Sat.Jun 13, 2020 - Fri.Jun 19, 2020

Zoom Will Be End-to-End Encrypted for All Users

Schneier on Security

Zoom is doing the right thing : it's making end-to-end encryption available to all users, paid and unpaid. This is a change; I wrote about the initial decision here.).we

What Will Cybersecurity's 'New Normal' Look Like?

Dark Reading

The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Conditional Access – Deployment Best Practices

Daymark

Conditional Access in Azure AD provides a level of security required to maintain appropriate controls over who can access confidential and privileged information.

When Security Takes a Backseat to Productivity

Krebs on Security

“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” ” -CIA’s Wikileaks Task Force. So ends a key section of a report the U.S.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

IT 242

More Trending

Dating Apps Exposed 845GB of Explicit Photos, Chats, and More

WIRED Threat Level

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Security Security / Security News

Delivery Hero Confirms Foodora Data Breach

Data Breach Today

Personal Details on 727,000 Accounts in 14 Countries Leaked Delivery Hero, the online food delivery service, has confirmed a data breach of its Foodora brand.

Turn on MFA Before Crooks Do It For You

Krebs on Security

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen.

IT 249

NEW TECH: Cequence Security’s new ‘API Sentinel’ helps identify, mitigate API exposures

The Last Watchdog

Application Programming Interfaces – APIs. Without them digital transformation would never have gotten off the ground. Related: Defending botnet-driven business logic hacks APIs made possible the astounding cloud, mobile and IoT services we have today. This happened, at a fundamental level, by freeing up software developers to innovate on the fly. APIs have exploded in enterprise use over the past several years.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices.

Even Ethical Hackers Abuse Cloud Services

Data Breach Today

Cloud 245

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

Krebs on Security

For the past year, a site called Privnotes.com has been impersonating Privnote.com , a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read.

Bank Card "Master Key" Stolen

Schneier on Security

South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Hosting Provider Hit With Largest-Ever DDoS Attack

Dark Reading

Likely looking to make a statement, attackers targeted specific websites hosted by a single provider with a 1.44 terabit-per-second distributed denial-of-service attack, according to Akamai

111
111

Google Removes More Than 70 Malicious Chrome Extensions

Data Breach Today

Researchers Find Extensions Could Steal Credentials and Security Tokens Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Security Affairs

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack.

How to Clean Up Your Old Posts on Twitter, Facebook, and Instagram

WIRED Threat Level

These tips and tools will help you scrub your social media profiles clean, or give you a fresh start without giving up your username and followers. Security Security / Privacy

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Most Contact-Tracing Apps Fail Basic Security

Dark Reading

A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques

Gamaredon Group Using Fresh Tools to Target Outlook

Data Breach Today

Suspected Russia-Linked Hackers Have Previously Focused on Ukraine The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET.

AWS mitigated largest DDoS attack ever of 2.3 Tbps

Security Affairs

AWS announced it has mitigated a 2.3 Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Tbps that took place in March 2018. Amazon announced it has mitigated the largest ever DDoS attack of 2.3 Tbps, the news is surprising if we consider that the previous record was of 1.7

Access 109

Ex-Ebay Execs Allegedly Made Life Hell for Critics

WIRED Threat Level

Surveillance. Harassment. A live cockroach delivery. US Attorneys have charged six former Ebay workers in association with an outrageous cyberstalking campaign. Security Security / Security News

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

The Bigger the News, the Bigger the Cyber Threats

Dark Reading

Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging

103
103

Alerts: Vulnerabilities in 6 Medical Devices

Data Breach Today

DHS Warns of Security Issues in Devices from Baxter, BD and Biotronik Federal authorities are sounding the alarm about cybersecurity vulnerabilities in six medical devices from three manufacturers. The device makers are providing risk mitigation advice

New Cisco Webex Meetings flaw allows attackers to impersonate users

Security Affairs

A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information.

Theft of CIA's "Vault Seven" Hacking Tools Due to Its Own Lousy Security

Schneier on Security

The Washington Post is reporting on an internal CIA report about its "Vault 7" security breach: The breach -- allegedly committed by a CIA employee -- was discovered a year after it happened, when the information was published by WikiLeaks, in March 2017.

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Body Cameras Haven't Stopped Police Brutality. Here's Why

WIRED Threat Level

Amid worldwide protests over racism and police violence, lawmakers are once again turning to the devices as a tool for reform. Security Security / Privacy

Claire's: Magecart E-Commerce Hackers Stole Card Data

Data Breach Today

Magecart Gangs Targeting Larger Organizations During Lockdown, Researcher Warns Jewelry retailer Claire's says Magecart attackers hits its e-commerce store, hosted on Salesforce Commerce Cloud, and stole an unspecified number of customers' payment card details.

Retail 245

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

New AcidBox Malware employed in targeted attacks leverages an exploit previously associated with the Russian-linked Turla APT group.