February, 2021

5 Cloud Trends That Will Reshape IT in 2021

DXC

We rang in 2020 with all the expectations that cloud computing would continue its progression as a massive catalyst for digital transformation throughout the enterprise. What we didn’t expect was a worldwide health crisis that led to a huge jump in cloud usage.

Cloud 107

Bluetooth Overlay Skimmer That Blocks Chip

Krebs on Security

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores.

Retail 203
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Florida City's Water Hack: Poor IT Security Laid Bare

Data Breach Today

Oldsmar Used Windows 7, Shared TeamViewer Password, Didn't Have a Firewall The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall.

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. Related: The quickening of cyber warfare. The latest twist: mobile network operator UScellular on Jan. 21 disclosed how cybercriminals broke into its Customer Relationship Management (CRM) platform as a gateway to compromise the cell phones of an undisclosed number of the telecom giant’s customers.

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

Far-Right Platform Gab Has Been Hacked—Including Private Data

WIRED Threat Level

The transparency group DDoSecrets says it will make the 70GB of passwords, private posts, and more available to researchers, journalists, and social scientists. Security Security / Cyberattacks and Hacks

More Trending

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008.

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material.

IT 230

Patient Files Dumped on Darknet Site After Hacking Incidents

Data Breach Today

Data Appears to Come From 2 Healthcare Organizations in Florida, Texas The Conti cybercrime gang has reportedly leaked sensitive patient data, as well as employee records, on a darknet site following recent hacker attacks on a two healthcare organizations in Florida and Texas

263
263

SHARED INTEL: Forrester poll – security decision makers report breaches escalated as Covid 19 spread

The Last Watchdog

Human suffering and economic losses weren’t the only two things that escalated with the spread of Covid 19 last year. Related: Can ‘SASE’ help companies secure connectivity? Network breaches also increased steadily and dramatically month-to-month in 2020. This development is delineated in a recent report from technology research firm Forrester.

Access 131

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

China Hijacked an NSA Hacking Tool—and Used It for Years

WIRED Threat Level

The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online. Security Security / National Security

IT 114

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee.

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Schneier on Security

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers: In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt. Billy] Fair outside.

How $100M in Jobless Claims Went to Inmates

Krebs on Security

The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail.

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Nigerian Gets 10-Year Sentence for BEC Scam

Data Breach Today

Prosecutors: Crime Operation Extorted $11 Million A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice

IT 258

AUTHOR Q&A: New book, ‘Hackable,’ suggests app security is the key to securing business networks

The Last Watchdog

The cybersecurity operational risks businesses face today are daunting, to say the least. Related: Embedding security into DevOps. Edge-less networks and cloud-supplied infrastructure bring many benefits, to be sure. But they also introduce unprecedented exposures – fresh attack vectors that skilled and motivated threat actors are taking full advantage of. Adopting and nurturing a security culture is vital for all businesses. But where to start?

Cloud 133

There Are Spying Eyes Everywhere—and Now They Share a Brain

WIRED Threat Level

Security cameras. License plate readers. Smartphone trackers. Drones. We’re being watched 24/7. What happens when all those data streams fuse into one? Backchannel Security / Privacy Business

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Security Affairs

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

NSA Releases Guidance on Zero-Trust Architecture

Dark Reading

A new document provides guidance for businesses planning to implement a zero-trust system management strategy

109
109

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

Krebs on Security

The leader of Mexico’s Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico’s top tourist destinations over the past five years.

Senators Grill Cybersecurity Execs on SolarWinds Attack

Data Breach Today

FireEye, Microsoft, CrowdStrike Offer New Details and Recommendations The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S.

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

Cybersecurity training has steadily gained traction in corporate settings over the past decade, and rightfully so. In response to continuing waves of data breaches and network disruptions, companies have made a concerted effort and poured substantial resources into promoting data security awareness among employees, suppliers and clients. Safeguarding data in workplace settings gets plenty of attention. Related: Mock attack help schools prepare for hackers.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

The SolarWinds Body Count Now Includes NASA and the FAA

WIRED Threat Level

Plus: Firefox blocks more tracking, how to fight a robodog, and more of the week’s top security news. Security Security / Security News

COMB breach: 3.2B email and password pairs leaked online

Security Affairs

The Largest compilation of emails and passwords (COMB), more than 3.2 billion login credentials, has been leaked on a popular hacking forum. More than 3.2

What I Wish I Knew at the Start of My InfoSec Career

Dark Reading

Security pros identify lessons learned that impact how they view infosec today

Checkout Skimmers Powered by Chip Cards

Krebs on Security

Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal’s chip reader slot. What enables these skimmers to be so slim?

Retail 207

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Senators Demand More Coordination in SolarWinds Investigation

Data Breach Today

Warner and Rubio Call for Designation of Leader of Four-Agency Effort Citing a lack of coordination and transparency, U.S.

242
242

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true. Related: Companies must bear a broad security burden.

The Gaming Platforms That Let Streamers Profit From Hate

WIRED Threat Level

WIRED has found dozens of far-right and white supremacist figures monetizing their livestreams through “donation management services” Streamlabs and StreamElements. Security Security / Security News