Sat.May 29, 2021 - Fri.Jun 04, 2021

Amazon Sidewalk Raises Privacy and Security Concerns

Data Breach Today

Low-Bandwidth Network Can Share Internet Connections Among Amazon Devices Internet of things security professionals are expressing concern over Amazon's new Sidewalk - a low-bandwidth network program that will allow some of the company's connected and IoT devices to share Wi-Fi access even outside an owner's home.

IoT 142

What Is a Supply Chain Attack?

WIRED Threat Level

From NotPetya to SolarWinds, it’s a problem that’s not going away any time soon. Security Security / Security News

IT 78
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

White House to Corporate America: Take Ransomware Threat Seriously

eSecurity Planet

The National Security Council is sending a memo to U.S. companies urging them to take the ransomware threat more seriously as the Biden Administration ramps up its responses following recent attacks linked to Russia-based hacker groups on two major corporations.

Using Fake Reviews to Find Dangerous Extensions

Krebs on Security

Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Profiles in Leadership: Mario Demarillas of Exceture

Data Breach Today

CISO Discusses Changing Security Culture in Organizations Mario Demarillas, CISO and head of IT consulting and software engineering at Exceture, in the Philippines, strikes a balance between securing his organization and its business offering in security

More Trending

The Bizarro Streaming Site That Hackers Built From Scratch

WIRED Threat Level

BravoMovies isn't real. But it puts in a remarkable amount of effort to convince you that it is. Security Security / Cyberattacks and Hacks

IT 110

Phishing Emails Remain in User Inboxes Over 3 Days Before They're Removed

Dark Reading

Most malicious emails get blocked, but the ones that get through linger around dangerously long, a new study shows

White House Urges Businesses: Improve Ransomware Defenses

Data Breach Today

Biden Orders Federal Ransomware Task Force to Coordinate Federal Investigations The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place.

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

The Last Watchdog

The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. Related: The importance of basic research. We’ve barely scratched the surface of applying artificial intelligence and advanced data analytics to the raw data collecting in these gargantuan cloud-storage structures erected by Amazon, Microsoft and Google. But it’s coming, in the form of driverless cars, climate-restoring infrastructure and next-gen healthcare technology.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Ransomware Hits a Food Supply Giant—and Underscores Dire Risk

WIRED Threat Level

Hackers targeting JBS USA have disrupted meat processing facilities around the world, just one month after the Colonial Pipeline attack caused fuel distribution havoc. Security Security / Cyberattacks and Hacks

Risk 107

FireEye Sells Products Business to Symphony Group for $1.2B

Dark Reading

The transaction will include the FireEye brand name; the business that remains will be called Mandiant Solutions

84

Google Finds New Exploit That Alters Chip Memory

Data Breach Today

Latest Rowhammer Technique Targets Design Flaws in Modern DRAM Chips Researchers at Google have identified a new Rowhammer exploit, dubbed Half-Double, which targets design flaws in some of the newer DRAM chips to alter their memory content

201
201

Welcoming the Belgian Government to Have I Been Pwned

Troy Hunt

Supporting national CERTs with free API domain searches across their assets is becoming an increasing focus for Have I Been Pwned and today I'm happy to welcome the 19th government on board, Belgium.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

US Soldiers Exposed Nuclear Secrets on Digital Flashcards

WIRED Threat Level

Plus: A major hack in Japan, Citizen app run amuck, and more of the week's top security news. Security Security / Security News

Trend Micro details CVE-2021-30724 privilege escalation flaw in macOS, iOS

Security Affairs

Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724 , that impacts macOS, iOS and iPadOS.

$7 Million Digital Advertising Scam: Russian Man Convicted

Data Breach Today

Self-Professed 'King of Fraud' Aleksandr Zhukov Ran Ads on Fake Sites Russian national Aleksandr Zhukov has been convicted by a U.S.

207
207

Encryption Helps Companies Avoid Breach Notifications

Dark Reading

With nearly twice as many firms suffering a breach compared with the previous year, limiting the damage becomes more important, a survey finds

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Apple's M1 Chip Has a Fascinating Flaw

WIRED Threat Level

The covert channel bug demonstrates a fundamental fact of CPUs: even new ones have vulnerabilities. Security

REvil Ransomware Gang Spill Details on US Attacks

Threatpost

The REvil ransomware gang is interviewed on the Telegram channel called Russian OSINT. Government Hacks Malware

White House Presses Russia on JBS Ransomware

Data Breach Today

Experts Say Ransomware Hasn't Slowed Down Since Colonial Pipeline The White House says on Tuesday it has contacted Russia regarding the ransomware attack against JBS SA, the multinational meat producer. It's a positive sign of more aggressive action by the U.S.

Microsoft 365: Most Common Threat Vectors & Defensive Tips

Dark Reading

Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Hackers scan for VMware vCenter servers vulnerable to CVE-2021-21985 RCE

Security Affairs

Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware.

Amazon Sidewalk Poised to Sweep You Into Its Mesh

Threatpost

On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled. IoT Mobile Security Web Security

IT 113

Siemens Patches Critical Security Flaw in Certain Products

Data Breach Today

Vulnerability Affects Siemens SIMATIC S7-1200 and S7-1500 CPU Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks.

Access 203

Data Breaches Drive Higher Loan Interest Rates

Dark Reading

Businesses that suffer a security breach may not see their stock price tumble, but they may pay higher rates for loans and be forced to provide collateral, researchers report

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Security Vulnerability in Apple’s Silicon “M1” Chip

Schneier on Security

The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end

Exchange Servers Targeted by ‘Epsilon Red’ Malware

Threatpost

REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Cryptography Malware Vulnerabilities

Biden Budget Seeks to Invest Billions in US Cybersecurity

Data Breach Today

2022 Budget Proposal Seeks $750 Million for 'Lessons Learned' From SolarWinds The White House officially released its 2022 federal budget proposal on Friday, and the Biden administration is seeking to spend billions on cybersecurity next year, including $750 million for "lessons learned" from the SolarWinds attack.