Mon.Jun 24, 2019

DHS: Conflict With Iran Could Spur 'Wiper' Attacks

Data Breach Today

US Reportedly Responded to Drone Downing With Cyber Strike Iran is increasing its malicious cyber activity against the U.S, which could manifest in attacks that render computers unusable, a top U.S. cybersecurity official says. The warning comes after the U.S.

BEST PRACTICES: Do you know the last time you were socially engineered?

The Last Watchdog

Alleged AlphaBay Moderator Faces Racketeering Charges

Data Breach Today

Investigation Into Shuttered Darknet Site Continues An alleged moderator of the AlphaBay underground marketplace has been indicted for facilitating sales on the darknet site before law enforcement shut it down

Sales 229

A Likely Chinese Hacker Crew Targeted 10 Phone Carriers to Steal Metadata

WIRED Threat Level

In one case, they stole the location and call record data of 20 specific individuals. Security Security / Cyberattacks and Hacks

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Medical Device Cybersecurity: The Top Challenges

Data Breach Today

Access and identity management continues to be a top medical device cybersecurity challenge, says security expert Mark Sexton of the consultancy Clearwater, who offers a variety a risk mitigation tips

More Trending

Developing a Robust Third-Party Risk Management Program

Data Breach Today

Too many organizations around the world take a "bare minimum" approach to third-party risk management, says Jonathan Ehret, founder of the Third Party Risk Association, who offers risk mitigation insights

Risk 131

CVE-2019-10149: “Return of the WiZard” Vulnerability: Crooks Start Hitting

Security Affairs

Malware researchers at Cybaze-Yoroi ZLAB observed many attack attempts trying to spread malware abusing the CVE-2019-10149 issue. Introduction. Figure 1: Exposed EXIM server in Italy (Reference: ZoomEye ).

What is angler phishing?

IT Governance

A version of this blog was originally published on 19 June 2017. Many of us live out whole lives on Facebook, Twitter, Instagram and LinkedIn, publicising our thoughts, interacting with friends, strangers and businesses, and keeping abreast of current affairs.

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

Researchers at Microsoft uncovered a malicious campaign that delivers the infamous FlawedAmmyy RAT directly in memory. Experts at Microsoft uncovered a malicious campaign that delivers the FlawedAmmyy RAT directly in memory.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

4 eye-opening facts about phishing

IT Governance

You probably know what phishing is. It’s been around almost as long as the Internet, and everyone from your employer to Facebook provides warnings about how to identify and report such scams. But are you aware of how extensive phishing is?

US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers.

The Internet Has Made Dupes—and Cynics—of Us All

WIRED Threat Level

The typical response to the onslaught of falsehood is to say, lol, nothing matters. But when so many of us are reaching this point, it really does matter. Security Security / Privacy

IT 88

SocialEngineered forum hacked and data leaked online

Security Affairs

SocialEngineered.net is a forum dedicated to social engineering discussions, it has been compromised data of its users was leaked on a hacker forum. SocialEngineered.net, the forum dedicated to social engineering topics, announced it has suffered a data breach two weeks ago.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

He Cyberstalked Teen Girls for Years—Then They Fought Back

WIRED Threat Level

How a hacker shamed and humiliated high school girls in a small New Hampshire town, and how they helped take him down. Security Security / Privacy Backchannel

WeTransfer incident: file transfer emails were sent to unintended email addresses

Security Affairs

Problems for the popular file transfer service WeTransfer, its staff discovered that some file transfer emails were sent to the wrong people.

Iran Targeting U.S. With Destructive Wipers, Warns DHS

Threatpost

The Department of Homeland Security is warning that U.S. agencies are being targeted by Iranian-backed cyberattacks with destructive wiper malware. Government Hacks APT33 cyber espionage Irán Iranian hacker malware phishing email shamoon US us cyberattack Wiper

Free proxy service runs on top of Linux Ngioweb Botnet

Security Affairs

Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb) of hacked WordPress sites. Researchers from Netlab, discovered that Free-Socks.in proxy service is leveraging a huge botnet of hacked WordPress sites.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Facebook Faces Lawsuit Over Massive 2018 Data Breach

Threatpost

An attempt by Facebook to block a lawsuit, regarding a massive 2018 data breach, has been shot down. Breach Facebook data breach Data Privacy Data security facebook lawsuit facebook view as

OpenSSH introduces a security feature to prevent Side-Channel Attacks

Security Affairs

OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution.

The Modern-Day Heist: IP Theft Techniques That Enable Attackers

Threatpost

There's more than one way to get inside a company. Cloud Security Featured Hacks InfoSec Insider data center exfiltration insider intellectual property IP theft supply chain attack WinRAR

Cloud 114

How automating AI empowers humans to master business innovation

IBM Big Data Hub

With the automated AI and ML advancements, you may find yourself wondering--what are the overall impacts to business? How will all of this technological progress impact the ways we run our business and perform our jobs

111
111

5 things your enterprise must do to prepare for AI

DXC Technology

Integrating artificial intelligence (AI) into your enterprise takes a lot more than registering a bunch of shared devices with Alexa for Business. AI initiatives require a purpose and strategy if they’re going to succeed in the long run. Here are five steps that are essential when preparing an organization to implement and leverage smart machines […]. Digital Transformation Workplace AI artificial intelligence digital transformation

Health Insurer Reports Data Breach That Began 9 Years Ago

Dark Reading

Dominion National first spotted something awry in April of 2019

The Building Blocks of Information Governance

Information Governance Perspectives

Information Governance (IG) is quite the buzzword these days, yet too many organizations still find themselves struggling with implementing a practical roadmap for success. Here’s a proven strategy and a few tips I picked up while developing board level IG programs for the Fortune 500.

Never Trust, Always Verify: Demystifying Zero Trust to Secure Your Networks

Dark Reading

The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether

Cloud 87

Tools TSLAC Uses To Access and Make Available Older Formats

The Texas Record

If you’ve ever taken our Managing Electronic Records class or perused our electronic records webinars, you’re aware that a major responsibility for storing records electronically is providing continuous access to those records throughout their life cycle.

Raspberry Pi Used in JPL Breach

Dark Reading

NASA report shows exfiltration totaling more than 100 GB of information since 2009

87