June, 2021

CEO-Level Guide to Prevent Data Hacking Technologies & Incidents

Security Affairs

The current era, where all data is digital, the threats of fraud, breach and data sprawl are more of a reality than ever. In these times, organizations not only take a hit because of the breached data and cyber threats, but also are heavily fined under global privacy regulations.

Risk 70

A View from Inside a Deception

Dark Reading

Pen-testing today's threat deception technology is not for the faint-hearted. Do modern deception tools truly frustrate adversaries, and are they ready for the enterprise SOC

69
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware Evolves as Groups Embrace as-a-Service Models

eSecurity Planet

At first glance, the report this week from cybersecurity software vendor McAfee showing that the incidence of ransomware dropped by half in the first quarter seems like good news to a world that continues to feel the repercussions of the seemingly ubiquitous malware.

Profiles in Leadership: Mario Demarillas of Exceture

Data Breach Today

CISO Discusses Changing Security Culture in Organizations Mario Demarillas, CISO and head of IT consulting and software engineering at Exceture, in the Philippines, strikes a balance between securing his organization and its business offering in security

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

More Trending

What the Pentagon’s New UFO Report Reveals About Humankind

WIRED Threat Level

The document says less about the search for life in the universe, and more about our current cultural climate and distrust of expertise. Science Security Science / Space

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

RockYou2021, the largest password compilation of all time has been leaked on a popular hacker forum, it contains 8.4 billion entries of passwords. . Original post at: [link]. What seems to be the largest password collection of all time has been leaked on a popular hacker forum.

Phishing Emails Remain in User Inboxes Over 3 Days Before They're Removed

Dark Reading

Most malicious emails get blocked, but the ones that get through linger around dangerously long, a new study shows

Researchers Identify New Malware Loader Variant

Data Breach Today

New JSSLoader Variant is Being Spread by TA543 Group A cybercrime group tracked as TA543 by security firm Proofpoint is deploying a new variant of a malware loader to target victims as part of a phishing campaign, the company reports

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

How Cyber Sleuths Cracked an ATM Shimmer Gang

Krebs on Security

In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip card transactions.

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

The Last Watchdog

Microsoft has blunted the ongoing activities of the Nobelium hacking collective, giving us yet another glimpse of the unceasing barrage of hack attempts business networks must withstand on a daily basis. Related: Reaction to Biden ‘s cybersecurity executive order. Nobelium is the Russian hacking collective best known for pulling off the milestone SolarWinds supply chain hack last December.

John McAfee Dies in Spanish Prison After Extradition Order

WIRED Threat Level

The antivirus pioneer and alleged cryptocurrency scammer was 75 years old. Security Security / Security News

New LinkedIn breach exposes data of 700 Million users

Security Affairs

A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users.

Sales 83

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Banning Surveillance-Based Advertising

Schneier on Security

The Norwegian Consumer Council just published a fantastic new report: “ Time to Ban Surveillance-Based Advertising.

Risk 83

Irish Ransomware Attack Recovery Cost Estimate: $600 Million

Data Breach Today

Director of HSE, Nation's Healthcare System, Describes the Costs The recovery costs for the May ransomware attack on Health Service Executive, Ireland's publicly funded healthcare system, is likely to total $600 million, says Paul Reid, HSE's director general

How Cyber Safe is Your Drinking Water Supply?

Krebs on Security

GUEST ESSAY: A full checklist on how to spot pharming attacks — and avoid becoming a victim

The Last Watchdog

Cybercriminals use various techniques for conducting cyberattacks. One such popular way to infiltrate a system is Pharming. It is an online scam attack quite similar to Phishing. Related: Credential stuffing explained. The term Pharming is a combination of two words Phishing and Farming. It is a type of social engineering cyberattack in which the website’s traffic is manipulated to steal confidential credentials from the users.

9 Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

How to Protect Your Files From Ransomware

WIRED Threat Level

It's a growing threat for individual users and businesses alike—but there are ways to protect yourself. Security Security / Security Advice

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US.

Google Updates Vulnerability Data Format to Support Automation

Dark Reading

The Open Source Vulnerability schema supports automated vulnerability handling in Go, Rust, Python, and Distributed Weakness Filing system, and it could be the favored format for future exporting of data

IT 81

Cajee Brothers Deny $3.6 Billion Bitcoin Fraud

Data Breach Today

Lawyer Says Contract to Assist the Cajee Brothers Terminated Two brothers who run Africrypt, a currency exchange service based in Johannesburg, South Africa, have been accused by law firm Hanekom Attorneys, acting on behalf of investors, of 'vanishing' along with $3.6

204
204

The Forrester Wave™: B2B Marketing Data Providers, Q2 2021

In our 24-criterion evaluation of B2B marketing data providers, we identified the 11 most significant vendors — Data Axle, Dun & Bradstreet, Enlyft, Global Database, InsideView, Leadspace, Oracle, SMARTe, Spiceworks Ziff Davis, TechTarget, and ZoomInfo Technologies — and researched, analyzed, and scored them. This report shows how each provider measures up and helps B2B marketing professionals select the right one for their needs.

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Access 224

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

The Last Watchdog

The challenge of embracing digital transformation while also quelling the accompanying cyber risks has never been greater for small- and mid-sized businesses. Related: How ‘PAM’ improves authentication. SMBs today face a daunting balancing act. To boost productivity, they must leverage cloud infrastructure and participate in agile software development. But this also opens up a sprawling array of fresh security gaps that threat actors are proactively probing and exploiting.

The FBI's Anom Stunt Rattles the Encryption Debate

WIRED Threat Level

The agency spent years running a secure phone network for criminals. So much for “going dark.”. Security Security / Security News

The Future of Machine Learning and Cybersecurity

Schneier on Security

The Center for Security and Emerging Technology has a new report: “ Machine Learning and Cybersecurity: Hype and Reality.” ” Here’s the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks.

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

7 Powerful Cybersecurity Skills the Energy Sector Needs Most

Dark Reading

Those looking to join the fight might want to polish up or acquire some (or all) of these hottest skills on the market

McDonald's Breach Exposes Korean, Taiwanese Customer Data

Data Breach Today

Company Says Phone Numbers, Delivery and Email Addresses Exposed Fast-food giant McDonald's is acknowledging a data breach that affected some customer and company data from its locations in Korea and Taiwan. Phone numbers, delivery and email addresses were exposed.

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.