Zoom has implemented two-factor authentication (2FA) to protect all user accounts against security breaches and other cyber attacks. Zoom has announced finally implemented the two-factor authentication (2FA) to protect all user accounts from unauthorized accesses.

Fraud Prevention During the Pandemic

Dark Reading

When the economy is disrupted, fraud goes up, so let's not ignore the lessons we can learn from previous downturns

70

APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins

Threatpost

The Russia-linked threat group is harvesting credentials for Microsoft's cloud offering, and targeting mainly election-related organizations.

Remembering 9/11 Attacks – A Moment of Silence

IG Guru

On 9/11/2001 the attacks on the World Trade Centers began. Let us never forget. The post Remembering 9/11 Attacks – A Moment of Silence appeared first on IG GURU. IG News

65

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

WordPress Plugin Flaw Allows Attackers to Forge Emails

Threatpost

The high-severity flaw in the Email Subscribers & Newsletters plugin by Icegram affects more than 100,000 WordPress websites. Vulnerabilities Web Security CVE-2020-5780 email forgery Email Subscribers & Newsletters plugin spoofing vulnerability Tenable wordpress Wordpress plugin

New Podcast Series Focuses on the Careers of Women Leaders in Information Governance

ARMA International

Launched this July, The Women Leaders in Information Governance podcast series features the career stories of successful women in the IG profession.

How to select the best digital fax provider in 2020

OpenText Information Management

Fax has been the secure communications lifeblood of organizations across industries for decades, but the technology has evolved far beyond paper-driven machines. What is digital fax? Today’s digital fax solutions send documents from computers, mobile devices, and multifunction printers.

Paper 59

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Threatpost

Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws. Bug Bounty Government Hacks Vulnerabilities 90 day window bug bounty.

IT 81

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

New Health Apps Section on HHS.gov/HIPAA via OCR Listserv

IG Guru

On September 2nd, 2020, the OCR launched a new feature on HHS.gov, titled Health Apps.

Micro Focus is A1 for Ease of Doing Business with…helping to rock the Net Promoter®

Micro Focus

How do we Measure easy to do business with? Micro Focus uses double-blind competitive benchmarking in order to gauge how well we are doing against the competition.

53

Rocket.Build 2020: Virtual Event Expands Possibilities

Rocket Software

Rocket.Build is an annual hackathon event that is meant to engage Rocketeers, partners, customers, and the community to create real-world applicable solutions. For me, the event even predates my knowledge of Rocket Software.

IT 52