Sat.Jul 17, 2021 - Fri.Jul 23, 2021

The Best Tools for Secure Online Privacy

IG Guru

Since the emergence of the COVID 19 pandemic, most businesses and individuals have embraced remote working. However, with more people working from home, the issue of online privacy has taken precedence.

A New Approach to Finding Cybersecurity Talent: A Conversation with Alan Paller

eSecurity Planet

A group of technology luminaries have launched an effort to find and train a new generation of cybersecurity talent, an effort that will gain steam tomorrow with The Cyber Talent CIO Forum.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Document Processing Vs. Robotic Process Automation

AIIM

The Difference Between Intelligent Document Processing and RPA — Or Is There One? For many businesses, content and data capture tools are highly sought out, particularly in the banking and insurance sectors.

Alert for Ransomware Attack Victims: Here's How to Respond

Data Breach Today

As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Serial Swatter Who Caused Death Gets Five Years in Prison

Krebs on Security

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

More Trending

Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

eSecurity Planet

A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the entire OS altogether.

Congress Focuses on Industrial Control System Security

Data Breach Today

Senate Bill Would Require CISA to Identify and Respond to ICS Threats A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups.

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT 113

Saudi Aramco Says Supplier Leaked Company Data

Data Breach Today

Cybercriminals Reportedly Demanding $50 Million Payment From Oil Giant Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached.

IT 282

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

Peter Levashov, appearing via Zoom at his sentencing hearing today.

Kaseya obtained a universal decryptor for REvil ransomware attack

Security Affairs

The software provider Kaseya announced to have obtained a universal decryptor for the REvil ransomware.

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

Biden Puts a $10M Bounty on Foreign Hackers

WIRED Threat Level

Plus: REvil goes dark, spyware runs amok, and more of the week's top security news. Security Security / Security News

South African Port Operations Disrupted by Cyberattack

Data Breach Today

Transnet, Which Operates the Ports, Is Investigating Incident A massive cyberattack has disrupted container operations at a port in Cape Town, South Africa, and a port in Durban also was affected, Reuters reports

273
273

Your Work Email Address is Your Work's Email Address

Troy Hunt

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read.

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco.

Sales 111

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Commercial Location Data Used to Out Priest

Schneier on Security

A Catholic priest was outed through commercially available surveillance data.

Saudi Aramco Traces Data Leak to Attack on Supplier

Data Breach Today

Extortionists Demand $50 Million - Payable in Monero Cryptocurrency - From Oil Giant Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached.

IT 269

Biden’s Cybersecurity Team Gets Crowded at the Top

WIRED Threat Level

It’s a lot of talent, but the US now has five overlapping roles jockeying for limited budgets, authorities, and bureaucratic victories. Security Security / National Security

LPE flaw in Linux kernel allows attackers to get root privileges on most distros

Security Affairs

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros.

Access 110

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

LastPass: Password Manager Review for 2021

eSecurity Planet

LastPass is password management software that’s been popular among business and personal users since it was initially released in 2008. When it was acquired by LogMeIn Inc. in 2015, it became part of a suite of cloud-based collaboration tools.

Resiliency Is Key to Surviving a CDN Outage

Data Breach Today

Akamai Incident Highlights Risks of Relying on a Single Provider A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems.

Risk 266

Nasty Printer Driver Vulnerability

Schneier on Security

From SentinelLabs , a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines.

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack

Dark Reading

Campbell Conroy & O'Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals

US Blacklists 6 Russian Organizations Over Security Concerns

Data Breach Today

Commerce Department Says Organizations Are Aligned With Russian Intelligence The Department of Commerce is restricting trade with four Russian IT and cybersecurity firms, along with two other entities, over concerns that these organizations pose a threat to U.S. national security

Candiru: Another Cyberweapons Arms Manufacturer

Schneier on Security

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru. From the report : Summary: Candiru is a secretive Israel-based company that sells spyware exclusively to governments.