Sat.Oct 17, 2020 - Fri.Oct 23, 2020

How AI Will Supercharge Spear-Phishing

Dark Reading

To keep pace with intelligent, unpredictable threats, cybersecurity will have to adopt an intelligent security of its own

Trickbot Rebounds After 'Takedown'

Data Breach Today

CrowdStrike: Botnet's Activity Has Already Picked Up The recent "takedown" of Trickbot by Microsoft and others had only a temporary effect; the botnet's activity levels have already rebounded, according to Crowdstrike and other security firms

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Facebook Promises Privacy Reform. Critics Aren't Convinced

WIRED Threat Level

In an interview with WIRED, Facebook's chief privacy officers argue that the company has turned a corner. Again. Security Security / Privacy

The Now-Defunct Firms Behind 8chan, QAnon

Krebs on Security

Some of the world’s largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

There is no shortage of innovative cybersecurity tools and services that can help companies do a much better job of defending their networks. Related: Welcome to the CyberXchange Marketplace In the U.S. alone, in fact, there are more than 5,000 cybersecurity vendors. For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

B2B 162

More Trending

NSS Labs Shuttered

Dark Reading

The testing firm's website says it has 'ceased operations' as of Oct.

IT 114

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

WIRED Threat Level

The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history. Security Security / Cyberattacks and Hacks

Four npm packages found opening shells and collecting info on Linux, Windows systems

Security Affairs

On Thursday, four JavaScript packages have been removed from the npm portal because they have been found containing malicious code. NPM staff removed four JavaScript packages from the npm portal because were containing malicious code.

6 Russians Indicted for Destructive NotPeyta Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Botnet Infects Hundreds of Thousands of Websites

Dark Reading

KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence

Is Climbing the Corporate Ladder Still a Thing?

erwin

Thoughts on erwin Insights Day No. 2 Keynote. If you didn’t watch New York Times Best-Selling Author Keith Ferrazzi’s keynote from erwin Insights 2020 , what are you waiting for?

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry.

Unsecured Voice Transcripts Expose Health Data - Again

Data Breach Today

Researchers Find Pfizer Drug Customer Messages Accessible on Internet For the second time within a week, it's been revealed that sensitive voice messages containing patients' information have been exposed on the internet.

Access 231

How to Build Customer-Centric Products With Fast Feedback Loops

Check out our latest guide and learn the benefits of fast feedback loops and how you can use them to inform your product decisions, so you can confidently build products that meet your customers’ needs.

Cybercriminals Could be Coming After Your Coffee

Dark Reading

Researchers show no IoT device is too small to fall victim to ransomware techniques

IoT 113

Cognitive Technologies White Paper

National Archives Records Express

This post is written by Sharmila Bhatia and Markus Most. We are pleased to announce the release of a white paper on the records management implications of: Internet of Things (IoT) Robotic Process Automation (RPA) Machine Learning (ML) Artificial Intelligence (AI).

Paper 106

Microsoft took down 120 of 128 Trickbot servers in recent takedown

Security Affairs

Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers.

IoT 112

Analysis: Can Russia's Cyber Destruction Appetite Be Curbed?

Data Breach Today

Indictments Are Just a First Step Toward a Crackdown The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

US Treasury Sanctions Russian Institution Linked to Triton Malware

Dark Reading

Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports

113
113

Split-Second Phantom Images Fool Autopilots

Schneier on Security

Researchers are tricking autopilots by inserting split-second images into roadside billboards.

Paper 103

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method.

6 Russians Indicted for NotPeyta Campaign, Other Attacks

Data Breach Today

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

As Smartphones Become a Hot Target, Can Mobile EDR Help?

Dark Reading

Lookout Security debuts a mobile endpoint detection and response offering that will integrate into its mobile security platform

How Police Can Crack Locked Phones—and Extract Information

WIRED Threat Level

A report finds 50,000 cases where law enforcement agencies turned to outside firms to bypass the encryption on a mobile device. Business Business / National Affairs Security

Iran-linked Silent Librarian APT targets universities again

Security Affairs

Iran-linked cyberespionage group Silent Librarian has launched a new phishing campaign aimed at universities around the world. Iran-linked APT group Silent Librarian has launched another phishing campaign targeting universities around the world.

Elite Russian Sandworm Hackers' OPSEC Problem

Data Breach Today

US Indictment Airs Russian Military's Dirty Laundry Although Russia's elite nation-state hackers are capable of waging destructive attacks, the GRU military intelligence Sandworm operators have not been able to remain in the shadows, a U.S. federal grand jury indictment suggests

Remote Testing and Feedback: The Key to Customer Empathy

Remote testing and feedback is the key to customer empathy. Through remote qualitative testing, you can uncover and understand how real people respond to your products and experiences.

Expert Tips to Keep WordPress Safe

Dark Reading

The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level

New Report on Police Decryption Capabilities

Schneier on Security

There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it. This report documents the widespread adoption of MDFTs by law enforcement in the United States.

Fooling self-driving cars by displaying virtual objects

Security Affairs

Researchers from the Ben-Gurion University of the Negev demonstrated how to fool self-driving cars by displaying virtual objects. A group of researchers from the Ben-Gurion University of the Negev demonstrated that it is possible to fool self-driving cars by displaying virtual objects (phantoms).

Paper 110