Mon.Oct 19, 2020

Expert Tips to Keep WordPress Safe

Dark Reading

The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level

6 Russians Indicted for NotPeyta Campaign, Other Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

There is no shortage of innovative cybersecurity tools and services that can help companies do a much better job of defending their networks. Related: Welcome to the CyberXchange Marketplace In the U.S. alone, in fact, there are more than 5,000 cybersecurity vendors. For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

B2B 137

'Active Threat' Warning: Patch Serious SharePoint Flaw Now

Data Breach Today

SharePoint Remains Top Hacker Target, UK's National Cyber Security Center Warns Security experts are urging organizations to patch a newly revealed serious flaw in Microsoft SharePoint as quickly as possible because proof-of-concept exploit code is already available. The U.K.'s

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

WIRED Threat Level

The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history. Security Security / Cyberattacks and Hacks

More Trending

NSS Labs Shuttered

Dark Reading

The testing firm's website says it has 'ceased operations' as of Oct.

IT 111

FCC Wants More Information on Threat Posed by China Unicom

Data Breach Today

Asks Justice Department to Spell Out National Security Threat The FCC is asking the Justice Department and other executive branch agencies if China Unicom's operations within the U.S. pose a significant enough national security threat to merit revoking the company's business license

Split-Second Phantom Images Fool Autopilots

Schneier on Security

Researchers are tricking autopilots by inserting split-second images into roadside billboards.

Paper 104

Instagram Investigated for Exposure of Minors' Details

Data Breach Today

Probe Will Determine Whether Facebook, Instagram's Owner, Violated GDPR Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform.

GDPR 139

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online.

Paper 101

Building an Effective Ransomware Mitigation Strategy

Data Breach Today

Crowdstrike's Jennifer Ayers on Understanding the Indicators of Attacks To mitigate the risks posed by ransomware attacks, enterprises need to move from file-based security to a behavior-based approach, says Jennifer Ayers, vice president of the OverWatch division of Crowdstrike

Cognitive Technologies White Paper

National Archives Records Express

This post is written by Sharmila Bhatia and Markus Most. We are pleased to announce the release of a white paper on the records management implications of: Internet of Things (IoT) Robotic Process Automation (RPA) Machine Learning (ML) Artificial Intelligence (AI).

Paper 99

Fooling self-driving cars by displaying virtual objects

Security Affairs

Researchers from the Ben-Gurion University of the Negev demonstrated how to fool self-driving cars by displaying virtual objects. A group of researchers from the Ben-Gurion University of the Negev demonstrated that it is possible to fool self-driving cars by displaying virtual objects (phantoms).

Paper 95

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

7 Tips for Choosing Security Metrics That Matter

Dark Reading

Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk

Risk 92

GravityRAT malware also targets Android and macOS

Security Affairs

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices.

Trickbot, Phishing, Ransomware & Elections

Dark Reading

The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

The Russian citizen Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135 million euros using ransomware. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

Dark Reading

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks

Microsoft: Most-Imitated Brand for Phishing Emails

Threatpost

The shift to remote working spurred Microsoft and Amazon to the top of the heap for cybercriminals to use as lures in the third quarter.

Chart: The Pandemic Reprioritizes Security Projects

Dark Reading

Responses among IT and security pros reflect concern over vulnerabilities incurred by workers accessing the enterprise network from poorly protected home networks

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video

Threatpost

"Nuke Bizzle" faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, "EDD.".

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

GravityRAT Spyware Targets Android & MacOS in India

Dark Reading

The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android

75

The forum of the popular Albion Online game was hacked

Security Affairs

Albion Online game maker discloses a data breach, hackers gained access to the company forum database by exploiting a known vulnerability. Albion Online (AO) is a free medieval fantasy MMORPG developed by Sandbox Interactive, a studio based in Berlin, Germany.

A Swift Reminder About Cybersecurity

Dark Reading

The hackers gonna crack, crack, crack, crack, crack

Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack

Threatpost

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

INSPIRE 20 – mark my words! The importance of diverse tech innovation

Micro Focus

UKBlackTech All I can say about this week’s episode is WOW, Mark Martin, what an episode! Mark, a computer science teacher and founder of UKBlackTech, joins us this week to talk about representation, diversity, and how the Black Lives Matter movement has acted as a catalyst for the tech industry.

69

GravityRAT Comes Back to Earth with Android, macOS Spyware

Threatpost

The espionage tool masquerades as legitimate applications and robs victims blind of their data. Malware Mobile Security Web Security Android Facebook messages gravity rat India Kaspersky macOS malicious apps Malware analysis multiplatform remote access social media Spyware travel application Trojan

Access 102

IoT Vulnerability Disclosure Platform Launched

Dark Reading

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations

IoT 69