Sat.Apr 25, 2020 - Fri.May 01, 2020

Work-at-Home: The Impact on Security

Data Breach Today

Survey Sizes Up Increased Risks, New Duties for Security Staff The shift to working at home is opening the door to cybersecurity incidents.

Ascending to new heights of CSR

Micro Focus

Today, I am pleased to announce that Micro Focus is joining over 80 companies who have pledged their support to North American-based Ascend’s COVID-19 Action Agenda.

83

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

COVID-19: Stages of Re-Entry Planning

Data Breach Today

Pandemic Expert Regina Phelps on How to Strategize for Life After Quarantine As politicians and protesters argue about the merits and timing of emerging from COVID-19 quarantine, crisis management expert Regina Phelps lays out a 10-step re-entry plan. Her word of counsel: "Caution

183
183

Google found zero-click vulnerabilities in Apple’s multimedia processing components

Security Affairs

Google Project Zero white-hat hackers have disclosed zero-click vulnerabilities affecting multiple Apple operating systems.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

The ADL Calls Out Steam for Giving Extremists a Pass

WIRED Threat Level

The nonprofit has identified hundreds of profiles that espouse hate, with little attempt from the gaming platform to stop them. Security Security / Security News

More Trending

COVIDSafe App Teardown & Panel Discussion

Troy Hunt

I've written a bunch about COVID-19 contact tracing apps recently as they relate to security and privacy, albeit in the form of long tweets.

IT 113

What Is Fleeceware and How Can You Protect Yourself?

WIRED Threat Level

Sneaky developers are charging big bucks for basic apps. Here's how to spot a scam in sheep's clothing. Security / Security News

How Cybercriminals are Weathering COVID-19

Krebs on Security

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors.

Retail 205

Enterprise Security Woes Explode with Home Networks in the Mix

Threatpost

Thanks to WFH, IoT refrigerators, Samsung TVs and more can now be back-channel proxies into the corporate network.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

How Spies Snuck Malware Into the Google Play Store—Again and Again

WIRED Threat Level

Malicious Android apps from the so-called PhantomLance campaign targeted hundreds of users, and at least two slipped past Google's defenses. Security Security / Cyberattacks and Hacks

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

It can be argued that we live in a cloud-mobile business environment. Related: The ‘shared responsibility’ burden Most organizations are all caught up, to one degree or another, in migrating to hybrid cloud networks. And startups today typically launch with cloud-native IT infrastructure. Mobile comes into play everywhere. Employees, contractors, suppliers and customers consume and contribute from remote locations via their smartphones.

Risk 159

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials.

Securing Internet Videoconferencing Apps: Zoom and Others

Schneier on Security

The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this.

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

RDP brute-force attacks rocketed since beginning of COVID-19

Security Affairs

The number of RDP brute-force attacks is skyrocketing in mid-March due to remote working imposed during the COVID-19 pandemic. Researchers from Kaspersky Lab are observing a significant increase in the number of RDP brute-force attacks since the beginning of the COVID-19 pandemic.

Ransomware: Average Business Payout Surges to $111,605

Data Breach Today

Would You Have Fallen for This Phone Scam?

Krebs on Security

You may have heard that today’s phone fraudsters like to use use caller ID spoofing services to make their scam calls seem more believable.

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

As coronavirus-themed cyber attacks ramp up, consumers and companies must practice digital distancing to keep themselves protected. Related: Coronavirus scams leverage email As we get deeper into dealing with the coronavirus outbreak, the need for authorities and experts to communicate reliably and effectively with each other, as well as to the general public, is vital. That, of course, presents the perfect environment for cybercrime that pivots off social engineering.

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Me on COVID-19 Contact Tracing Apps

Schneier on Security

I was quoted in BuzzFeed: "My problem with contact tracing apps is that they have absolutely no value," Bruce Schneier, a privacy expert and fellow at the Berkman Klein Center for Internet & Society at Harvard University, told BuzzFeed News.

IT 114

10 Ransomware Strains Being Used in Advanced Attacks

Data Breach Today

Advanced Hackers Continue to Linger in Breached Networks for Weeks or Months Many attackers continue to camp out in networks for months, conducting reconnaissance and stealing sensitive data before unleashing ransomware.

Fake Microsoft Teams Emails Phish for Credentials

Dark Reading

Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says

SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

The Last Watchdog

It’s difficult to convey the scope and scale of cyber attacks that take place on a daily basis, much less connect the dots between them. Related: The Golden Age of cyber spying A new book by Dr. Chase Cunningham — Cyber Warfare – Truth, Tactics, and Strategies — accomplishes this in a compelling, accessible way. Cunningham has the boots-on-the-ground experience and storytelling chops to pull this off.

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

Cybercriminals Are Exploiting the Covid-19 Pandemic

Adam Levin

Cybercriminals are actively targeting Covid-19 hotspots with malware and phishing campaigns, according to a new report from Bitdefender.

Phishing Campaigns Target Senior Executives via Office 365

Data Breach Today

Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB.

COVID-19 disinformation and misinformation campaigns continue to proliferate

Security Affairs

COVID-19 disinformation and misinformation campaigns continue to proliferate around the world, with potentially harmful consequences for society.

BEST PRACTICES: How testing for known memory vulnerabilities can strengthen DevSecOps

The Last Watchdog

DevOps wrought Uber and Netflix. In the very near future DevOps will help make driverless vehicles commonplace. Related: What’s driving ‘memory attacks’ Yet a funny thing has happened as DevOps – the philosophy of designing, prototyping, testing and delivering new software as fast as possible – has taken center stage. Software vulnerabilities have gone through the roof.

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

User-Friendly Cybersecurity: Is a Better UX the Key to a Better Defense?

Dark Reading

Frictionless security, improved interfaces, and more usable design may improve the efficacy of security tools and features (and make life easier for users and infosec pros alike). So why has there been so much resistance

Contact-Tracing App Privacy: Apple, Google Refuse to Budge

Data Breach Today

Germany Changes Tack to Decentralized Model; Some US States Seek More Control Apple and Google have promised to help facilitate contact-tracing apps, but they've rejected calls to give users' location data to governments, as the U.K., France and some U.S. states are demanding.

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities.