Wed.Sep 23, 2020

FBI, CISA Warn of Election Results Disinformation Campaigns

Data Breach Today

Nation-States, Others Could Try to Undermine Confidence in Election Process With less than 45 days to go before the November election, the FBI and CISA have issued a warning that nation-state hackers and cybercriminals may attempt to spread disinformation regarding the final vote tallies as a way to undermine confidence in the voting process.

253
253

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware Danger: Russian-Speaking Gang Targets Russians

Data Breach Today

Cybercrime Reminder: Russians Who Target Other Russians Play With Fire Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians.

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

COVID-19 Update: 'Live Like You're Contagious'

Data Breach Today

Pandemic Expert Regina Phelps on What We've Learned From 6 Months of Quarantine With colder weather, the flu season and the holidays ahead, the northern hemisphere is at risk of another major COVID-19 outbreak.

Risk 200

More Trending

Attacks Using Lokibot Information Stealer Surge

Data Breach Today

CISA Alert Notes Malware Is Targeting Victims' Credentials The U.S. Cybersecurity and Infrastructure Security Agency is warning of an uptick in attacks using LokiBot, an information stealer capable of sweeping up credentials. Fraudsters are using new methods to spread the malware

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented case of a cyberattack causing a fatality.

HHS Issues Yet Another Big HIPAA Breach-Related Fine

Data Breach Today

Million Settlement Is Second Announced This Week For the second time this week, federal regulators have doled out a hefty financial fine in a HIPAA settlement after an investigation of a breach tied to a hacking incident

182
182

Google Cloud Debuts Threat-Detection Service

Dark Reading

Lockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce

Cloud 84

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Former 'Silk Road' Associate Pleads Guilty to Lying to Feds

Data Breach Today

Prosecutors Say Michael Weigand Lied to FBI, IRS Agents A member of the now-defunct "Silk Road" darknet marketplace surrendered to authorities this week and immediately pleaded guilty to making false statements to federal agents regarding his involvement with the creation of the notorious website, according to the Justice Department.

176
176

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Security Affairs

Researchers at Qurium Media Foundation published a report that provides insight on how Sandvine DPI performs the blocking, and how it can be detected.

OnDemand | Leveling Up Your Fraud Detection with Network Intelligence

Data Breach Today

Learn How ACI's Network Intelligence Approach Delivers an Industry, Region and Market-Wide View of Emerging Threats. Learn how ACI's Network Intelligence Approach Delivers an Industry, Region and Market-Wide View of Emerging Threats

Gaming Industry Hit With 10B+ Attacks In Past Two Years

Dark Reading

Criminals scored big with credential stuffing and web app attacks, yet many gamers seem unfazed

82

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

Security Affairs

Researchers at Qurium Media Foundation analyzed the blocking implemented by four different operators in Belarus. September 23, 2020.

4 Ways to Deal With Unstructured Data

InfoGoTo

How to deal with unstructured data: It’s a problem that’s becoming more urgent every day. The amount of data that organizations generate is expected to more than quintuple over the next five years, according to an IDC report shared by Network World.

Rogue employees at Shopify accessed customer info without authorization

Security Affairs

E-commerce platform provider Shopify revealed that two members of its support staff accessed customer information without authorization. E-commerce platform provider Shopify on Tuesday confirmed that two employees of its support staff were accessing customer information without authorization.

India's Cybercrime and APT Operations on the Rise

Dark Reading

Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights

74

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Russia-linked APT28 targets govt bodies with fake NATO training docs

Security Affairs

Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware.

Shopify's Employee Data Theft Underscores Risk of Rogue Insiders

Dark Reading

The e-commerce platform has alerted more than 100 merchants of a data breach, highlighting the danger of malicious insiders

Data for 600K customers of U.S. fitness chains Town Sports leaked online

Security Affairs

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet.

FBI, DHS Warn of 'Likely' Disinformation Campaigns About Election Results

Dark Reading

Nation-state actors and cybercriminals could wage cyberattacks and spread false information about the integrity of the election results while officials certify the final vote counts

70

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin.

12 Bare-Minimum Benchmarks for AppSec Initiatives

Dark Reading

The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers

Zerologon Patches Roll Out Beyond Microsoft

Threatpost

A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability. Vulnerabilities 0patch critical bug end-of-life micropatch Microsoft Netlogon Patches Samba windows server 2008 r2 zerologon

92

7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs

Dark Reading

It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

CryptoHarlem’s Founder Warns Against ‘Digital Stop and Frisk'

WIRED Threat Level

On Day 2 of WIRED’s virtual conference, hacker Matt Mitchell cautions that law enforcement routinely trawls social media to surveil protestors. Security Security / Privacy

My Journey Toward SAP Security

Dark Reading

When applications are critical to the business's core functions, the CISO and their staff better get the security right

Jamf earns Tech Cares Award from TrustRadius

Jamf on EdTech

As the world changed, we set out to ensure remote work, distance learning and telehealth workflows were available to those in need

87