Tue.Nov 22, 2022

LockBit 3.0 Says It's Holding a Canadian City for Ransom

Data Breach Today

Ransomware Attack Locks Up Westmount Services and Takes Down Email System The nefarious LockBit 3.0 cybercriminal group is claiming responsibility for the ransomware attack that halted municipal services and shut down employee email accounts in Westmount, Quebec, giving the city a deadline of Dec.

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

The Last Watchdog

Endpoints are where all are the connectivity action is. Related: Ransomware bombardments. And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Broadcom-VMware Merger Faces European Regulatory Hurdles

Data Breach Today

UK's Competition Authority Announces Probe as Broadcom Awaits EU Clearance for M&A Broadcom's acquisition of VMware faces challenges from European regulatory authorities over potential competitive advantages.

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

Dark Reading

As the open source social media network blows up due to Twitter's troubles, researchers caution about vulnerabilities within the application

6 Steps to More Streamlined Data Modeling

Are you a developer, database architect, or database administrator that's new to Cassandra, but been tasked with developing a plan for implementing the technology anyway? Worry no more. Discover a streamlined methodical approach to Apache Cassandra® data modeling.

ReliaQuest CEO Brian Murphy on Joining SecOps, Threat Intel

Data Breach Today

CEO Shares How Digital Shadows Acquisition Helped Clients to Customize Threat Intel ReliaQuest customers have tailored Digital Shadows' threat intelligence to their organizations to ensure conversations about their brands or products are being captured, says CEO Brian Murphy.

More Trending

Digital Army 2030: Modernizing Technology at Scale - Part 1

Data Breach Today

In Part 1 of this exclusive two-part series, Dr. Raj Iyer, CIO of the U.S. Army, lays out the vision for 2023-2024, which includes a tectonic shift from on-premises data centers to cloud and modernization and the migration of over 5,000 applications to augment war-fighting capabilities

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP).

AGs Urge Apple to Tighten Health Privacy, Security in Apps

Data Breach Today

Attorney General Group Says Third-Party Apps Threaten Reproductive Health Privacy Ten state attorneys general are urging Apple to address privacy and security gaps in third-party applications available on the App Store that track, collect or store reproductive health data.

The Ninth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available

Data Matters

Intent Signal Data 101

Intent signal data helps B2B marketers engage with buyers sooner in the sales cycle. But there are many confusing terms used to describe intent data. Read this infographic to better understand three common areas of confusion.

Cybersecurity Analysis of the FTX Crypto Heist: Part Two

Data Breach Today

On the heels of the recent FTX financial meltdown came the theft of millions of dollars that left thousands of investors, exchanges and others in the lurch. Hugh Brooks of CertiK shares the status of data that FTX stores, the role of regulations and best cybersecurity practices for crypto exchanges

Enterprises Pay $1,200 Per Employee Annually to Fight Cyberattacks Against Cloud Collab Apps

Dark Reading

Orgs are in the middle of a rapid increase in the use of new collaboration tools to serve the needs of an increasingly dispersed workforce — and they're paying a very real security price

Cloud 88

Twitter v. Musk illustrates how sources of discoverable ESI are more diverse than ever 

OpenText Information Management

By now, we all know that Elon Musk has finally completed his purchase of Twitter, but that purchase was anything but a smooth process. It only occurred after Twitter filed suit against Musk after he terminated his bid to acquire Twitter (only to subsequently revive the bid and complete the purchase).

IT 86

Researcher warns that Cisco Secure Email Gateways can easily be circumvented

Security Affairs

A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails.

10 Rules to More Streamlined Data Modeling

Apache Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn 10 rules that will help you perfect your Kafka system to get ahead.

DraftKings Account Takeovers Frame Sports-Betting Cybersecurity Dilemma

Dark Reading

Cybercrooks have drained DraftKings accounts of $300K in the past few days thanks to credential stuffing, just as the 2022 FIFA World Cup starts up

A Recent, Complex, Ransomware Campaign

KnowBe4

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022.

Apple’s Device Analytics Can Identify iCloud Users

Schneier on Security

CyberheistNews Vol 12 #47 [Heads Up] Watch Out for This Tricky New Tactic Called Clone Phishing

KnowBe4

Cybercrime KnowBe4

Powering Personalization Through Customer Data

Finding the right CDP can help unlock the value of your customer data. This eBook offers guidance on choosing, deploying, and utilizing a CDP, along with a case study on how one bank put data into action to forge stronger connections with customers.

Emotet is back and delivers payloads like IcedID and Bumblebee

Security Affairs

The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee.

The US Has a Bomb-Sniffing Dog Shortage

WIRED Threat Level

Finding high-quality detection canines is hard enough—and the pandemic only dug a deeper hole. Security Security / National Security

Ducktail Cyberattackers Add WhatsApp to Facebook Business Attack Chain

Dark Reading

The Vietnam-based financial cybercrime operation's primary goal is to push out fraudulent ads via compromised business accounts

79

The Hunt for the Dark Web’s Biggest Kingpin, Part 5: Takedown

WIRED Threat Level

After months of meticulous planning, investigators finally move in to catch AlphaBay’s mastermind red-handed. Then the case takes a tragic turn. Backchannel Security Security / Cyberattacks and Hacks

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Cyber Due Diligence in M&As Uncovers Threats, Improves Valuations

Dark Reading

To get the full picture, companies need to look into the cybersecurity history and practices of the business they're acquiring

The ICRM Announces Nominees for their New Awards in 2022

IG Guru

ICRM Sponsored Awards

74

Adversarial AI Attacks Highlight Fundamental Security Issues

Dark Reading

An AI's "world" only includes the data on which it was trained, so it otherwise lacks context — opening the door for creative attacks from cyber adversaries

IT 74

New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims

KnowBe4

Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real thing. Social Engineering Phishing

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

How Work From Home Shaped the Road to SASE for Enterprises

Dark Reading

As SASE adoption grows, with its allure of simplified protection via one network and security experience for hybrid workers, remember: Have an overall plan, integrate and migrate to scale usage, and start small

Image-Based Phishing and Phone Scams Continue to Get Past Security Scanners

KnowBe4

Using the simplest tactic of not including a single piece of content that can be considered malicious, these types of scams are making their way to inboxes every single time. Phishing Email Security

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022.