Mon.Jan 11, 2021

Defining and Refining Next-Gen AML

Data Breach Today

David Stewart of SAS on the Tools and Technologies Deployed to Fight Financial Crimes As the financial payments landscape shifts, and as fraudsters employ new technologies and techniques, institutions are deploying a next generation of anti-money laundering defenses.

IT 259

Ubiquiti: Change Your Password, Enable 2FA

Krebs on Security

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Kaspersky: SolarWinds Backdoor Similar to Russian 'Kazuar'

Data Breach Today

For Example, Both Backdoors Use Same 'Sleeping' Algorithm The "Sunburst" backdoor deployed in the breach of SolarWinds' Orion network monitoring tool uses some of the same code found in the "Kazuar" backdoor, which security researchers have previously tied to Russian hackers, the security firm Kaspersky reports.

Changes in WhatsApp’s Privacy Policy

Schneier on Security

If you’re a WhatsApp user, pay attention to the changes in the privacy policy that you’re being forced to agree with. In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Now, an updated privacy policy is changing that.

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Reserve Bank of New Zealand Investigates Data Breach

Data Breach Today

Hackers Gained Network Access Through Accellion File-Sharing Service The Reserve Bank of New Zealand disclosed Sunday that hackers infiltrated its network after compromising its file-sharing system from Accellion.

More Trending

Capitol Riot: Self-Surveillance Feeds Investigation

Data Breach Today

Archiving, Crowdsourcing and Facial Recognition Help Identify Suspects for FBI Investigators probing the violent storming of the U.S. Capitol by a mob on Wednesday have been seeking images and help in identifying suspects.

Connecting the dots between SolarWinds and Russia-linked Turla APT

Security Affairs

Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar.

FBI Issues Alert on Growing Egregor Ransomware Threat

Data Breach Today

Bureau and Security Experts Warn About Gang's Effective Extortion Model The FBI has issued a warning about the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.

Ubiquiti discloses a data breach

Security Affairs

American technology company Ubiquiti Networks is disclosed a data breach and is notifying its customers via email.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Paging System Leak Affects Thousands of Patients

Data Breach Today

Data From Communications With Paramedics Posted Online A recent data leak involving a paging system used by paramedics in the Australian state of Tasmania is the latest reminder of the security risks posed by the legacy systems still in use in the healthcare sector

SolarWinds Hack Lessons Learned: Finding the Next Supply Chain Attack

Dark Reading

The SolarWinds supply chain compromise won't be the last of its kind. Vendors and enterprises alike must learn and refine their detection efforts to find the next such attack

IT 98

Securing the New 'Branch Office'

Data Breach Today

The "remote workforce" of 2020 is gone. Now we're talking about the new, permanent "branch office" - and it comes with its own unique set of cybersecurity concerns, says Derek Manky of FortiGuard Labs. He discusses new social engineering trends and how to respond

When It Comes To Security Tools, More Isn't More

Dark Reading

Organizations that focus on optimizing their tools, cutting down on tool sprawl, and taking a strategic approach to transitioning to the cloud are poised for success

Cloud 92

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Why Compliance Teams Need a Dashboard

Data Breach Today

Compliance Expert Discusses Leveraging Data Analytics Adam Turteltaub, chief engagement and strategy officer at the Society of Corporate Compliance and Ethics, says compliance teams should create a dashboard of data that will help keep track of actions taken by staff members who are working remotel

IoT Vendor Ubiquiti Suffers Data Breach

Dark Reading

Cloud provider hosting "certain" IT systems attacked, company says

Cloud 85

The SolarWinds Hackers Shared Tricks With a Russian Spy Group

WIRED Threat Level

Security researchers have found links between the attackers and Turla, a sophisticated team suspected of operating out of Moscow’s FSB intelligence agency. Security Security / Cyberattacks and Hacks

US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security

Dark Reading

How two traditionally disparate security disciplines can be united

IT 79

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Millions of Social Profiles Leaked by Chinese Data-Scrapers

Threatpost

A cloud misconfig by SocialArks exposed 318 million records gleaned from Facebook, Instagram and LinkedIn. Cloud Security Facebook Privacy

Cloud 109

New Tool Sheds Light on AppleScript-Obfuscated Malware

Dark Reading

The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware

78

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs

A U.S. court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in an international hacking campaign. A U.S.

Researcher Builds Parler Archive Amid Amazon Suspension

Threatpost

A researcher scraped and archived public Parler posts before the conservative social networking service was taken down by Amazon, Apple and Google. Privacy amazon Data Scraping Parler social media Web Archive

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Experts found gained access to the Git Repositories of the United Nations

Security Affairs

Researchers obtained gained access to the Git Repositories belonging to the United Nations, exposing staff records and credentials.

Aliens and UFOs: A Final Frontier for Social Engineers

Threatpost

The release of a CIA archive on UFOs is exactly the kind of headline-making event that phishing and scam actors long for. Web Security

Are you ready to discover greatness?

OpenText Information Management

This blog is authored by Lou Blatt, SVP & CMO, OpenText, and James McGourlay, EVP, Customer Operations, OpenText This year at OpenText™ World, we announced our new OpenText Voyager program, a reimagining of how OpenText supports, trains, engages with, and communicates to our customers, partners, and employees. What is an OpenText Voyager?

SolarWinds Hack Potentially Linked to Turla APT

Threatpost

Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. Government Hacks Malware advanced persistent threat apt attribution backdoor cyberattack malware solarwinds sunburst supply chain Turla

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

NAGARA Webinar Recap: AOTUS Discusses the Presidential Records Act, Bureau of Indian Affairs Records, digitization, and how NARA will provide access to facilities post COVID-19

IG Guru

The discussion with AOTUS David Ferriero this past December was informative and noteworthy. Special thanks to Meg Phillips for also assisting with answers to questions.

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

Authors: Raf Schoefs , Simon Verschaeve , Laetitia Mouton.

Researchers Test UN’s Cybersecurity, Find Data on 100k

The Security Ledger

Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based development account for the U.N. and lift data on more than 100,000 staff and employees, according to a report released Monday.

Cloud 52