July, 2020

US Secret Service Forms Cyber Fraud Task Force

Data Breach Today

Newly Formed Task Force Combines Electronic and Financial Crimes Units The U.S. Secret Service is combining its electronic and financial crimes units into a single task force that will focus on investigating cyber-related financial crimes such as BEC schemes and ransomware attacks. The move comes as lawmakers want the Secret Service to take a more active role in fighting cybercrime

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Hackers Broke Into Real News Sites to Plant Fake Stories

WIRED Threat Level

A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO. Security Security / Cyberattacks and Hacks

Refreshing Insights for Modern COBOL

Micro Focus

Introduction In its seventh decade, COBOL’s heritage is legendary. This month sees yet another stride forward in COBOL innovation, with the latest release of the Micro Focus Visual COBOL and Enterprise product sets. But what of its practitioners? Where is the investment? We caught up two new members of the COBOL community, from our recent. View Article. Application Modernization and Connectivity Company Culture #WomenInSTEM COBOL ITSkills Modernization WomeninTech

IT 87

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Three Charged in July 15 Twitter Compromise

Krebs on Security

Three individuals have been charged for their alleged roles in the July 15 hack on Twitter , an incident that resulted in Twitter profiles for some of the world’s most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam.

More Trending

Dave: Mobile Banking App Breach Exposes 3 Million Accounts

Data Breach Today

Hack Blamed on Credentials Stolen via Breach of Third-Party Service Provider Waydev Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud.

New Mac Ransomware Is Even More Sinister Than It Appears

WIRED Threat Level

The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers. Security Security / Cyberattacks and Hacks Security / Security News

As Offices Reopen, Hardware from Home Threatens Security

Dark Reading

Devices out of sight for the past several months could spell trouble when employees bring them back to work

Twitter Cracks Down on QAnon. Your Move, Facebook

WIRED Threat Level

Twitter's new policy won't make the conspiracy group disappear. But experts say it could dramatically reduce its ability to spread. Security Security / National Security

IT 110

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Thinking of a Cybersecurity Career? Read This

Krebs on Security

Thousands of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills.

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

It took a global pandemic and the death of George Floyd to put deep-seated social inequities, especially systemic racism, front and center for intense public debate. Related: Will ‘blockchain’ lead to more equitable wealth distribution?

IT 209

Emotet Botnet Returns After Months-Long Hiatus

Data Breach Today

Security Researchers Detect New Spam Campaigns in US and UK After a nearly six-month hiatus, the Emotet botnet has sprung back to life with a spam campaign targeting the U.S. and U.K., according to multiple security research reports.

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Lending Privilege – how can we do more to lift one another up and create a more inclusive workplace?

Micro Focus

The story continues Our INSPIRE podcast journey just keeps on getting better. Hot on the heels of our podcast with June Manley, founder of F4, I am super excited to introduce podcast number four in our INSPIRE series with Anjuan Simmons.

114
114

How to Check Your Devices for Stalkerware

WIRED Threat Level

You deserve privacy. Here's how to check your phone, laptop, and online accounts to make sure no one's looking over your shoulder. Security Security / Privacy Security / Security Advice

Is Your Chip Card Secure? Much Depends on Where You Bank

Krebs on Security

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based

Sales 262

ROUNDTABLE: What’s next, now that we know V.I.P Twitter users can so easily be spoofed?

The Last Watchdog

Judging from the criminals’ meager pay day, the high-profile hack of Twitter , disclosed last week, was nothing much. Related: Study shows disinformation runs rampant on Twitter The hackers insinuated their way deep into Twitter’s internal system. They were able to get into a position from which they could access some 350 million Twitter accounts, including numerous accounts of the rich and famous.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Twitter Hackers Targeted Employees With Phone Phishing

Data Breach Today

Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals.

Email Security Features Fail to Prevent Phishable 'From' Addresses

Dark Reading

The security features for verifying the source of an email header fail to work together properly in many implementations, according to a team of researchers

Russia's GRU Hackers Hit US Government and Energy Targets

WIRED Threat Level

A previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus. Security Security / Cyberattacks and Hacks

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Business ID Theft Soars Amid COVID Closures

Krebs on Security

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned.

Q&A: Sophos poll shows how attackers are taking advantage of cloud migration to wreak havoc

The Last Watchdog

Cloud migration, obviously, is here to stay. Related: Threat actors add ‘human touch’ to hacks To be sure, enterprises continue to rely heavily on their legacy, on-premises datacenters. But there’s no doubt that the exodus to a much greater dependency on hybrid cloud and multi-cloud resources – Infrastructure-as-a-Service ( IaaS ) and Platforms-as-a-Service ( PaaS ) – is in full swing.

Cloud 130

DOJ: Chinese Hackers Targeted COVID-19 Vaccine Research

Data Breach Today

2 Indicted for Theft of a Broad Range of Intellectual Property in US and Elsewhere The U.S. Department of Justice has charged two Chinese nationals with hacking into the systems of hundreds of organizations in the U.S. and abroad.

242
242

Garmin shut down its services after an alleged ransomware attack

Security Affairs

Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Survey of Supply Chain Attacks

Schneier on Security

The Atlantic Council has a released a report that looks at the history of computer supply chain attacks.

Access 100

How the Alleged Twitter Hackers Got Caught

WIRED Threat Level

Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks. Security Security / Cyberattacks and Hacks

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal.

Sales 225