April, 2020

COVID-19: Stages of Re-Entry Planning

Data Breach Today

Pandemic Expert Regina Phelps on How to Strategize for Life After Quarantine As politicians and protesters argue about the merits and timing of emerging from COVID-19 quarantine, crisis management expert Regina Phelps lays out a 10-step re-entry plan. Her word of counsel: "Caution


BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

The Last Watchdog

Cyber criminals who specialize in plundering local governments and school districts are in their heyday. Related : How ransomware became a scourge Ransomware attacks and email fraud have spiked to record levels across the U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Fresh COVID-19 Phishing Scams Try to Spread Malware: Report

Data Breach Today

Organizations Targeted With Ransomware, Infostealer Two recently uncovered phishing campaigns used COVID-19 themes as a lure in an attempt to spread ransomware and information stealers, according to Palo Alto Networks' Unit 42 division

TikTok Content Could Be Vulnerable to Tampering: Researchers

Data Breach Today

Video-Sharing Service Does Not Always Use TLS/SSL Encryption TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Apple Rushes to Patch iOS Zero-Day Flaws

Data Breach Today

Vulnerabilities Have Likely Been Exploited for Years, Researchers Warn Apple is now preparing final patches for two zero-day vulnerabilities that a security firm says have been exploited by certain attackers to seize control of iPhone and iPad email apps, giving them access to users' messages

Access 215

More Trending

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations. Introduction. During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers.

Another Story of Bad 1970s Encryption

Schneier on Security

This one is from the Netherlands. It seems to be clever cryptanalysis rather than a backdoor. The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according to research by de Volkskrant on Thursday.

Attackers Increasingly Using Web Shells to Create Backdoors

Data Breach Today

NSA, Australian Signals Directorate, Offer Mitigation Tips The U.S. National Security Agency and the Australian Signals Directorate offer guidance on how to mitigate the growing threat posed by attackers using web shells to create backdoors

A Tale of 3 Breaches: Incident Response Challenges

Data Breach Today

Recent Healthcare Incidents Spotlight Problems That May Worsen Amid COVID-19 Crisis Three recently disclosed health data security incidents - including the discovery of a large email hack that happened nearly a year ago - serve as reminders of the ongoing incident response challenges facing healthcare organizations.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Cybercriminals Using Zoom, WebEx as Phishing Lures: Report

Data Breach Today

Campaigns Aimed at Stealing Credentials, Distributing Malware Cybercriminals are using spoofed messages and images from Zoom and Cisco WebEx as lures in new phishing campaigns that are designed to steal credentials or distribute malware, according to the security firm Proofpoint

New COVID19 wiper overwrites MBR making computers unusable

Security Affairs

A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR.

CISA Warns Patched Pulse Secure VPNs Still Vulnerable

Data Breach Today

Hackers Using Stolen Active Directory Credentials to Access Networks CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw.

Access 195

Microsoft Buys Corp.com So Bad Guys Can’t

Krebs on Security

In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million.

Sales 231

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

The Last Watchdog

We’ve come to rely on our smartphones to live out our digital lives, both professionally and personally. When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while at the same time respecting an individual’s privacy.

MDM 173

WHO Confirms Email Credentials Leak

Dark Reading

Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused

Securing Internet Videoconferencing Apps: Zoom and Others

Schneier on Security

The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this.

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild.

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Genetic Testing Lab Hack Affects 233,000

Data Breach Today

Second Largest Health Data Breach So Far This Year A California-based genetic testing laboratory has reported an email hacking incident that may have exposed medical information on nearly 233,000 individuals.

‘War Dialing’ Tool Exposes Zoom’s Password Problems

Krebs on Security

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom.

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019.

White-Hat Hackers Help 'Fold' COVID-19 Proteins

Dark Reading

A grassroots effort provides scientists with computing power to help simulate the novel coronavirus' proteins and come up with therapeutic solutions for the disease


How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

Contact Tracing COVID-19 Infections via Smartphone Apps

Schneier on Security

Google and Apple have announced a joint project to create a privacy-preserving COVID-19 contact tracing app. Details, such as we have them, are here.) It's similar to the app being developed at MIT, and similar to others being described and developed elsewhere.

Paper 114

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities.

Ransomware: Average Business Payout Surges to $111,605

Data Breach Today

When in Doubt: Hang Up, Look Up, & Call Back

Krebs on Security

Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening.

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

SHARED INTEL: How attacks on web, mobile apps are being fueled by rising API vulnerabilities

The Last Watchdog

Application programming interface. It’s the glue holding digital transformation together. Related: A primer on ‘credential stuffing’ APIs are the conduits for moving data to-and-fro in our digitally transformed world.

Microsoft Warns of Malware Hidden in Pirated Film Files

Dark Reading

An active campaign inserts malicious VBScript into ZIP files posing as downloads for "John Wick 3," "Contagion," and other popular movies


How Apple and Google Are Enabling Covid-19 Bluetooth Contact-Tracing

WIRED Threat Level

The tech giants have teamed up to use a Bluetooth-based framework to keep track of the spread of infections without compromising location privacy. Security Security / Privacy