Wed.Oct 05, 2022

7 Practical Considerations for Effective Threat Intelligence

Dark Reading

If your security team is considering, planning, building, or operating a threat intelligence capability, this advice can help

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Lacework Co-CEO David Hatfield Out 4 Months After Layoffs

Data Breach Today

Hatfield's Exit Comes Amid a Go-To-Market Exodus, With CRO Andy Byron Also Leaving David "Hat" Hatfield has exited the co-CEO role at Lacework just four months after the cloud security vendor laid off 20% of its employees.

Phishing Do's & Don'ts

KnowBe4

Here are some do’s and don'ts for your phishing simulation exercises. Phishing Cybersecurity Awareness Month

6 Steps to More Streamlined Data Modeling

Are you a developer, database architect, or database administrator that's new to Cassandra, but been tasked with developing a plan for implementing the technology anyway? Worry no more. Discover a streamlined methodical approach to Apache Cassandra® data modeling.

How to Deal With Endemic Software Vulnerabilities

Data Breach Today

In this episode of "Cybersecurity Unplugged," Amit Shah, director of product marketing at Dynatrace, discusses the implications of the Log4Shell software vulnerability and the need for organizations to take an observability-led approach to software development and security going forward

More Trending

Pen Test Firm NetSPI Gets $410M Boost From KKR to Fuel M&A

Data Breach Today

KKR Now Majority Owner of NetSPI as Offensive Cyber Vendor Pursues More Automation Rising offensive cyber star NetSPI has received a massive follow-up investment from KKR to pursue acquisitions and expand its technological and geographic footprint.

Sales 130

Microsoft’s Fix Fails to Patch ProxyNotShell RCE Flaws

eSecurity Planet

After Microsoft published guidance on mitigating the two remote code execution flaws uncovered last week by Vietnamese security firm GTSC, it seems the mitigations Microsoft suggested weren’t as effective as the company had hoped.

Patients Affected By Cybersecurity Event at Hospital Chain

Data Breach Today

NullMixer Dropper Delivers a Multimalware Code Bomb

Dark Reading

In one shot, Trojan dropper NullMixer installs a suite of downloaders, banking Trojans, stealers, and spyware on victims' systems

79

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

Ring Login Issues Wednesday Stem From System Error, Not Hack

Data Breach Today

A System Error Fueled Ring's Login Issues Wednesday Despite Tweets to the Contrary A claim Wednesday by high-profile security researcher Kevin Beaumont that video doorbell manufacturer Ring was experiencing a security issue sent Twitter atwitter.

Ikea Smart Light System Flaw Lets Attackers Turn Bulbs on Full Blast

Dark Reading

With just one malformed Zigbee frame, attackers could take over certain Ikea smart lightbulbs, leaving users unable to turn the lights down

78

NetWalker Ransomware Affiliate Faces 20 Years in US Prison

Data Breach Today

Canadian Man Sebastien Vachon-Desjardins Grossed $21.5 Million From Cyber Extortion Canadian Sebastien Vachon-Desjardins received a 20 year prison sentence from a U.S.

Why Don't CISOs Trust Their Employees?

Dark Reading

Executives fear "malicious insiders" as top cyber threat to companies, research shows. Reasonable steps to secure and monitor systems may prevent reputational damage but are not enough

10 Rules to More Streamlined Data Modeling

Apache Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn 10 rules that will help you perfect your Kafka system to get ahead.

Why Aren't More Women in Security Leadership Positions?

Data Breach Today

Accenture Report Covers Strategies for Greater Inclusion in Hiring Practices A man in the cybersecurity field is seven times more likely than a woman to have applied for or been offered the job of CISO, according to a new report from Accenture on the need for more inclusion in the workplace.

CISA: Multiple APT Groups Infiltrate Defense Organization

Dark Reading

Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year

More Action Needed on Telehealth Privacy, Security Risks

Data Breach Today

GAO Report Recommends Additional Guidance for Healthcare Providers, Patients At the onset of the novel coronavirus public health emergency, regulators said they would not enforce certain potential HIPAA violations involving telehealth.

Risk 130

New Maggie malware already infected over 250 Microsoft SQL servers

Security Affairs

Hundreds of Microsoft SQL servers all over the world have been infected with a new piece of malware tracked as Maggie.

Powering Personalization Through Customer Data

Finding the right CDP can help unlock the value of your customer data. This eBook offers guidance on choosing, deploying, and utilizing a CDP, along with a case study on how one bank put data into action to forge stronger connections with customers.

Qualys Buys Blue Hexagon to Aid Secure Public Cloud Adoption

Data Breach Today

Blue Hexagon Platform to Identify, Mitigate Zero-Day Vulnerabilities, Unknown Risk Qualys has purchased a startup founded by longtime Qualcomm leaders to help detect supply chain infections, crypto miners and unauthorized activity in the cloud.

IRS Warns of A Spike in Smishing Attacks

KnowBe4

The US Internal Revenue Service (IRS) has issued an alert warning of a significant rise in text message phishing scams (smishing) impersonating the IRS since the beginning of the year. Phishing

Scammers Get Scammed, Crypto Worth Thousands Stolen

Data Breach Today

Water Labbu Drained At Least $316K from Nine Scamers A cryptocurrency thief is hacking into other scammers' fraudulent liquidity mining websites to reach directly into the digital wallets of victims.

Mining 130

Secure Your Application Layer, Secure Your Business

Dark Reading

Users and malicious actors interact with your business through the application layer. Build trust in your software by securing this first line of defense

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Another Telco Breach Rocks Australia

Data Breach Today

Telecommunication Giant Telstra Says It Was a Small Data Breach Australia's largest telecom provider acknowledged Tuesday a data breach, but said the data came from a now-defunct employee rewards program from 2017.

Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions

Dark Reading

Microsoft cybersecurity executive John Hewie explained cyberwar developments and what they mean for Western democratic policy going forward

OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel

Security Affairs

OnionPoison: researchers reported that an infected Tor Browser installer has been distributed through a popular YouTube channel.

RatMilad Spyware Scurries onto Enterprise Android Phones

Dark Reading

A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims

73

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

ICRM Board of Regents Election Results Announced

IG Guru

Avast releases a free decryptor for some Hades ransomware variants

Security Affairs

October Is Cybersecurity Awareness Month

Schneier on Security

For the past nineteen years, October has been Cybersecurity Awareness Month here in the US, and that event that has always been part advice and part ridicule. I tend to fall on the apathy end of the spectrum; I don’t think I’ve ever mentioned it before. But the memes can be funny.