Thu.Jun 17, 2021

Cyberium Domain Targets Tenda Routers in Botnet Campaign

Data Breach Today

AT&T Alien Labs: Hackers Used Mirai Variant MooBot Malware hosting domain Cyberium has spread multiple Mirai variants, including one that targeted vulnerable Tenda routers as part of a botnet campaign, AT&T Alien Labs reports

178
178

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Data Breach Today

16 Critical Infrastructure Sectors Especially Off Limits - Or Else, President Warns U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit this week, saying that should Russia continue to launch cyberattacks against U.S.

153
153

Over a billion records belonging to CVS Health exposed online

Security Affairs

Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Data Breach Today

Experts Discuss Impact of 'Transformational Moment' After U.S.

More Trending

India Moves Toward Limiting What Telecom Tech Can Be Used

Data Breach Today

As 'Trusted Telecom Portal' Launched, Chinese Vendors May Be Excluded From Market In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers

Mission Critical: What Really Matters in a Cybersecurity Incident

Dark Reading

The things you do before and during a cybersecurity incident can make or break the success of your response

[Podcast] The Future of AI is Today

AIIM

The notion of Artificial Intelligence has pervaded both the business world and popular culture.

Top Database Security Solutions for 2021

eSecurity Planet

No matter the breakthrough, no matter the latest fad or trend, the database remains a foundational component to IT ecosystems.

Cloud 60

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

One in Five Manufacturing Firms Targeted by Cyberattacks

Dark Reading

Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production

CVS Health Records for 1.1 Billion Customers Exposed

Threatpost

A vendor exposed the records, which were accessible with no password or other authentication, likely because of a cloud-storage misconfiguration. Cloud Security Web Security

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software.

Threat Actors Use Google Docs to Host Phishing Attacks

Threatpost

Exploit in the widely used document service leveraged to send malicious links that appear legitimate but actually steal victims credentials. Hacks Web Security

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database.

EU: Second wave of noyb complaints targets cookie banners

DLA Piper Privacy Matters

Authors: Heidi Waem and Simon Verschaeve. Recently, the European Center for Digital Rights (better known as noyb), founded by privacy activist Max Schrems, announced a new initiative that focuses on compliance of cookie banners in Europe.

GDPR 56

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered.

Paul van Oorschot’s Computer Security and the Internet

Schneier on Security

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Uncategorized books computer security

IT 56

9 Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

The return of TA402 Molerats APT after a short pause

Security Affairs

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East.

The Cl0p Bust Shows Exactly Why Ransomware Isn’t Going Away

WIRED Threat Level

Ukrainian authorities managed to make some high-profile arrests. But nothing’s going to change until Russia does the same. Security Security / National Security

Google Launches SLSA, a New Framework for Supply Chain Integrity

Dark Reading

The "Supply chain Levels for Software Artifacts" aims to ensure the integrity of components throughout the software supply chain

52

Episode 217: What Fighting Pirates Teaches Us About Ransomware

The Security Ledger

Criminal gangs swoop in on unsuspecting merchants to seize their goods. Behind the scenes, rival nations turn a blind eye or offer them safe harbor, in exchange for cooperation. Sound familiar? It should.

The Forrester Wave™: B2B Marketing Data Providers, Q2 2021

In our 24-criterion evaluation of B2B marketing data providers, we identified the 11 most significant vendors — Data Axle, Dun & Bradstreet, Enlyft, Global Database, InsideView, Leadspace, Oracle, SMARTe, Spiceworks Ziff Davis, TechTarget, and ZoomInfo Technologies — and researched, analyzed, and scored them. This report shows how each provider measures up and helps B2B marketing professionals select the right one for their needs.

What Pride Means To Me

Hanzo Learning Center

It’s been a little over a half of a century since The Stonewall Riots—a series of demonstrations by members of the gay community in response to a police raid that began on June 28, 1969—at the Stonewall Inn in New York City.

IT 52

NARA calls in DoD to help resolve its backlog of veteran records requests

IG Guru

Check out the article here. The post NARA calls in DoD to help resolve its backlog of veteran records requests appeared first on IG GURU. Archives FOIA IG News Records Management Standards Backlog DoD NARA

FOIA 52

Carnival Cruise Line Reports Security Breach

Dark Reading

The cruise ship operator says the incident affected employee and guest data

We’ve moved to the cloud. Now, where on earth did I put those keys?

Thales Cloud Protection & Licensing

We’ve moved to the cloud. Now, where on earth did I put those keys? madhav. Thu, 06/17/2021 - 12:51. Real-life scenario: Me: I can’t find my keys. Everyone: Where did you last have them? Key management in a cloud scenario: Me: I’m not sure where my keys are actually….

4 AI Hacks to Make Sales Teams More Efficient

Over the last two years, there’s been a 76 percent increase in AI adoption across sales organizations. For sales teams, AI opens up a world of new possibilities, including automating outreach, identifying best-fit buyers, and keeping CRMs flush with fresh data. Read on to learn the four AI hacks sales teams need to improve their performance. Download the eBook today!

Cyberattacks Are Tailored to Employees. Why Isn't Security Training?

Dark Reading

Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account

Risk 46

Texas Amends Breach Notification Law to Require Public Reporting of Breach Notices

Hunton Privacy

On June 14, 2021, Texas Governor Greg Abbott signed HB 3746 , a bill amending Texas’s data breach notification law.

Data Breaches Surge in Food & Beverage, Other Industries

Dark Reading

Six previously "under-attacked" vertical industries saw a surge in data breaches last year due to COVID-19 related disruptions and other factors, new data shows