Wed.Oct 14, 2020

Norway Alleges Russia Orchestrated Parliament Email Hack

Data Breach Today

Foreign Minister: 'It Is Our Assessment That Russia Is Behind This Activity' Norway this week accused Russia of hacking the email system of the country's parliament, known as the Storting, in September. Russia calls the accusation "unacceptable

IT 199

What's Really Happening in Infosec Hiring Now?

Dark Reading

As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More BEC Criminal Gangs Are Based in US

Data Breach Today

Agari: US Now Second to Nigeria for Business Email Compromise Fraudsters Business email compromise scams continue to proliferate around the globe, with the U.S.

Google researcher found BleedingTooth flaws in Linux Bluetooth

Security Affairs

Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

New York Calls for Federal Regulation of Social Media

Data Breach Today

State Report Blames Twitter's Lack of Security for July Hack A report by New York state investigators calls for Twitter and other social media companies to implement greater cybersecurity measures and advocates greater federal regulatory oversight of social media companies to help prevent the misuse of their platforms.

More Trending

Cybersecurity Advice for the COVID-19 Era

Data Breach Today

CISA Adviser Joshua Corman Discusses Essential Steps Many healthcare organizations have under-resourced security teams, putting them at higher risk for cyber incidents during the COVID-19 pandemic that could result in patient harm, warns cybersecurity expert Joshua Corman

The G7 expresses its concern over ransomware attacks

Security Affairs

G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies.

IT 85

Zoom Announces Rollout of End-to-End Encryption

Dark Reading

Phase 1 removes Zoom servers from the key generation and distribution processes

Norway blames Russia for cyber attack on Parliament

Security Affairs

Norway ‘s government blames Russia for the cyber attack that targeted the email system of the country’s parliament in August. Norway ‘s government is blaming Russia for the cyberattack that targeted the email system of the country’s parliament this summer.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

NIST Quantum Cryptography Program Nears Completion

Dark Reading

The National Institute of Standards and Technology's first post-quantum cryptography standard will address key issues, approaches, an arms race, and the technology's uncertain future

77

Google, Intel Warn on ‘Zero-Click’ Kernel Bug in Linux-Based IoT Devices

Threatpost

Intel and Google are urging users to update the Linux kernel to version 5.9 or later. IoT Vulnerabilities bleedingtooth Bluetooth BlueZ Bug CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 github google Intel Kernel security vulnerability zero-click

IoT 108

Intel's Ice Lake Beefs Up CPU Security for Cloud Workloads

Dark Reading

The third-generation Xeon processors build in hardware security features to provide extra protection to data in transit, at rest, and in use

Cloud 77

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

Earlier this month, German authorities have raided the offices of FinFisher, the German surveillance software firm, accused of providing its software to oppressive regimes.

Sales 75

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

London Borough of Hackney Investigates 'Serious' Cyberattack

Dark Reading

London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems

IT 76

Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE

Threatpost

The CVE-2020-5135 stack-based buffer overflow security vulnerability is trivial to exploit, without logging in.

Assuring Business Continuity by Reducing Malware Dwell Time

Dark Reading

Here's how CISOs and IT security operations teams can best address key challenges to network monitoring that could increase malware dwell time

2020 Workshop on Economics of Information Security

Schneier on Security

The Workshop on Economics of Information Security will be online this year. Register here. Uncategorized conferences economics of security

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Silent Librarian Goes Back to School with Global Research-Stealing Effort

Threatpost

The Iranian hacker group is targeting universities in 12 countries. Breach Hacks Web Security colleges Credential Theft Credentials global Irán Iranian hackers library portals Malwarebytes Phishing Research Sanctions silent librarian stealing universities

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’ll be speaking at Cyber Week Online , October 19-21, 2020. I’ll be speaking at the IEEE Symposium on Technology and Society virtual conference, November 12-15, 2020.

Talos experts disclosed unpatched DoS flaws in Allen-Bradley adapter

Security Affairs

Cisco Talos found several remotely exploitable denial-of-service (DoS) vulnerabilities in a Rockwell Automation industrial automation product.

Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On

Threatpost

Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Cyberspace Solarium Commission (CSC) report deserves more attention

IG Guru

Check out the report the commission made in March of 2020 and their website here. The post Cyberspace Solarium Commission (CSC) report deserves more attention appeared first on IG GURU.

BEC Attacks: Nigeria No Longer the Epicenter as Losses Top $26B

Threatpost

BEC fraudsters now have bases of operation across at least 39 counties and are responsible for $26 billion in losses annually -- and growing.

Today is International E-Waste Day!

InfoGoTo

Following its success in 2019, the third International E-Waste Day is being held today to promote the correct disposal of e-waste throughout the world. International E-Waste Day has been developed by the WEEE Forum, an international association of e-waste collection schemes, and its members.

IT 52

Intel Adds Memory Encryption, Firmware Security to Ice Lake Chips

Threatpost

Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Legendary Help: Keeping Important Payments On Schedule

Rocket Software

With unprecedented demand for public services during the COVID-19 pandemic, U.S. government agencies have had to improve their IT applications. But IT issues also impact employees, and it’s important to keep internal IT systems updated and working efficiently.

Cybercriminals Steal Nearly 1TB of Data from Miami-Based International Tech Firm

Threatpost

Databases of sensitive, financial and personally identifiable info and documents from Intcomex were leaked on Russian-language hacker forum after a ransomware attack.

California Amends Privacy Laws Again: CCPA Health Information Amendment and Employee/B2B Exemption Signed into Law; Vetoes for Genetic Privacy and Social Media Parental Consent Bills

Data Matters

California’s Governor Gavin Newsom recently signed into law two bills to amend the California Consumer Privacy Act (“CCPA”). He also vetoed two other consumer privacy bills based on concerns about potential conflicts with existing state and federal law. Collectively, these four bills represented the most significant privacy legislation that came out of the California Legislature’s 2019-20 term, which came to a close on September 30th.

B2B 65