Fri.Jun 18, 2021

Senators Draft a Federal Breach Notification Bill

Data Breach Today


First American Financial Pays Farcical $500K Fine

Krebs on Security

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

NSA Offers Tips on Securing Unified Communication Channels

Data Breach Today

Guidance Spells Out Best Risk Mitigation Practices The U.S. National Security Agency has released new guidance to help federal agencies as well as business enterprises protect their unified communications channels and voice/video over IP calls from cyberthreats

Vigilante malware stops victims from visiting piracy websites

Security Affairs

This strange malware stops you from visiting pirate websites. Sophos researchers uncovered a malware campaign that aims at blocking infected users’ from being able to visit a large number of piracy websites. .

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Peak DDoS Traffic Up 100%, Researchers Report

Data Breach Today

Nokia Deepfield: Number of Attacks Surged 50% Over 15 Months The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports


More Trending

Ransomware Roundup: Avaddon Exits; Clop Suspects Arrested

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. cybersecurity defenses

Cruise operator Carnival discloses a security breach

Security Affairs

Carnival Corp. said that the data breach it has suffered in March might have impacted its customers and employees. Carnival Corp.

2nd Breach Hits Carnival's Cruise Lines

Data Breach Today

Customer and Employee Data Again Exposed For the second time in less than a year, Carnival has informed customers and employees of a data breach after an unauthorized intruder gained access to a portion of its IT network and infrastructure in March

How AI is Advancing Cybersecurity

eSecurity Planet

There’s a never ending cycle between the measures cybersecurity providers introduce to prevent or remediate cyber threats and the tactics cyber criminals use to get around these security measures.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Senate Approves Chris Inglis as National Cyber Director

Data Breach Today

Meanwhile, Jen Easterly's Nomination to Serve as CISA Director Is on Hold The U.S. Senate has unanimously approved Chris Inglis as national cyber director. He assumes the role as the country is still reeling from a series of ransomware attacks and the SolarWinds supply chain attack.

Weekly Update 248

Troy Hunt

Thought I'd do a bit of AMA this week given the rest of the content was a bit lighter. If you like this sort of content then I'll try and be a bit more organised next time, give some notice and make more of an event out of it.

IoT 68

Russian Convicted of Aiding Kelihos Botnet Operator

Data Breach Today

Prosecutors: Crypting Provider Helped Infect 50,000 Computers A Russian national has been convicted of aiding a botnet scheme that infected victims' devices with malicious Kelihos malware and ransomware, according to the U.S. Justice Department

Attackers Find New Way to Exploit Google Docs for Phishing

Dark Reading

Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content

Cloud 63

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Law Enforcement's Cybercrime Honeypot Maneuvers Paying Off

Data Breach Today

Closing EncroChat and Sky, Plus Careful Word-of-Mouth Management, Drove Anom Uptake The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service.

Peloton Vulnerability Found and Fixed

Schneier on Security

Researchers have discovered a vulnerability in Peloton stationary bicycles, one that would give the attacker complete control over the device. The attack requires physical access to the Peloton, so it’s not really a practical attack. President Biden’s Peloton was not in danger

ISMG Editors’ Panel: NATO's Cybersecurity Policy and More

Data Breach Today

Also Featured: Analysis of Regulatory Landscape; Comments From Rep.

Accidental Insider Leaks Prove Major Source of Risk

Dark Reading

Research reports highlight growing concerns around insider negligence that leads to data breaches

9 Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

Pay Attention to the Fine Print on 'War Exclusions' in Cyber Policies

Data Breach Today

When seeking cyber insurance or other types of insurance policies that provide organizations coverage for certain data security incidents, it's critical to carefully consider the "war exclusions" contained in those policies, says insurance attorney Peter Halprin

How to handle chat data in eDiscovery and investigations

OpenText Information Management

Water-cooler talk and quick chats in the office disappeared with the pandemic. But online chat—already a prevalent form of communication prior to the pandemic—took off as the preferred way for remote employees to communicate.

Akamai outage was caused by an issue with its Prolexic DDoS protection service

Security Affairs

A n outage suffered by CDN, cybersecurity and cloud services provider Akamai was caused by an issue with its Prolexic DDoS attack protection service.

Cloud 60

This Week in Database Leaks: Cognyte, CVS, Wegmans

Dark Reading

Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers


The Forrester Wave™: B2B Marketing Data Providers, Q2 2021

In our 24-criterion evaluation of B2B marketing data providers, we identified the 11 most significant vendors — Data Axle, Dun & Bradstreet, Enlyft, Global Database, InsideView, Leadspace, Oracle, SMARTe, Spiceworks Ziff Davis, TechTarget, and ZoomInfo Technologies — and researched, analyzed, and scored them. This report shows how each provider measures up and helps B2B marketing professionals select the right one for their needs.

US supermarket chain Wegmans discloses data breach

Security Affairs

The supermarket chain Wegmans US Wegmans discloses a data breach, customers information was exposed on the Internet due to a misconfiguration issue.

Carnival Cruise Cyber-Torpedoed by Cyberattack


This is the fourth time in a bit over a year that Carnival’s admitted to breaches, with two of them being ransomware attacks. Breach Hacks Web Security

A New Tool Wants to Save Open Source from Supply Chain Hacks

WIRED Threat Level

Sigstore will make code signing free and easy for software developers, providing an important first line of defense. Security Security / Security News

Expert found multiple flaws in Cisco Small Business 220 series

Security Affairs

A researcher discovered multiple vulnerabilities in smart switches of Cisco’s Small Business 220 series, including some issues rated as high severity. Security researcher Jasper Lievisse Adriaanse has discovered multiple vulnerabilities Cisco’s Small Business 220 series smart switches.

4 AI Hacks to Make Sales Teams More Efficient

Over the last two years, there’s been a 76 percent increase in AI adoption across sales organizations. For sales teams, AI opens up a world of new possibilities, including automating outreach, identifying best-fit buyers, and keeping CRMs flush with fresh data. Read on to learn the four AI hacks sales teams need to improve their performance. Download the eBook today!

4 Habits of Highly Effective Security Operators

Dark Reading

These good habits can make all the difference in advancing careers for cybersecurity operators who spend their days putting out fires large and small

Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors


A DarkSide doppelganger mounts a fraud campaign aimed at extorting nearly $4 million from each target. Critical Infrastructure Web Security

One billion reasons why companies need to stop hoarding data via DCD

IG Guru

Check out the article here. The post One billion reasons why companies need to stop hoarding data via DCD appeared first on IG GURU.

Risk 52