Tue.Jun 08, 2021

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.

Proposed Settlement in Nebraska Medicine Data Breach Lawsuit

Data Breach Today

Complaint Alleged Multiple Security 'Failures' Leading to 2020 Cyberattack A federal court has approved a proposed settlement in a class action lawsuit filed in February against Nebraska Medicine in the wake of a 2020 malware attack and exfiltration of sensitive personal and health data for tens of thousands of individuals.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How to Turn Off Amazon Sidewalk

WIRED Threat Level

The company is enlisting your Echo and Ring devices into an internet-sharing mesh network starting Monday. It's not too late to opt out. Security Security / Security Advice

IT 96

Widespread Internet Outages: Fastly Reports Problem Fixed

Data Breach Today

Access 178

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

How an Obscure Company Took Down Big Chunks of the Internet

WIRED Threat Level

You may not have heard of Fastly, but you felt its impact when sites didn’t load around the world Tuesday morning. Security Security / Security News

IT 87

More Trending

Vulnerabilities in Weapons Systems

Schneier on Security

“If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” ” That was Bruce’s response at a conference hosted by U.S.

Encrypted Communications Network 'Anom' Was Sting Operation

Data Breach Today

FBI Developed Smartphone-Based Platform as Honeypot for Criminals Thousands of suspected criminals have been relying on the "Anom" encrypted communications platform to coordinate their efforts.

Cyber Resilience: The Emerald City of the Security World

Dark Reading

Small and midsize businesses and managed service providers must use their heart, brain, and courage as they follow the Yellow Brick Road to cyber resilience

Colonial CEO at Senate Hearing Details Ransomware Attack

Data Breach Today

Company's IT Team Was Unaware the VPN Exploited to Gain Entry Existed Colonial Pipeline Co.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits, 50 Flaws

Threatpost

Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack. Hacks Vulnerabilities Web Security

NCSC Warns of Surge in Ransomware Attacks Against Schools

Data Breach Today

Agency Notes Attacks Have Spiked Since February Ransomware actors continue to target schools and universities across the U.K., and attacks have surged since February, a new report by the U.K's s National Cyber Security Center warns.

How Employees Can Keep Their 401(k)s Safe From Cybercriminals

Dark Reading

As retirement fund balances grow, cybercriminals are becoming more brazen in their efforts to deplete people's savings

70

Verizon Breach Report: Ransomware, Phishing and Top Trends

Data Breach Today

Verizon's Chris Novak Discusses Highlights From 2021 Breach Investigations Report Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Trojan Shield, the biggest ever police operation against encrypted communications

Security Affairs

Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications.

Content Migration - Evaluating Your Options

AIIM

The amount of data organizations must manage today is truly mind-boggling. Research shows that there are 2.5 quintillion bytes of data created each and every day. During the last two years alone 90% of the data in the world was generated.

US authorities recovered most of the ransom paid by Colonial Pipeline

Security Affairs

US officials announced to have recovered most of the $4.3 million ransom that Colonial Pipeline paid to the DarkSide ransomware gang last month. During a video press conference, US officials announced to have recovered most of the $4.3

Expanding the Have I Been Pwned Volunteer Community

Troy Hunt

Ever notice how there was a massive gap of almost 9 months between announcing the intention to start open sourcing Have I Been Pwned (HIBP) in August last year and then finally a couple of weeks ago, actually taking the first step with Pwned Passwords ?

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Spotify, PayPal, GitHub, and other major websites down due to Fastly CDN outage

Security Affairs

A large number of popular websites including Reddit, Spotify, PayPal, GitHub, gov.uk, CNN, and the BBC are currently facing problems due to a glitch at Fastly CDN provider.

Our commitment to protecting your content

OpenText Information Management

What are the risks to your content? Do you know what kinds of information are at risk or the consequences if there is a data leak? Could you quantify that risk? The documents, attachments, images and other content circulating in your organization are important for your current and future business.

Risk 62

Phished Account Credentials Mostly Verified in Hours

Dark Reading

Almost two-thirds of all phished credentials are verified by attackers within a day and then used in a variety of schemes, including business email compromise and targeting other users with malicious code

MITRE Engenuity’s ATT&CK R3

OpenText Information Management

The highly anticipated results of MITRE Engenuity’s ATT&CK R3 Evaluations are now available. The third round of evaluations tested 29 Endpoint Detection & Response products against emulated FIN7 and Carbanak threat tactics and techniques.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

TrickBot Coder Faces Decades in Prison

Threatpost

A Latvian malware developer known as "Max" has been arraigned on 19 counts related to fraud, identity theft, information theft and money laundering. Government Malware

Enrich EIM solutions with business intelligence

OpenText Information Management

Changing business priorities require your organization to focus on optimizing for efficiency to ensure positive impact to the bottom line. In the current climate, solutions must provide a return in investment in months, not years.

Lewd Phishing Lures Aimed at Business Explode

Threatpost

Socially engineered BEC attacks using X-rated material spike 974 percent. Hacks Malware Most Recent ThreatLists Web Security

FBI Issued Encrypted Devices to Capture Criminals

Dark Reading

A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

4 issues in Microsoft Office component allow weaponizing docs

Security Affairs

Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs. Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents.

Cloud 53

Hyland and Iron Mountain Join Forces In Support of Global InfoGov Study via InfoGov World

IG Guru

Check out the article here. The post Hyland and Iron Mountain Join Forces In Support of Global InfoGov Study via InfoGov World appeared first on IG GURU. IG News Information Governance Hyland IG Survey IG World Magazine Iron Mountain

Catches of the month: Phishing scams for June 2021

IT Governance

Welcome to June’s review of phishing scams, in which we look at the criminals’ latest tactics and provide examples of successful frauds.