Sat.Oct 02, 2021 - Fri.Oct 08, 2021

Video Game Streamer 'Twitch' Confirms Massive Data Breach

Data Breach Today

Reports: Platform's Entire Source Code Compromised in 125GB Leak Amazon-owned video streaming service Twitch, which focuses on video games and e-sports broadcasts, reportedly suffered a massive data breach, which the company vaguely confirmed via Twitter.

What Happened to Facebook, Instagram, & WhatsApp?

Krebs on Security

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages.

Sales 269
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

The Last Watchdog

It is no secret that there is, and has been for some time, a shortage of trained cyber security professionals in corporate IT Security teams. The Wharton School of the University of Pennsylvania observed that “nowhere is the workforce-skills gap more pronounced than in cybersecurity.”. Related: Deploying ‘human’ sensors’ According to data gathered by CyberSeek under a Commerce Department grant, there are currently nearly 465,000 unfilled cyber jobs across the US alone.

Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers

Security Affairs

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server.

Monitoring AWS Container Environments at Scale

In this eBook, learn how to monitor AWS container environments at scale with Datadog and which key metrics to monitor when leveraging two container orchestration systems (ECS and EKS).

New File-Locking Malware With No Known Decryptor Found

Data Breach Today

DSCI: Ransomware Alkhal Likely Spread Via Phishing, Malicious URLs The Data Security Council of India has issued an advisory about newly discovered ransomware Alkhal, which uses a strong encryption tool and has no known decryptor to recover lost data. The ransomware was likely discovered on Oct.

More Trending

5 Good Reasons to Hire a Ransomware Recovery Expert

eSecurity Planet

Spending money you hadn’t budgeted to hire experts to clean up an unexpected mess is at the bottom of every manager’s wish list, but in the case of a cyber attack as damaging as ransomware , turning incident response over to a pro may be the best thing you can do.

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage.

Retail 104

Medtronic Insulin Pump Devices Recalled Due to Serious Risks

Data Breach Today

FDA Warns Exploitation of Security Flaw Could Cause Death The Food and Drug Administration on Tuesday issued a warning notifying patients that medical device maker Medtronic has expanded a recall of remote controllers for certain wireless insulin pumps that were part of an earlier recall.

Risk 268

Top 5 Skills Modern SOC Teams Need to Succeed

Dark Reading

From basic coding to threat hunting, here are five skills modern SOC teams need to successfully navigate the future of high-scale detection and response

100
100

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

How to Recover From a Ransomware Attack

eSecurity Planet

First, we prepare a plan for the possibility, then when a ransomware attack occurs we execute the plan. So easy to say, so difficult to do correctly. To help, we break down the process into the following steps: How to Prepare for Ransomware. Ransomware Response. Simple Ransomware Recovery.

PoC exploit for 2 flaws in Dahua cameras leaked online

Security Affairs

A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to immediately apply updates.

Data Breach Reports Rise as Supply Chain Attacks Surge

Data Breach Today

US Breach Notification Transparency Declining, Identity Theft Resource Center Warns The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns.

Rapid RYUK Ransomware Attack Group Christened as FIN12

Dark Reading

Prolific ransomware cybercrime group's approach underscores a complicated, layered model of cybercrime

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

A surprising 91.5 percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats.

The Netherlands declares war on ransomware operations

Security Affairs

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them.

Hackers Impersonate Amnesty International to Spread Malware

Data Breach Today

Sarwent Malware Can Execute Remote Tasks Fraudsters are impersonating Amnesty International by building a fake site to distribute malware purporting to be an anti-virus tool to protect against the NSO Group's Pegasus tool, according to researchers at Cisco Talos

269
269

New Regulations Are Coming — Get a Handle on Your App Portfolio

Dark Reading

With the realization that any app could be a gateway for a larger attack, there will be more pressure than ever on companies to fully protect their entire application landscape

89

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Best Ransomware Removal and Recovery Services

eSecurity Planet

Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data. And the threat is growing.

LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting

Security Affairs

Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on 07 Oct, 2021. LockBit 2.0 ransomware operators hit the Israeli aerospace and defense firm E.M.I.T.

Cyberattacks Disable IT Networks at 2 Indiana Hospitals

Data Breach Today

Some Patients' Care Previously Postponed Due to COVID-19; What Happens Now? Two Indiana hospitals say their IT systems are disabled as they recover from cyberattacks suffered last week.

IT 261

Mandia Alerted NSA on FireEye's SolarWinds Breach

Dark Reading

"National security" concerns led former CEO Kevin Mandia to call the NSA when FireEye discovered its breach in late 2020

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

A Devastating Twitch Hack Sends Streamers Reeling

WIRED Threat Level

The data breach apparently includes source code, gamer payouts, and more. Security Security / Cyberattacks and Hacks Culture Culture / Video Games

Threat actors exploit a flaw in Coinbase 2FA to steal user funds

Security Affairs

Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw to bypass 2FA authentication.

Nobelium Makes Russia Leader in Cyberattacks

Data Breach Today

Microsoft: 58% of Attacks Reported Worldwide Originated From Russia Microsoft, in its annual threat review report, Digital Defense, says 58% of cyberattacks worldwide over the past year originated in Russia. And 92% of the Russia-based threat activity came from the nation-state threat group Nobeliu

IT 242

CVE Data Is Often Misinterpreted: Here's What to Look For

Dark Reading

Common vulnerabilities and exposures (CVEs) contain actionable details that can help address your security concerns. Here's how to get more from CVE data

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

How to beat ransomware attackers at their own game

IT Governance

Ransomware – malware that aims to prevent victims from accessing their data unless they pay their attackers – seems to be in the news more than ever before.

Facebook, WhatsApp, and Instagram are down worldwide, it’s panic online

Security Affairs

Users worldwide are experiencing problems while accessing Facebook services, including Instagram and WhatsApp. Users worldwide are not able to access Facebook, Instagram, and WhatsApp services due to a BGP problems.

IT 96

Top US Cyber Officials Say Ransomware Is Here to Stay

Data Breach Today

Head of NSA, Cyber Command Says US Will Continue to Battle Ransomware for Years Some of the highest-ranking cybersecurity officials in the U.S.