Mon.Nov 30, 2020

'Return to Office' Phishing Emails Aim to Steal Credentials

Data Breach Today

Researchers: Employees Lured With Messages About Shift to Workplace Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office

Baltimore County Public Schools Closed Due to Ransomware Attack

Dark Reading

The incident struck the day before Thanksgiving and interfered with online classes for some 115,000 students, officials report

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Canon: Ransomware Attack Exposed Employee Data

Data Breach Today

Company Finally Acknowledges Earlier Incident Exposed Corporate Information Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information, such as Social Security numbers and financial account numbers

Driven by Ransomware, Cyber Claims Rise in Number & Value

Dark Reading

Companies are on track to file 27% more cyber claims in 2020, one insurer estimates, while another underwriter finds five out of every 100 companies file a claim each year

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Audit Found Baltimore County Schools Lacked Data Security

Data Breach Today

Report Comes as District Struggles With Ransomware Attack The Baltimore County Public Schools system was notified by state auditors of several cybersecurity weaknesses the day before the district was hit with a crippling ransomware attack

More Trending

Sizing Up Synthetic DNA Hacking Risks

Data Breach Today

Study Describes How a Supply Chain Attack Might Work Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins?

Risk 191

Exploring malware to bypass DNA screening and lead to ‘biohacking’ attacks

Security Affairs

Boffins from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare. A team of researchers from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare.

Paper 99

Media and Marketing Leaders: It’s Time to Stand Up For Truth

John Battelle's Searchblog

Why “information equity” matters. An idea has been tugging at me for months now, one I’ve spent countless hours discussing and debating with leaders in marketing, media, and journalism. And as I often do, I’m turning to writing to see if I can push it into more concrete form.

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Security Affairs

Delaware County, Pennsylvania opted to pay a $500,000 ransom after it was the victim of a DoppelPaymer ransomware attack last weekend. During the last weekend Delaware County, Pennsylvania, was the victim of a DoppelPaymer ransomware attack that brought down part of its network.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Industrial Computer Maker Confirms Ransomware, Data Theft

Dark Reading

Advantech reports the stolen data was confidential but did not contain high-value documents

University of Vermont Medical Center has yet to fully recover from October cyber attack

Security Affairs

The University of Vermont Medical Center has yet to fully recover from a cyber attack that crippled systems at the Burlington hospital. In October, ransomware operators hit the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network.

Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand

Threatpost

The ransomware group has leaked stolen data to add pressure on the company to pay up. IoT Malware Web Security $14 million ransom Advantech conti cyberattack Industrial IoT Internet of things ransomware

IoT 105

Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days

Security Affairs

TIM’s Red Team Research led by Massimiliano Brolli discovered 6 new zero-day vulnerabilities in Schneider Electric StruxureWare. Today, TIM’s Red Team Research led by Massimiliano Brolli , discovered 6 new vulnerabilities in the StruxureWare product.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Pandemic, A Driving Force in 2021 Financial Crime

Threatpost

Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year.

New Webinar: Interstate Correspondence

The Texas Record

Hit the road with analysts Andrew and Erica as they go beyond Texas to explore how different states categorize their correspondence. File this in the “fun” category.

Check Washing

Schneier on Security

Paper 65

Was This Poker Player's Luck Too Good to Be True?

WIRED Threat Level

On this week’s Get WIRED podcast, features editor Mark Robinson talks to writer Brendan Koerner about an unconventional poker player and the woman who called him out. Security

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

MacOS Users Targeted By OceanLotus Backdoor

Threatpost

The new backdoor comes with multiple payloads and new detection evasion tactics. Malware APT32 backdoor macOS macOS malware malware microsoft word oceanlotus OceanLotus APT payload Vietnamese cyberattack ZIP archive

Manchester United Cyberattack Highlights Controversy in Paying Ransomware Attackers

Dark Reading

The Premier League English football (soccer) club team is reportedly being held to ransom by cyberattackers. Manchester United may face a difficult decision: whether to pay a ransom for release of its stolen data

Digitally Signed Bandook Trojan Reemerges in Global Spy Campaign

Threatpost

A strain of the 13-year old backdoor Bandook trojan has been spotted in an espionage campaign. Breach Malware Privacy bandook Check Point Cyberattacks Dark Caracal global spy campaign malicious macros Malware analysis targeted campaigns Trojan valid certificate wave of attacks

RIM Expert Joins i-SIGMA Nominating Committee

IG Guru

Congratulations, Mr. Richard Steed! Check out the article here. The post RIM Expert Joins i-SIGMA Nominating Committee appeared first on IG GURU. i-SIGMA IG News Information Governance Records Management Risk News Richard Steed RIM Expert

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Post-Cyberattack, UVM Health Network Still Picking Up Pieces

Threatpost

More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues. Hacks Vulnerabilities cyberattack Healthcare healthcare security Hospital myChart UVM health network

Managed macOS updates for macOS Big Sur

Jamf

Managed OS upgrades have been one of the best aspects of managing iOS and iPadOS devices for a long time. Now, with macOS Big Sur, that capability comes to Mac

77

INSPIRE 20 Podcast: Anna Mok, Ascend Leadership

Micro Focus

Happy Monday, and welcome back from the Thanksgiving holiday, for all of our US friends that celebrated! We are kicking the week off feeling thankful, fortunate and ready to inspire, thanks to our INSPIRE 20 podcast this week, featuring Anna Mok, President and Chairman of Ascend Leadership.

52

Containers Complicate Compliance (And What To Do About It)

The Security Ledger

If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

DocuWare Adds DocuSign to its Content Service Portfolio

Document Imaging Report

New electronic signature technology ensures business continuity for DocuWare customers. New Windsor NY, November 19, 2020 – DocuWare , provider of cloud solutions for document management and workflow automation, announces its new partnership with DocuSign.

Five Sidley Practices Recognized as Law360 “Practice Groups of the Year”

Data Matters

Sidley was named to Law360 ’s 2020 “Practice Groups of the Year” in five categories: Compliance. Fintech. International Arbitration. International Trade. Structured Finance. With an eye toward landmark matters and general excellence, the annual awards honor the law firms behind the litigation wins and major deals that resonated throughout the legal profession. Law360 commended Sidley for being only one of five firms to have five winning practices.

6 Questions About the CPRA, Answered

MediaPro

The post 6 Questions About the CPRA, Answered appeared first on MediaPRO. Blog Confessions of an Awareness Nerd Foundational Privacy Awareness Thought Leadership CCPA CPRA privacy awareness privacy culture privacy training