Wed.Jun 22, 2022

Spear Phishing Campaign Targets the US Military

KnowBe4

Researchers at Zscaler warn that a spear phishing campaign is targeting the US military and other sectors with phishing emails that purport to be voicemail notifications. The emails contain links to a phishing page designed to harvest Microsoft Office 365 credentials. Phishing Spear Phishing

Police Dismantle Dutch Phishing Gang

Data Breach Today

Belgian and Dutch Police Arrest 9 Suspects Over Theft of 'Millions of Euros' Belgian and Dutch police with the support of Europol dismantled an organized crime gang involved in carrying out phishing, money laundering and other scams.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Authorities in the United States, Germany, the Netherlands and the U.K.

Proof of Concept: The Corporate Risk of Using Social Media

Data Breach Today

Also: Navigating US Privacy Laws; Ransomware Trends In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino of PNC Bank join ISMG editors to discuss the many new privacy laws in the U.S.,

Risk 203

Build Your Open Data Lakehouse on Apache Iceberg

Speaker: Veena Vasudevan and Jason Hughes

In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!

Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

The Last Watchdog

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. This worked extremely well for users accessing network resources remotely via their company-issued laptops and immobile home computers.

Cloud 129

More Trending

Microsoft 365 Users in US Face Raging Spate of Attacks

Dark Reading

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes

The State of Phishing and Email Security

Data Breach Today

Cofense's Tonia Dudley on What's Not Working, Threat Predictions "Credential phishing is off the charts," says Tonia Dudley of Cofense.

Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods

Security Affairs

Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods.

IoT 105

Bill Calls for Frequent FDA Device Cyber Guidance Updates

Data Breach Today

Proposals Are Latest Ones Focused on Improving Medical Device Cybersecurity Two U.S. senators are backing a bipartisan proposal requiring the Food and Drug Administration to update its medical device cybersecurity guidance every two years.

The Ultimate Guide to Hardening Windows Servers

IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!

Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign

Dark Reading

Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine

105
105

Techniques to Improve Supply Chain Confidence

Data Breach Today

Highlights from ISACA's Supply Chain Security Report Former ISACA board chair Rob Clyde shares highlights from ISACA's "Supply Chain Security Gaps: A 2022 Global Research Report," in which 25% of respondents say they experienced a supply chain attack last year, and offers recommendations for assessments and testing of software.

Risk Disconnect in the Cloud

Dark Reading

New Cloud Security Alliance (CSA) and Google Cloud study shows many enterprises struggle to measure and manage risk in their cloud workloads

Risk 105

Flagstar Bank Breach Affects 1.5 Million Customers

Data Breach Today

Bank Discovers Breach 6 Months After Attack; Second Such Incident in 2 Years A publicly traded issuer of home mortgages is notifying 1.5 million consumers of a December cyber incident on its network that leaked PII, including customers' Social Security numbers.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Symbiote Backdoor in Linux

Schneier on Security

Interesting : What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines.

The Risk of Multichannel Phishing Is on the Horizon

Dark Reading

The cybersecurity community is buzzing with concerns of multichannel phishing attacks, particularly on smishing and business text compromise, as hackers turn to mobile to launch attacks

Magecart attacks are still around but are more difficult to detect

Security Affairs

Researchers from Malwarebytes warns that the Magecart skimming campaign is active, but the attacks are more covert. Magecart threat actors have switched most of their operations server-side to avoid detection of security firms.

Fresh Magecart Skimmer Attack Infrastructure Flagged by Analysts

Dark Reading

Don't sleep on Magecart attacks, which security teams could miss by relying solely on automated crawlers and sandboxes, experts warn

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

Hyperautomation and the Future of Cybersecurity

eSecurity Planet

Next-gen AI systems are now baked into just about every category of software—but Gartner believes we can automate even further. For the last few years, Gartner has predicted that hyperautomation would become a global, if not necessary, business trend.

GitHub's MFA Plans Should Spur Rest of Industry to Raise the Bar

Dark Reading

We as industry leaders should be building on what individual platforms like GitHub are doing in two critical ways: demanding third parties improve security and creating more interoperable architectures

Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer

Security Affairs

Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware. Since January 2022, the Bitdefender Cyber Threat Intelligence Lab observed operators behind the RIG Exploit Kit pushing the Dridex banking trojan instead of the Raccoon Stealer.

Sales 82

Getting a Better Handle on Identity Management in the Cloud

Dark Reading

Treat identity management as a first-priority problem, not something to figure out later while you get your business up and running in the cloud

Cloud 87

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill.

GDPR 113

Synopsys Completes Acquisition of WhiteHat Security

Dark Reading

Addition of WhiteHat Security provides Synopsys with SaaS capabilities and dynamic application security testing (DAST) technology

Flagstar Bank discloses a data breach that impacted 1.5 Million individuals

Security Affairs

US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar Bank disclosed a data breach that impacted roughly 1.5 million individuals, but the company did not share details about the attack.

80% of Firms Suffered Identity-Related Breaches in Last 12 Months

Dark Reading

With almost every business experiencing growth in human and machine identities, firms have made securing those identities a priority

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

Thank you!!! SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022

Security Affairs

I’m proud to announce that SecurityAffairs was awarded as the Best European Personal Cybersecurity Blog 2022 at European Cybersecurity Blogger Awards 2022. The winners of the annual European Cybersecurity Blogger Awards have been announced.

NordLayer Review: A VPN for the Zero Trust Era

eSecurity Planet

Many companies use Virtual Public Networks (VPNs) to connect between their remote resources and their local networks. However, many of these VPN solutions have three significant issues. First, VPNs can be difficult to set up, secure and maintain.

OneTrust Layoffs Impact 25% of Workforce as Part of Reorganization via Channelfutures.com

IG Guru

Check out the article here. The post OneTrust Layoffs Impact 25% of Workforce as Part of Reorganization via Channelfutures.com appeared first on IG GURU. Business IG News Information Governance information privacy Privacy