Fri.Nov 15, 2019

7 Takeaways: Insider Breach at Twitter

Data Breach Today

Bribing Employees Easier Than Hacking Silicon Valley, Security Experts Say Why try to hack Silicon Valley firms if you can buy off their employees instead?

146 New Vulnerabilities All Come Preinstalled on Android Phones

WIRED Threat Level

The dozens of flaws across 29 Android smartphone makers show just how insecure the devices can be, even brand-new. Security Security / Security News

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

New JavaScript Skimmer Found on Ecommerce Sites

Data Breach Today

Visa Security Researchers Say 'Pipka' Is Good at Avoiding Detection Security researchers at Visa have uncovered a new type of JavaScript skimmer that has infected the online checkout pages for at least 17 ecommerce websites in an effort to steal payment card data.

Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed

Dark Reading

Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say

106
106

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Phishing Campaigns Spoof Government Agencies: Report

Data Breach Today

Proofpoint Research Points to More Sophisticated Techniques A newly discovered hacking group is using an array of sophisticated spoofing and social engineering techniques to imitate government agencies, including the U.S.

More Trending

DOJ: Pair Used SIM Swapping Scam to Steal Cryptocurrency

Data Breach Today

Two Men Targeted 10 Executives Who Had Cryptocurrency Connections A pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target executives in order to steal more than $550,000 worth of cryptocurrency, the U.S.

176
176

TPM-Fail Attacks Against Cryptographic Coprocessors

Schneier on Security

Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks , by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger.

Analysis: Instagram's Major Problem With Minors' Data

Data Breach Today

The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS

GDPR 176

Documentation Theory for Information Governance

ARMA International

This article is part of a collaboration between ARMA and AIEF and is included in Information Management Magazine, ARMA-AIEF Special Edition , which will be available for download in November. A printed version of the special issue will be available as well, for a nominal fee.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Update: More Alerts About Medical Device Security Flaws

Data Breach Today

Latest Advisories a Reminder of Legacy Product Risks Several recent advisories from federal regulators concerning newly identified vulnerabilities in certain medical devices serve as the latest reminders of the risk management challenges involved

Risk 160

Illegal Booter Connected with DDoSes Sentenced to Prison, Fine

Dark Reading

The Illinois-based man operated a criminal service that launched millions of DDoS attacks and brought in hundreds of thousands of dollars

98

Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping

Security Affairs

On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency.

DevSecOps: The Answer to the Cloud Security Skills Gap

Dark Reading

There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap

Cloud 95

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

The Australian Parliament was hacked earlier this year

Security Affairs

The computer network of Australian Parliament was hacked earlier this year, and hackers exfiltrated data from the computers of several elected officials.

12 Tips for Dealing with a Manipulative Security Manager

Dark Reading

Don't let yourself be stuck in an unhealthy work environment with a toxic manager who takes advantage of your talent

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy.

Steps to Take for Preventing Hipaa Violations

Record Nations

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that provides minimum requirements for protecting certain health information. For anyone who handles medical records or works with patient data, an understanding of the basic HIPAA requirements is crucial.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild

Security Affairs

Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka used to siphon payment data from e-commerce merchant websites. Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka that was used by crooks to steal payment data from e-commerce merchant websites.

Did you know? AMC Monthly Newsletter

Micro Focus

It may be getting colder out there, but things are warming up in the world of Application Modernization & Connectivity and our November newsletter has all the news about events, webinars, and more. Take in a TechTip We are pleased to announce three more additions to our TechTip Webinar series.

IT 79

The Evidence That Links Russia’s Most Brazen Hacking Efforts

WIRED Threat Level

From the 2017 French election to the Olympics to NotPetya, the same group's fingerprints have appeared again and again. Security Security / National Security

Black Hat Europe Brings A Bevy of IoT Security Insights

Dark Reading

Attend this London event next month for the latest on how security researchers are finding (and solving) security vulnerabilities in all of your favorite Internet-connected devices

IoT 73

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers

Threatpost

The copycat sites are using valid certificates to be more convincing. Web Security copycat sites Fraud holiday shopping Let's Encrypt Phishing retail tls valid certificates

Retail 101

Attackers' Costs Increasing as Businesses Focus on Security

Dark Reading

Based on penetration tests and vulnerability assessments, attackers' costs to compromise a company's network increases significantly when security is continuously tested, a report finds

Stealthy Malware Flies Under AV Radar with Advanced Obfuscation

Threatpost

A threat campaign active since January customizes long-used droppers to infect victim machines and lift credentials and other data from browsers, according to Cisco Talos.

Generation A is about to change the world

IBM Big Data Hub

A new generation is among us. They were born after 2010 into a world where technology is ubiquitous.We are witnessing the birth of a new intelligent species.While all under 10 years old, Siri, Watson and Alexa have already made an impact on the world and we can imagine the potential they all have

94

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Unstructured data: The hidden threat in digital business

Information Management Resources

The narrow definition of 'structured data' leaves out a tremendous amount of data, referred to as unstructured data, and with that, potential liability when unaccounted for. Data visualization Unstructured data Data management

146 New Android Bugs, an Audio Porn Streaming Site, and More News

WIRED Threat Level

Catch up on the most important news from today in two minutes or less. Security Security / Cyberattacks and Hacks

The high risk of data loss associated with employees

DXC Technology

The security threat from insiders is growing. Consider the most recent Verizon Data Breach Investigation Report (DBIR), which found that 20% of cybersecurity incidents and 15% of data breaches investigated within the Verizon DBIR originated from people within the organization. According to Verizon’s DBIR analysis, the top motivators behind insider attacks were financial gain (48%) […]. Security insider threat security awareness