Sat.Aug 28, 2021 - Fri.Sep 03, 2021

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

5G is on the cusp of widespread adoption. Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks.

Digital State IDs Start Rollouts Despite Privacy Concerns

Threatpost

Eight states are introducing drivers licenses and identification cards available for use on Apple iPhones and Watches, but critics warn about the dangers of eliminating the use of a paper-based system entirely. Cloud Security Mobile Security Privacy

Paper 95
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Crisis Management: Responding to a Disaster

Data Breach Today

The Role Business Continuity Plans Can Play After Hurricanes as Well as Cyberattacks The impact of Hurricane Ida, including huge power outages, points to the importance of healthcare organizations and others having comprehensive business continuity and disaster recovery plans in place for natural disasters as well as cyber incidents.

163
163

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

GUEST ESSAY: The Top 5 myths about SIEM –‘security information and event management’

The Last Watchdog

One of the most commonly repeated phrases in the security industry is, “Security teams hate their SIEM!”. Related: The unfolding SIEM renaissance. Security Information and Event Management (SIEM) is not what it was 20 years ago. Don’t get me wrong, SIEMs do take work through deployment, maintenance, and tuning. They also require strategic planning.

More Trending

Facebook's WhatsApp Hit With $266 Million GDPR Fine

Data Breach Today

GDPR 285

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems.

Sales 188

Apple Backs Down on Its Controversial Photo-Scanning Plans

WIRED Threat Level

A sustained backlash against a new system to look for child sexual abuse materials on user devices has led the company to hit pause. Security Security / Security News

IT 107

New variant of Konni RAT used in a campaign that targeted Russia

Security Affairs

So far, Konni RAT has managed to evade detection as only 3 security solutions on VirusTotal were able to detect the malware. Researchers from Malwarebytes Labs spotted an ongoing malware campaign that is targeing Russia with the Konni RAT.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

2 UK Telecom Firms Under DDoS Attacks

Data Breach Today

Ongoing Attacks Disrupt Voip Unlimited and Voipfone Services Voip Unlimited and Voipfone, two Voice over Internet Protocol-based telecom companies in the U.K., report being victims of ongoing distributed denial-of-service attacks that have disrupted services

283
283

Excellent Write-up of the SolarWinds Security Breach

Schneier on Security

Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary. Uncategorized breaches cybersecurity data breaches reports

IT 102

Why Ransomware Hackers Love a Holiday Weekend

WIRED Threat Level

Looking forward to Labor Day? So are ruthless gangs of cybercriminals. Security Security / Security News

DDoS attacks target the Philippine human rights alliance Karapatan

Security Affairs

The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it to the local government.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

FBI Issues Alert on Hive Ransomware

Data Breach Today

Uptick in Hive Ransomware Activity Spotted The US Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down Memorial Health System last week.

Zero-Click iPhone Exploits

Schneier on Security

Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file.

6 Things You Need to Do to Prevent Getting Hacked

WIRED Threat Level

You are your own biggest weakness, but changing just a few of your behaviors can reduce the chances that your online accounts get breached. Security Security / Cyberattacks and Hacks

1 GB of data belonging to Puma available on Marketo

Security Affairs

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Medical Group: 655,000 Affected by 'Network Outage' Breach

Data Breach Today

Large Illinois Group Practice Says PHI Exposed After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest mulispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals

List of data breaches and cyber attacks in August 2021 – 61 million records breached

IT Governance

It has been another month of comparatively few reported cyber attacks and data breaches, with our August list containing 84 incidents accounting for 60,865,828 breached records. And it would have been even fewer if not for the attack on T-Mobile.

Information management and the energy transition

OpenText Information Management

Greetings from Anchorage, Alaska! As the new Industry Strategist for the energy industry at OpenText, I’m proud to come from a US state where the energy industry is of paramount importance. Alaska is home to Prudhoe Bay, the largest oilfield ever discovered in North America.

Some Synology products impacted by recently disclosed OpenSSL flaws

Security Affairs

Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products.

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

Atlassian Vulnerability Being Exploited in the Wild

Data Breach Today

Cyber Command and CISA Issue Alerts Cyber Command and the U.S.

Hacker-Themed Board Game

Schneier on Security

Black Hat is a hacker-themed board game. Uncategorized games hacking

82

How DMARC Can Protect Against Ransomware

eSecurity Planet

Domain-based Message Authentication, Reporting, and Conformance ( DMARC ) began gaining traction a few years ago as a way to validate the authenticity of emails. Now it may have an even more important role to play: preventing ransomware attacks.

Boston Public Library discloses cyberattack

Security Affairs

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

SEC Sanctions 8 Firms for 'Deficient Cybersecurity Procedures'

Data Breach Today

Regulator Cites Email Takeovers, Inadequate Incident Response The U.S.

Save the Date for ICRM’s Virtual Business Meeting!

IG Guru

ICRM is going virtual again this year for our ICRM Annual Business Meeting. We are excited that this will make our business meeting more accessible to members and candidates. We hope you will join us to hear what we have been up to this year!

History of the HX-63 Rotor Machine

Schneier on Security

Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG. Uncategorized encryption history of cryptography