February, 2021

5 Cloud Trends That Will Reshape IT in 2021

DXC

We rang in 2020 with all the expectations that cloud computing would continue its progression as a massive catalyst for digital transformation throughout the enterprise. What we didn’t expect was a worldwide health crisis that led to a huge jump in cloud usage.

Cloud 110

Bluetooth Overlay Skimmer That Blocks Chip

Krebs on Security

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores.

Retail 248
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Florida City's Water Hack: Poor IT Security Laid Bare

Data Breach Today

Oldsmar Used Windows 7, Shared TeamViewer Password, Didn't Have a Firewall The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall.

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. Related: The quickening of cyber warfare. The latest twist: mobile network operator UScellular on Jan. 21 disclosed how cybercriminals broke into its Customer Relationship Management (CRM) platform as a gateway to compromise the cell phones of an undisclosed number of the telecom giant’s customers.

Build Your Open Data Lakehouse on Apache Iceberg

Speaker: Veena Vasudevan and Jason Hughes

In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!

Far-Right Platform Gab Has Been Hacked—Including Private Data

WIRED Threat Level

The transparency group DDoSecrets says it will make the 70GB of passwords, private posts, and more available to researchers, journalists, and social scientists. Security Security / Cyberattacks and Hacks

More Trending

Emotet Takedown: Short-Term Celebration, Long-Term Concerns

Dark Reading

Security researchers examine how and when Emotet's operators may resurface, and the threats that could evolve in the meantime

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material.

IT 270

French Security Firm Says Hackers Accessed Its Source Code

Data Breach Today

Stormshield Is a Major Supplier of Security Products to the French Government French security vendor Stormshield has launched an investigation after an internal review found that hackers accessed the source code of the company's network security product.

Access 285

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

Cybersecurity training has steadily gained traction in corporate settings over the past decade, and rightfully so. In response to continuing waves of data breaches and network disruptions, companies have made a concerted effort and poured substantial resources into promoting data security awareness among employees, suppliers and clients. Safeguarding data in workplace settings gets plenty of attention. Related: Mock attack help schools prepare for hackers.

The Ultimate Guide to Hardening Windows Servers

IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!

China Hijacked an NSA Hacking Tool—and Used It for Years

WIRED Threat Level

The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online. Security Security / National Security

IT 114

Silver Sparrow, a new malware infects Mac systems using Apple M1 chip

Security Affairs

Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. Malware researchers at Red Canary uncovered a new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world.

Cloud 113

Spotify Hit With Another Credential-Stuffing Attack

Dark Reading

This marks the second credential-stuffing attack to hit the streaming platform in the last few months

113
113

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Krebs on Security

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Senators Demand More Coordination in SolarWinds Investigation

Data Breach Today

Warner and Rubio Call for Designation of Leader of Four-Agency Effort Citing a lack of coordination and transparency, U.S.

AUTHOR Q&A: New book, ‘Hackable,’ suggests app security is the key to securing business networks

The Last Watchdog

The cybersecurity operational risks businesses face today are daunting, to say the least. Related: Embedding security into DevOps. Edge-less networks and cloud-supplied infrastructure bring many benefits, to be sure. But they also introduce unprecedented exposures – fresh attack vectors that skilled and motivated threat actors are taking full advantage of. Adopting and nurturing a security culture is vital for all businesses. But where to start?

Cloud 124

The SolarWinds Body Count Now Includes NASA and the FAA

WIRED Threat Level

Plus: Firefox blocks more tracking, how to fight a robodog, and more of the week’s top security news. Security Security / Security News

COMB breach: 3.2B email and password pairs leaked online

Security Affairs

The Largest compilation of emails and passwords (COMB), more than 3.2 billion login credentials, has been leaked on a popular hacking forum. More than 3.2

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees

Dark Reading

Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities

How $100M in Jobless Claims Went to Inmates

Krebs on Security

The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail.

Nigerian Gets 10-Year Sentence for BEC Scam

Data Breach Today

Prosecutors: Crime Operation Extorted $11 Million A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice

SHARED INTEL: Forrester poll – security decision makers report breaches escalated as Covid 19 spread

The Last Watchdog

Human suffering and economic losses weren’t the only two things that escalated with the spread of Covid 19 last year. Related: Can ‘SASE’ help companies secure connectivity? Network breaches also increased steadily and dramatically month-to-month in 2020. This development is delineated in a recent report from technology research firm Forrester.

Access 110

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

How to Avoid Phishing Emails and Scams

WIRED Threat Level

It's is a bigger threat than ever. Here are some ways you can defend yourself. Security Security / Security Advice

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee.

FTC: ID Theft Doubled in 2020

Dark Reading

The Federal Trade Commission said a surge in reports of identity theft occurred amid the COVID-19 pandemic

113
113

Checkout Skimmers Powered by Chip Cards

Krebs on Security

Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal’s chip reader slot. What enables these skimmers to be so slim?

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

New DHS Secretary Pledges to Investigate SolarWinds Hack

Data Breach Today

Alejandro Mayorkas: ‘Cybersecurity of Our Nation Will Be One of My Highest Priorities’ Alejandro Mayorkas, the newly confirmed secretary of the Department of Homeland Security, says his initial priorities include reviewing all available intelligence on the SolarWinds supply chain hack and scrutinizing the government's cybersecurity programs.

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008.

There Are Spying Eyes Everywhere—and Now They Share a Brain

WIRED Threat Level

Security cameras. License plate readers. Smartphone trackers. Drones. We’re being watched 24/7. What happens when all those data streams fuse into one? Backchannel Security / Privacy Business