May, 2020

Mercedes-Benz Data Leak Lesson: Lock Down Code Repositories

Data Breach Today

Luckily for Car Giant, Access Control Gaff Didn't Expose Secret Data - This Time Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.

Access 269

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

The Last Watchdog

Doing authentication well is vital for any company in the throes of digital transformation.

Botnet Watch: Anubis Mobile Malware Gets New Features

Data Breach Today

Powerful Platform Can Spot If Victim Is Looking at the Screen Anubis, one of the most potent Android botnets, apparently is getting a refresh a year after its source code was leaked, security researchers say. The changes could help fraudsters more closely monitor activity on hacked devices

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet

WIRED Threat Level

At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story. . Security Security / Cyberattacks and Hacks Backchannel

More Trending

Anonymous demands justice for George Floyd and threatens attacks

Security Affairs

The hacktivist collective group Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police.

Bank of America: COVID-19 Loan Data May Have Leaked

Data Breach Today

Client Data May Have Been Exposed During Test of SBA Loan Platform Bank of America disclosed this week that some customers' data may have been exposed during the uploading of loan applications related to the Paycheck Protection Program - a U.S.

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S.

Career Choice Tip: Cybercrime is Mostly Boring

Krebs on Security

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

API Security and Hackers: What?s the Need?

Security Affairs

API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. APIs work as doors for a company – closely guarding data of an organization.

The 5G Coronavirus Conspiracy Theory Has Taken a Dark Turn

WIRED Threat Level

Though social networks have pledged to take more concerted action against it, the theory has continued to spread, inspiring a surge of attacks. . Security Security / Security News

IT 113

Microsoft Warns of COVID-19 Phishing Emails Spreading RAT

Data Breach Today

Malicious Messages Attempt to Install NetSupport Manager Tool on Devices Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT

'Smart' Factories Could Face Unique Attacks: Report

Data Breach Today

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Hackers Breached 6 Unpatched Cisco Internal Servers

Data Breach Today

Servers Support Company's Virtual Networking Service Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities.

IT 239

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations.

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today. Related: Why U.S.

How to Protest Safely in the Age of Surveillance

WIRED Threat Level

Law enforcement has more tools than ever to track your movements and access your communications. Here's how to protect your privacy if you plan to protest. Security Security / Security Advice

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens.

6 Free Cybersecurity Training and Awareness Courses

Dark Reading

Most are designed to help organizations address teleworking risks related to COVID-19 scams

Risk 113

Top Ransomware Attack Vectors: RDP, Drive-By, Phishing

Data Breach Today

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

Fresenius , Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems.

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

When it was first introduced, device fingerprinting – or online fingerprinting in general – was meant to create a safer, more responsible internet. The idea was that by fingerprinting devices used to connect to the internet we could achieve better accountability.

GDPR 169

The Nigerian Fraudsters Ripping Off the Unemployment System

WIRED Threat Level

Security researchers have spotted the “Scattered Canary” group scamming vital benefits programs amid the Covid-19 pandemic. Security Security / Cyberattacks and Hacks

Tens of thousands Israeli websites defaced

Security Affairs

Thousands of Israeli websites have been defaced earlier today, hackers published an anti-Israeli message on their homepage and attempted to implant malicious code.

IT 113

Me on COVID-19 Contact Tracing Apps

Schneier on Security

I was quoted in BuzzFeed: "My problem with contact tracing apps is that they have absolutely no value," Bruce Schneier, a privacy expert and fellow at the Berkman Klein Center for Internet & Society at Harvard University, told BuzzFeed News.

IT 114

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Ransomware Gang Posting Financial Details From Bank Attack

Data Breach Today

Maze Started Releasing Payment Card Data From Costa Rican Bank This Week The Maze ransomware gang has started releasing payment card data from an attack that happened earlier this year at Banco BCR, which is the state-owned Bank of Costa Rica.

Tech Support Scam Uses Child Porn Warning

Krebs on Security

A new email scam is making the rounds, warning recipients that someone using their Internet address has been caught viewing child pornography.

Access 236

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

The Last Watchdog

If the devastating health and economic ramifications weren’t enough, individual privacy is also in the throes of being profoundly and permanently disrupted by the coronavirus pandemic.