Sat.Feb 22, 2020 - Fri.Feb 28, 2020

The Need for a 'Collective Defense'

Data Breach Today

Former NSA Director and Others Stress Collaboration Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights

5 Ways to Up Your Threat Management Game

Dark Reading

Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management

IT 85

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How to develop a robust cyber security policy

IT Governance

Technological defences and staff training are two of the most frequently touted measures for preventing data breaches, but their effectiveness is dependent on the way organisations implement them. That means creating a detailed cyber security policy. What is a cyber security policy?

FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data

Krebs on Security

The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

CISA's Krebs: 2016 US Elections Were Cyber 'Sputnik' Moment

Data Breach Today

Cybersecurity Agency Ranks Election Security and Ransomware as Biggest Threats The 2016 U.S.

More Trending

6 Truths About Disinformation Campaigns

Dark Reading

Disinformation goes far beyond just influencing election outcomes. Here's what security pros need to know

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware.

IT 176

Israeli Marketing Company Exposes Contacts Database

Data Breach Today

Data includes Names, Addresses, Email Addresses, Phone Numbers An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based

How a Hacker's Mom Broke Into a Prison—and the Warden's Computer

WIRED Threat Level

Security analyst John Strand had a contract to test a correctional facility’s defenses. He sent the best person for the job: his mother. Security Security / Cyberattacks and Hacks

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

7 Tips to Improve Your Employees' Mobile Security

Dark Reading

Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them

Risk 114

Zyxel Fixes 0day in Network Storage Devices

Krebs on Security

Patch comes amid active exploitation by ransomware gangs. Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them.

IoT 169

5G Security: Former DHS Leader and Huawei CSO Offer Views

Data Breach Today

Chertoff Wants to Boost Huawei's Competitors; Huawei's Purdy Calls for More Transparency In interviews at RSA 2020, former Department of Homeland Security Secretary Michael Chertoff and Andy Purdy, CSO for Huawei USA, offer different points of view on 5G security

Joker malware still able to bypass Google Play Store checks

Security Affairs

The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts.

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps

Dark Reading

Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you

Cloud 113

Firefox Enables DNS over HTTPS

Schneier on Security

This is good news : Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted.

Ransomware Attacks Growing More Targeted and Professional

Data Breach Today

McAfee's John Fokker Charts the Increasingly Advanced Cybercrime Service Economy Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.

ISS reveals malware attack impacted parts of the IT environment

Security Affairs

ISS , the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide.

IT 113

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

New Trickbot Delivery Method Focuses on Windows 10

Dark Reading

Researchers discover attackers abusing the latest version of the remote desktop ActiveX control class introduced for Windows 10

111
111

Why I Didn’t Join a Software Company

Weissman's World

If I heard it once, I heard it a dozen times since announcing my move to Valora Technologies the other week: “So, you’re going to work for a software company!” To which my response has been, “Kind of, but not really.”

IT 156

FBI Makes Arrest in DDoS Attack on Candidate's Website

Data Breach Today

Congressional Candidate Targeted in 2018, Authorities Say The FBI has arrested a suspect who's charged in connection with waging distributed denial-of-service attacks against the campaign website of an unsuccessful 2018 Democratic candidate for the U.S. House in California

215
215

Google removed nearly 600 apps from the Play Store for ad policy violation

Security Affairs

Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies.

Access 113

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

How to Prevent an AWS Cloud Bucket Data Leak

Dark Reading

Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story

Newly Declassified Study Demonstrates Uselessness of NSA's Phone Metadata Program

Schneier on Security

The New York Times is reporting on the NSA's phone metadata program, which the NSA shut down last year: A National Security Agency system that analyzed logs of Americans' domestic phone calls and text messages cost $100 million from 2015 to 2019, but yielded only a single significant investigation, according to a newly declassified study.

RSA President Rohit Ghai on 'The Human Element'

Data Breach Today

CISOs Need to Share Their Success Stories While the cybersecurity industry has increasingly focused on the roles artificial intelligence and machine learning can play in thwarting attacks, the humans behind the algorithms remain both points of strength and weakness, says RSA President Rohit Ghai, who keynoted the RSA 2020 conference on Tuesday.

Hunting the coronavirus in the dark web

Security Affairs

Let me share with you the result of a one-night long analysis of major black marketplaces searching for anything related to the coronavirus epidemic.

Sales 111

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

Kr00k Wi-Fi Vulnerability Affected a Billion Devices

Dark Reading

Routers and devices with Broadcom and Cypress Wi-Fi chipsets could be forced to sometimes use encryption keys consisting of all zeroes. Now patched, the issue affected a billion devices, including those from Amazon, Apple, Google, and Samsung

Russia Is Trying to Tap Transatlantic Cables

Schneier on Security

The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe.

Experts Warn: Targeted Ransomware Attacks to Surge

Data Breach Today

McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.