Thu.Jun 17, 2021

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Data Breach Today

16 Critical Infrastructure Sectors Especially Off Limits - Or Else, President Warns U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit this week, saying that should Russia continue to launch cyberattacks against U.S.

Over a billion records belonging to CVS Health exposed online

Security Affairs

Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cyberium Domain Targets Tenda Routers in Botnet Campaign

Data Breach Today

AT&T Alien Labs: Hackers Used Mirai Variant MooBot Malware hosting domain Cyberium has spread multiple Mirai variants, including one that targeted vulnerable Tenda routers as part of a botnet campaign, AT&T Alien Labs reports

One in Five Manufacturing Firms Targeted by Cyberattacks

Dark Reading

Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production

The Top 5 Business Outcomes Companies Can Achieve From Monitoring Consolidation

In this eBook, learn what the top five business outcomes are that organizations see when leveraging Datadog's end-to-end monitoring tool.

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Data Breach Today

Experts Discuss Impact of 'Transformational Moment' After U.S.

More Trending

India Moves Toward Limiting What Telecom Tech Can Be Used

Data Breach Today

As 'Trusted Telecom Portal' Launched, Chinese Vendors May Be Excluded From Market In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function.

Mission Critical: What Really Matters in a Cybersecurity Incident

Dark Reading

The things you do before and during a cybersecurity incident can make or break the success of your response

[Podcast] The Future of AI is Today

AIIM

The notion of Artificial Intelligence has pervaded both the business world and popular culture.

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered.

Carnival Cruise Line Reports Security Breach

Dark Reading

The cruise ship operator says the incident affected employee and guest data

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database.

Cyberattacks Are Tailored to Employees. Why Isn't Security Training?

Dark Reading

Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account

Risk 84

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software.

Data Breaches Surge in Food & Beverage, Other Industries

Dark Reading

Six previously "under-attacked" vertical industries saw a surge in data breaches last year due to COVID-19 related disruptions and other factors, new data shows

The Cl0p Bust Shows Exactly Why Ransomware Isn’t Going Away

WIRED Threat Level

Ukrainian authorities managed to make some high-profile arrests. But nothing’s going to change until Russia does the same. Security Security / National Security

The return of TA402 Molerats APT after a short pause

Security Affairs

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Top Database Security Solutions for 2021

eSecurity Planet

No matter the breakthrough, no matter the latest fad or trend, the database remains a foundational component to IT ecosystems.

Cloud 71

Paul van Oorschot’s Computer Security and the Internet

Schneier on Security

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Uncategorized books computer security

IT 70

Google Launches SLSA, a New Framework for Supply Chain Integrity

Dark Reading

The "Supply chain Levels for Software Artifacts" aims to ensure the integrity of components throughout the software supply chain

70

Texas Amends Breach Notification Law to Require Public Reporting of Breach Notices

Hunton Privacy

On June 14, 2021, Texas Governor Greg Abbott signed HB 3746 , a bill amending Texas’s data breach notification law.

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

NARA calls in DoD to help resolve its backlog of veteran records requests

IG Guru

Check out the article here. The post NARA calls in DoD to help resolve its backlog of veteran records requests appeared first on IG GURU. Archives FOIA IG News Records Management Standards Backlog DoD NARA

FOIA 63

EU: Second wave of noyb complaints targets cookie banners

DLA Piper Privacy Matters

Authors: Heidi Waem and Simon Verschaeve. Recently, the European Center for Digital Rights (better known as noyb), founded by privacy activist Max Schrems, announced a new initiative that focuses on compliance of cookie banners in Europe.

GDPR 60

Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes

Threatpost

An email campaign asking victims to call a bogus number to suspend supposedly fraudulent subscriptions got right past Microsoft's native email controls. Web Security

What’s the State of Data Governance and Empowerment in 2021?

erwin

erwin by Quest just released the “ 2021 State of Data Governance and Empowerment” report.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

CVS Health Records for 1.1 Billion Customers Exposed

Threatpost

A vendor exposed the records, which were accessible with no password or other authentication, likely because of a cloud-storage misconfiguration. Cloud Security Web Security

Episode 217: What Fighting Pirates Teaches Us About Ransomware

The Security Ledger

Criminal gangs swoop in on unsuspecting merchants to seize their goods. Behind the scenes, rival nations turn a blind eye or offer them safe harbor, in exchange for cooperation. Sound familiar? It should.

Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages

Threatpost

An hour-long outage hit airlines, banks and the Hong Kong Stock exchange. It's thought to have been caused by a DDoS mitigation service. Cloud Security Critical Infrastructure

IT 79