Sat.Sep 17, 2022

Analyzing Twitter's Security Nightmare

Data Breach Today

The latest edition of the ISMG Security Report discusses the appearance at a Senate hearing this week by the former head of security for Twitter; the top-performing web application and API protection vendors, according to Gartner's Magic Quadrant 2022; and threat trends to watch for in 2023

Botched Crypto Mugging Lands Three U.K. Men in Jail

Krebs on Security

Three men in the United Kingdom were arrested this month for attempting to assault a local man and steal his virtual currencies. The incident is the latest example of how certain cybercriminal communities are increasingly turning to physical violence to settle scores and disputes.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

IT and OT: A Tale of Two Technologies Under Fire

Data Breach Today

Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber

Dark Reading

Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

SandboxAQ Buys Cryptosense to Fuel Post-Quantum Cryptography

Data Breach Today

Cryptosense Will Help Banks, Hospitals Protect Key Stores, HSMs in a Quantum World SandboxAQ bought French vendor Cryptosense to help organizations migrate and defend key stores and hardware security modules using post-quantum cryptography architecture.

More Trending

How the FTC Is Sharpening Its Health Data Privacy Focus

Data Breach Today

Bitdefender releases Universal LockerGoga ransomware decryptor

Security Affairs

Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying a ransom. The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom.

The Ransomware Files, Episode 11: The Adult Boutique

Data Breach Today

Dain Drake was CEO of a steel fabrication factory. In June 2019, Drake found himself standing outside a closed adult boutique in Houston at 10:00 a.m. on a Sunday. He called the owner and pleaded for him to come. He needed something inside, which might just save his business - from ransomware

DDoS Attack Against Eastern Europe Target Sets New Record

Dark Reading

The target has been under relentless DDoS attack, which ultimately set a new packets-per-second record for Europe

105
105

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

ISMG Editors: Ransomware Gangs Are Using Partial Encryption

Data Breach Today

Also: Improving Private-Public Collaboration, ISMG'S Africa Summit Four editors at Information Security Media Group analyze private-public partnerships today, preview ISMG's upcoming cybersecurity summit in Africa and discuss the increasing use of intermittent or partial encryption by ransomware gangs as a means to extort money from victims faster.

[HEADS UP] Bank of America Warns About Recent Scams That Request Zelle Payment Due to 'Suspicious Activity'

KnowBe4

Bank of America recently sent a customer service email warning users to watch out for this new phishing attack. Social Engineering Phishing

Tackling Financial Fraud With Machine Learning

Dark Reading

Financial services firms need to learn how — and when — to put machine learning to use

The Uber Hack’s Devastation Is Just Starting to Reveal Itself

WIRED Threat Level

An alleged teen hacker claims to have gained deep access to the company’s systems, but the full picture of the breach is still coming into focus. Security Security / National Security

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the bug used in the Stuxnet attacks. The U.S.

IT 82

Keep Today's Encrypted Data From Becoming Tomorrow's Treasure

Dark Reading

Building quantum resilience requires C-suite commitment, but it doesn't have to mean tearing out existing infrastructure

US Border Agents May Have a Copy of Your Text Messages

WIRED Threat Level

Plus: An AI artist exposes surveillance of Instagram users, the US charges Iranians over a ransomware campaign, and more. Security Security / Cyberattacks and Hacks Security / National Security Security / Privacy Security / Security News

The SEC Charged Several Individuals and Entities in a Fraudulent Hacking Scheme

Hunton Privacy

On August 16, 2022, the Securities and Exchange Commission (“SEC”) charged 18 individuals and entities in relation to their involvement in a fraudulent hacking scheme.

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Substance Use Disorder Patient Records: Important Limitations on Disclosure in Litigation or Otherwise

eDiscovery Law

Under 42 U.S.C. 290dd-2, federal law requires “records of the identity, diagnosis, prognosis, or treatment of any patient which are maintained in connection with the performance of any program or activity relating to substance use disorder education, prevention, training, treatment, rehabilitation, or research, which is conducted, regulated, or directly or indirectly assisted by any department […].

Friday Squid Blogging: Mayfly Squid

Schneier on Security

This is surprisingly funny. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Uncategorized squid