May, 2020

Mercedes-Benz Data Leak Lesson: Lock Down Code Repositories

Data Breach Today

Luckily for Car Giant, Access Control Gaff Didn't Expose Secret Data - This Time Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.

Access 262

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

The Last Watchdog

Doing authentication well is vital for any company in the throes of digital transformation.

Botnet Watch: Anubis Mobile Malware Gets New Features

Data Breach Today

Powerful Platform Can Spot If Victim Is Looking at the Screen Anubis, one of the most potent Android botnets, apparently is getting a refresh a year after its source code was leaked, security researchers say. The changes could help fraudsters more closely monitor activity on hacked devices

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet

WIRED Threat Level

At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story. . Security Security / Cyberattacks and Hacks Backchannel

More Trending

Anonymous demands justice for George Floyd and threatens attacks

Security Affairs

The hacktivist collective group Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police.

Bank of America: COVID-19 Loan Data May Have Leaked

Data Breach Today

Client Data May Have Been Exposed During Test of SBA Loan Platform Bank of America disclosed this week that some customers' data may have been exposed during the uploading of loan applications related to the Paycheck Protection Program - a U.S. government initiative created to provide business loans during the COVID-19 pandemic

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S. states struggle to combat a tsunami of phony Pandemic Unemployment Assistance (PUA) claims. Meanwhile, a number of U.S.

Career Choice Tip: Cybercrime is Mostly Boring

Krebs on Security

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

API Security and Hackers: What?s the Need?

Security Affairs

API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. APIs work as doors for a company – closely guarding data of an organization.

The 5G Coronavirus Conspiracy Theory Has Taken a Dark Turn

WIRED Threat Level

Though social networks have pledged to take more concerted action against it, the theory has continued to spread, inspiring a surge of attacks. . Security Security / Security News

IT 79

Microsoft Warns of COVID-19 Phishing Emails Spreading RAT

Data Breach Today

Malicious Messages Attempt to Install NetSupport Manager Tool on Devices Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT

'Smart' Factories Could Face Unique Attacks: Report

Data Breach Today

Connected Devices Could Allow Attackers to Target Industrial Systems, Trend Micro Reports The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic University of Milan

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Hackers Breached 6 Unpatched Cisco Internal Servers

Data Breach Today

Servers Support Company's Virtual Networking Service Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities.

IT 230

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office

Krebs on Security

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today. Related: Why U.S. cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment.

How to Protest Safely in the Age of Surveillance

WIRED Threat Level

Law enforcement has more tools than ever to track your movements and access your communications. Here's how to protect your privacy if you plan to protest. Security Security / Security Advice

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Websites Conducting Port Scans

Schneier on Security

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors. Looking at the list of ports they are scanning, they are looking for VNC services being run on the host, which is the same thing that was reported for bank sites.

To Live and Love in the Time of Corona

OpenText Information Management

As we approach 100 days of quarantine or shelter in place, I wanted to take an inventory of what we know, what we need to know, and how to live and love in the time of Corona.

108
108

Top Ransomware Attack Vectors: RDP, Drive-By, Phishing

Data Breach Today

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The company says the hackers never touched its ATMs or customer networks, and that the intrusion only affected its corporate network. Canton, Ohio-based Diebold [ NYSE: DBD ] is currently the largest ATM provider in the United States, with an estimated 35 percent of the cash machine market worldwide.

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

The Last Watchdog

If the devastating health and economic ramifications weren’t enough, individual privacy is also in the throes of being profoundly and permanently disrupted by the coronavirus pandemic.

Four critical data management attributes for AI and digital transformation

IBM Big Data Hub

Many enterprises have a tangled data management system, comprised of an assortment of products assembled together, in an attempt to meet the complex needs of modern day data management.

Thermal Imaging as Security Theater

Schneier on Security

Seems like thermal imaging is the security theater technology of today. These features are so tempting that thermal cameras are being installed at an increasing pace.

3 hacking forums have been hacked and database have been leaked online

Security Affairs

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums.

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Mercedes-Benz Data Leak: Embarrassing But Endurable

Data Breach Today

The Mistake Could Have Been Much Worse in an Era of Connected Vehicles Last week, a curious data breach occurred: Almost 9 GB of software development documentation from Daimler AG, the parent company of Mercedes-Benz.

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services.

Paper 167

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

When it was first introduced, device fingerprinting – or online fingerprinting in general – was meant to create a safer, more responsible internet. The idea was that by fingerprinting devices used to connect to the internet we could achieve better accountability. Related: Why Satya Nadella calls for regulation of facial recognition systems The concept itself is still very much relevant today.

GDPR 127