Wed.Jan 12, 2022

Phishers Rip Off High-Profile EA Gamers

Threatpost

Electronic Arts blamed “human error” after attackers compromised customer support and took over and drained some of the top FIFA Ultimate Team player accounts. Breach Hacks Web Security

New Cyberattack Campaign Uses Public Cloud Infrastructure to Spread RATs

Dark Reading

An attack campaign detected in October delivers variants of Nanocore, Netwire, and AsyncRATs to target user data

Cloud 113
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. Fortinet researchers have spotted a new version of the RedLine info-stealer that is spreading via emails using a fake COVID-19 Omicron stat counter app as a lure.

Patch Management Today: A Risk-Based Strategy to Defeat Cybercriminals

Dark Reading

By combining risk-based vulnerability prioritization and automated patch intelligence, organizations can apply patches based on threat level. Part 2 of 3

Risk 111

100 Pipeline Plays: The Modern Sales Playbook

For the first time, we’re sharing the winning plays that took us from scrappy startup to a publicly traded company. Use our proven data-driven plays to grow your pipeline and crush your revenue targets.

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

US authorities warn critical infrastructure operators of the threat of cyberattacks orchestrated by Russia-linked threat actors.

More Trending

Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor

Security Affairs

Iran-linked APT35 group has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor.

Why Is Cyber Assessment So Important in Security?

Dark Reading

All the pen testing and tabletop exercises in the world won't help unless an organization has a complete and accurate understanding of its assets

IT 103

SysJoker, a previously undetected cross-platform backdoor made the headlines

Security Affairs

Security researchers found a new cross-platform backdoor, dubbed SysJoker , the is suspected to be the work of an APT group. Security experts from Intezer discovered a new backdoor, dubbed SysJoker , that is able to infect Windows, macOS, and Linux systems.

Oxeye Introduce Open Source Payload Deobfuscation Tool

Dark Reading

Ox4Shell exposes hidden payloads thatare actively being used to confuse security protection tools and security teams

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu Cup

Security Affairs

Adobe released security updates to address multiple vulnerabilities affecting several products, including Acrobat and Reader. Adobe patches for January address 41 vulnerabilities in Windows and macOS versions of Acrobat and Reader products, Illustrator, Adobe Bridge, InCopy, and InDesign.

IT 103

Compliance and Legal industry predictions for 2022

OpenText Information Management

“Power to the People” — a popular slogan for political activism and protests (and a great John Lennon song to boot) – has been a rallying cry for individuals to take control back from the powerful and corrupt.

KCodes NetUSB flaw impacts millions of SOHO routers

Security Affairs

Cybersecurity experts discovered a flaw in the KCodes NetUSB component that impacts millions of end-user routers from different vendors.

Flashpoint Acquires Risk Based Security

Dark Reading

Flashpoint plans to integrate Risk Based Security data and technology into its platform to boost threat intelligence and vulnerability management

Risk 86

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Faking an iPhone Reboot

Schneier on Security

Researchers have figured how how to intercept and fake an iPhone reboot: We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fact, it’s still running.

IT 86

Critical Infrastructure Security and a Case for Optimism in 2022

Dark Reading

The new US infrastructure law will fund new action to improve cybersecurity across rail, public transportation, the electric grid, and manufacturing

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

eSecurity Planet

federal security agencies are putting companies on alert to potential threats from Russian state-sponsored cybercriminal groups, warning in particular about dangers to critical infrastructure and urging organizations to learn how to detect and protect against attacks.

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Threatpost

Most Windows versions are at risk of remote, unprivileged attackers abusing RDP from the inside to hijack smart cards and get unauthorized file system access. Vulnerabilities Web Security

Risk 111

Your Guide to Using Conversational Marketing to Drive Demand Generation

What is conversational marketing really about? This guide will examine the market forces at play, shifting buyer trends, how to leverage conversation marketing, and the tactics involved in adopting it for a B2B demand generation strategy.

New Research Reveals Public-Sector IAM Weaknesses and Priorities

Dark Reading

Auth0 Public Sector Index shows that governments are struggling to provide trustworthy online citizen services

NSO Group Spyware Targeted Dozens of Reporters in El Salvador

WIRED Threat Level

The newly disclosed campaign shows how little the company has done to curb abuses of its powerful surveillance tools. Security Security / Cyberattacks and Hacks

IT 75

Stolen TikTok Videos, Bent on Fraud, Invade YouTube Shorts

Threatpost

Scammers easily game YouTube Shorts with viral TikTok content, bilking both creators and users. Web Security

What is eDiscovery software?

OpenText Information Management

The discovery process in litigation requires that parties must exchange documents deemed relevant to the case.

64

Monitoring AWS Container Environments at Scale

In this eBook, learn how to monitor AWS container environments at scale with Datadog and which key metrics to monitor when leveraging two container orchestration systems (ECS and EKS).

Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign

Threatpost

A cloudy campaign delivers commodity remote-access trojans to steal information and execute code. Cloud Security Malware

SEC Encourages Self-Reporting of Recordkeeping Violations Resulting From Employees’ Use of Personal Devices for Business Communications

Data Matters

On December 17, 2021, the U.S. Securities and Exchange Commission (SEC) announced settled charges against a broker-dealer firm for recordkeeping violations arising from its employees’ use of personal devices for business communications.

FTC Settles with Loan Application Company Over Alleged Misuse of Sensitive Personal Information

Hunton Privacy

On January 6, 2022, the Federal Trade Commission reached a $1.5 million settlement with loan application company ITMedia Solutions LLC (“ITMedia”) over alleged violations of the FTC Act and Fair Credit Reporting Act (“FCRA”).

The Tape Storage market in 2022

IG Guru

Check out the link here. The post The Tape Storage market in 2022 appeared first on IG GURU. Cyber Security Storage Enterprise Backup Tape Tape Backup Tape Market

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

New York AG Warns 17 Firms of Credential Attacks

Threatpost

Sponsored: Password security is highlighted in attorney general warning to New York state businesses. Sponsored

How Financial Institutions Use Machine Learning to Prevent Fraud

Rippleshot

Originally Posted Jan 2022 by GN Feature Story. Banking and financial institutions lose billions of dollars because of fraud. Machine learning can help detect and prevent fraud.

What Did We Learn in 2021, and What’s Next for Ediscovery in 2022?

Hanzo Learning Center

As we’ve been wrapping up 2021 and looking forward to 2022—again hopeful that at some point this year we’ll see more of a return to “normal” life, whatever that means—I wanted to pause to reflect on our evolving data landscape.