Tue.Jan 25, 2022

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Security Affairs

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December.

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

8 Security Startups to Watch in 2022

Dark Reading

Cloud security, API security, and incident response are among the issues up-and-coming security companies are working on

Cloud 97

Safari Flaws Exposed Webcams, Online Accounts, and More

WIRED Threat Level

Apple awarded a $100,500 bug bounty to the researcher who discovered the latest major vulnerability in its browser. Security Security / Cyberattacks and Hacks

IT 88

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Striking a Balance Between Cybersecurity Awareness and Anxiety

Dark Reading

Employees don't have to be paralyzed by fear to keep the company safe. They just have to understand what threats look like and how to stop them

More Trending

4 Steps Toward Knowing Your Exploitable Attack Surface

Dark Reading

Actionable steps you can take today to identify the true risk your organization faces — learn how to separate the exploitable vulnerabilities from the rest

Risk 83

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

Security Affairs

Experts found an undocumented macOS backdoor, dubbed DazzleSpy, that was employed in watering hole attacks aimed at politically active individuals in Hong Kong.

Cyber-Physical Security: What It Is and What You Should Do

Dark Reading

Ancillary installations like the Internet of Things, operational technology, and industrial control systems enable lots of great functionality, and they face most of the same risks as IT infrastructure

Risk 83

PrinterLogic fixes high severity flaws in Printer Management Suite

Security Affairs

PrinterLogic has addressed nine vulnerabilities in Web Stack and Virtual Appliance, including three high severity flaws.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign

Dark Reading

Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research

83

UK NCSC is going to release Nmap scripts to find unpatched vulnerabilities

Security Affairs

The UK NCSC cybersecurity agency is going to release a collection of NMAP scripts that can allow defenders to find unpatched vulnerabilities.

As IoT Attacks Increase, Experts Fear More Serious Threats

Dark Reading

Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead

IoT 83

Why the Belarus Railways Hack Marks a First for Ransomware

WIRED Threat Level

The politically motivated attack represents a new frontier for hacktivists—and won’t be the last of its kind. Security Security / Cyberattacks and Hacks

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Revelstoke Launches With SOAR Platform to Automate SOCs

Dark Reading

The SOAR platform helps CISOs automate the security operations center via a low-code/no-code platform

E-Waste Is a Cybersecurity Problem, Too via IEEE Spectrum

IG Guru

Toxic chemicals can leach out of old devices—but so can sensitive data. The post E-Waste Is a Cybersecurity Problem, Too via IEEE Spectrum appeared first on IG GURU. Business Cyber Security IG News Risk News Security Cybersecurity E-Waste Electronic Waste Technology Waste

How Does Threat Modeling Work in Software Development?

Dark Reading

Threat modeling should be a continuous process alongside development, not a one-time project

83

Who We Are – Rand LeMarinel: Chief Operating Officer

Record Nations

Do you know Record Nations? Whether we’ve worked with you for years, or you’re new to the business, we thought it was high time we introduced you to some of the people behind the brand. While we may have been in business for roughly two decades, a lot has changed over the years.

IT 67

12 Plays to Kickstart Your Recruitment Process

To stay ahead in this race, every recruiter needs a good playbook. In this eBook, we lay out 12 recruiting plays that can automate key steps in your recruitment process, helping you reduce both the cost and the time it takes to hire the best candidates.

Test Your Team, Not Just Your Disaster Recovery Plan

Dark Reading

Cyberattacks imperil business continuity, but there is a much more common security threat — unintentional human error

Privacy in a Parallel Digital Universe: The Metaverse

Data Protection Report

For many years, the immersive three-dimensional digital world has been left to the cinematic experience.

Link11 Sets New Standards in DDoS Protection as Test Winner

Dark Reading

In a recent performance test, cybersecurity provider Link11 was benchmarked against leading international security vendors and emerged as the winner. The study by Frost & Sullivan emphasized the importance of precise detection and speed in mitigating DDoS (Distributed Denial of Service) attacks

Merck Wins Insurance Lawsuit re NotPetya Attack

Schneier on Security

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Conquering the Procure-to-Pay (P2P) process

OpenText Information Management

The challenges of the Procure-to-Pay (P2P) process: complexity, content and collaboration Procure-to-Pay is one of the most common finance business processes used in the Microsoft® Dynamics 365™ finance business application.

Biometrics in Retail: Beyond Loss Prevention

HID Global

Biometrics in Retail: Beyond Loss Prevention. rfournier. Tue, 01/25/2022 - 09:57

Segway Hit by Magecart Attack Hiding in a Favicon

Threatpost

Visitors who shopped on the company's eCommerce website in January will likely find their payment-card data heisted, researchers warned. Malware Vulnerabilities Web Security

15 Modern House Roofing Styles

Cllax

Modern roof design is an essential architectural component of your home’s aesthetic style. To achieve the “modern style,” every area of your living space, from where you sleep and eat. The post 15 Modern House Roofing Styles first appeared on Cllax - Top of IT. Articles

IT 41

12 Tips for Selling to the C-Suite

The question for sales pros is this: Are you ready for the challenge, and opportunity, of selling to the C-suite? The following 12 tips can help ensure that you and your team are.

MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks

Threatpost

A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a powerful macOS backdoor that researchers dubbed DazzleSpy. Hacks Malware Mobile Security Vulnerabilities Web Security

Gaining control of personal information ahead of CPRA

Collibra

January 28th is Data Privacy Day, an opportunity to generate awareness concerning data privacy topics. This year, organizations must familiarize themselves with the California Privacy Rights Act.

Risk 56

BRATA Android Trojan Updated with ‘Kill Switch’ that Wipes Devices

Threatpost

Researchers identify three new versions of the banking trojan that include various new features, including GPS tracking and novel obfuscation techniques. Malware Mobile Security