Sat.Dec 05, 2020 - Fri.Dec 11, 2020

Keeping Cyber Secure at Christmas

Dark Reading

Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas

FireEye Hack: Sizing Up the Impact

Data Breach Today

Does Theft of Penetration Tools Pose a Serious Threat? FireEye's disclosure this week of the theft of its penetration testing tools - and its proactive response - has drawn praise but raised many questions, as well

IT 183
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Avoiding Four Common Pitfalls When Moving to the Cloud

OpenText Information Management

As organizations increasingly move mission-critical workloads to the cloud, it’s important to recognize some of the common pitfalls and how best to mitigate their impact. Selecting the correct level of service It is crucial that organizations select the right cloud partners to operate their systems.

Cloud 72

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days.

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. We began the new millennium with on-premises data centers supporting servers and desktops that a technician in sneakers could service. Connectivity was relatively uncomplicated. And given a tangible network perimeter, cybersecurity evolved following the moat-and-wall principle.

More Trending

In 'The Mandalorian,' Stormtroopers Have Finally Discovered Tactics

WIRED Threat Level

Imperial troops have finally figured out how to do more than charge straight ahead. Security Security / Security News

Patch Tuesday, Good Riddance 2020 Edition

Krebs on Security

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load.

IT 174

Phishing Campaign Targets 200M Microsoft 365 Accounts

Dark Reading

A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom

CISA Warns of Increasing Cyberthreats to US K-12 Schools

Data Breach Today

Agency Says Ransomware, Trojans, DDoS Attacks Are Most Concerning CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Amazing Grace Hopper – HAPPY BIRTHDAY

Micro Focus

When a bright, 30-something persuaded the authorities to waive the restrictions on age and weight, and joined the US Navy in 1944, no-one could have foreseen the profound benevolent impact Grace Hopper would go on to have on computing and the world as we know it today.

IT 112

OpenSSL is affected by a ‘High Severity’ security flaw, update it now

Security Affairs

The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks.

IT 112

'Tis the Season to Confront Third-Party Risk

Dark Reading

On any given day it's hard to ensure that outside companies and individuals adhere to an organization's security practices and policies. But when it's the holidays and, oh, a global pandemic, companies need to be extra vigilant

Risk 110

Ransomware: Call Centers Cold-Call Victims to Demand Ransom

Data Breach Today

Such Specialization Highlights Ransomware Operators' Increasing Business Savvy Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Critical Flaws in Millions of IoT Devices May Never Get Fixed

WIRED Threat Level

Amnesia:33 is the latest in a long line of vulnerabilities that affect countless embedded devices. Security Security / Security News

IoT 110

Drug dealers are selling Pfizer COVID vaccines on the darkweb

Security Affairs

While the United Kingdom announced the distribution of the COVID-19 vaccine to the population drug dealers is selling ‘Pfizer COVID Vaccines.’. The UK became the first Western country to authorize a Covid-19 vaccine.

Sales 109

FireEye Breach Fallout Yet to Be Felt

Dark Reading

Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it

IT 109

NSA: Russian Hackers Exploiting VMware Vulnerability

Data Breach Today

Warning Urges Federal Agencies to Patch Vulnerable Systems Immediately The U.S. National Security Agency is warning that Russian state-sponsored threat actors are attempting to exploit a known vulnerability in several VMware products, according to an alert.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

The NSA Warns That Russia Is Attacking Remote Work Platforms

WIRED Threat Level

A vulnerability in VMWare has prompted a warning that companies—and government agencies—need to patch as soon as possible. Security Security / National Security

OpenText funds 4 million meals this holiday season

OpenText Information Management

2020 has been a most challenging year, and food insecurity has dramatically increased over the last year globally.

Attackers Know Microsoft 365 Better Than You Do

Dark Reading

Users have taken to Microsoft Office 365's tools, but many are unaware of free features that come with their accounts -- features that would keep them safe

109
109

Ransomware Attacks Hitting Vulnerable MySQL Servers

Data Breach Today

Researchers: Attackers Also Selling Access to Over 250,000 Stolen Databases Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations and then demanding payment, according to Guardicore Labs.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware.

The US Used the Patriot Act to Justify Logging Website Users

WIRED Threat Level

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news. Security Security / Security News

Microsoft Warns of Powerful New Adware

Dark Reading

The new adware, dubbed Adrozek, is being distributed by large, well organized threat actors, according to Microsoft research

106
106

Cybersecurity Leadership: Fighting Back Against Fraud

Data Breach Today

CEOS and CISOs on Responding to the Multichannel Fraud Spike Fraud explodes in tough times, and do times come any tougher than they have with COVID-19?

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical

Security Affairs

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues.

Governments on alert after FireEye’s hacking tools stolen in cyber attack

IT Governance

The cyber security giant FireEye announced yesterday that it had been targeted by a sophisticated cyber attack , which resulted in criminals stealing an arsenal of hacking tools.

Penetration Testing: A Road Map for Improving Outcomes

Dark Reading

As cybersecurity incidents gain sophistication, to ensure we are assessing security postures effectively, it is critical to copy real-world adversaries' tools, tactics, and procedures during testing activities