Sat.Jan 18, 2020 - Fri.Jan 24, 2020

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

Cyberattacks are becoming more prevalent, and their effects are becoming more disastrous. To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities.

Cybersecurity Lessons Learned from 'The Rise of Skywalker'

Dark Reading

They're especially relevant regarding several issues we face now, including biometrics, secure data management, and human error with passwords

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybercrime Statistics in 2019

Security Affairs

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021.

IoT 109

How Cybercriminals Are Converting Cryptocurrency to Cash

Data Breach Today

Report: Methods Make Payments Difficult to Track Cybercriminals are using increasingly sophisticated methods to turn illicitly gained cryptocurrency into cash, which raises new concerns about enforcing anti-money laundering laws, according a report by Chainalysis

158
158

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Ethical Use of Data for Training Machine Learning Technology - Part 1

AIIM

This is the first part of a 3-part series on the Ethical Use of Data for Training Machine Learning Technology by guest authors Andrew Pery and Michael Simon. Part 1: Bad Things Can Come from Non-neutral Technology. AI technology is becoming pervasive , impacting virtually every facet of our lives.

More Trending

DDoS Mitigation Firm Founder Admits to DDoS

Krebs on Security

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others. Tucker Preston , 22, of Macon, Ga.,

FBI Warns: Beware of Spoofed Job Application Portals

Data Breach Today

Fraudsters Targeting Personal Information, Including Payment Card Details The FBI's Internet Crime Complaint Center has issued an alert warning that fraudsters are using spoofed job application portals and websites to steal personal information, including payment card details, from would-be applicants.

239
239

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Security Affairs

Danish security researcher Ollypwn has released DOS exploit PoC for critical vulnerabilities in the Windows RDP Gateway.

HSMs: Facilitating Key Management in a Hybrid Cloud Environment

Thales eSecurity

Organizations are actively working to prevent data breaches by encrypting their sensitive information. Encryption isn’t a foolproof security measure, however.

ROT 113

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Does Your Domain Have a Registry Lock?

Krebs on Security

If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it.

Emotet Malware Alert Sounded by US Cybersecurity Agency

Data Breach Today

Must-Have Defenses Include Detecting Infections and Lateral Movement, CISA Says Emotet malware alert: The U.S.

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. .

Technical Report of the Bezos Phone Hack

Schneier on Security

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Apple Addresses iPhone 11 Location Privacy Concern

Krebs on Security

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month. Beta versions of iOS 13.3.1

Hackers Target European Energy Firm: Researchers

Data Breach Today

Report Says Group Tied to Iran Could Be Involved Hackers who may have ties to Iran have recently turned their attention to the European energy sector, using open source tools to target one firm's network as part of an cyberespionage operation, according to the security firm Recorded Future

The Mystery of Fbot

Security Affairs

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client.

7 Steps to IoT Security in 2020

Dark Reading

There are important steps security teams should take to be ready for the evolving security threats to the IoT in 2020

IoT 109

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Types of Data Models: Conceptual, Logical & Physical

erwin

There are three different types of data models: conceptual, logical and physical, and each has a specific purpose. Conceptual Data Models: High-level, static business structures and concepts. Logical Data Models: Entity types, data attributes and relationships between entities.

Sales 104

Maryland Considers Criminalizing Ransomware Possession

Data Breach Today

Some Question Whether Such a Law Would Prove Effective Maryland lawmakers are considering a bill that would make possession of ransomware a crime punishable by up to 10 years in prison, similar to moves at least two other states have already made. But is such legislation effective

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Dark Reading

Attackers 'weaponized' Active Directory to spread the ransomware

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Half a Million IoT Device Passwords Published

Schneier on Security

It's a list of easy-to-guess passwords for IoT devices on the Internet as recently as last October and November.

Microsoft Warns of Zero-Day Internet Explorer Exploits

Data Breach Today

Patch Promised for Flaw Allegedly Exploited by 'DarkHotel' APT Gang Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being actively exploited by in-the-wild attackers, and issued mitigation guidance in the meantime.

IT 197

NK CARROTBALL dropper used in attacks on U.S. Govn Agency

Security Affairs

A US Government agency was hit with a phishing attack attempting to deliver a new malware dropper dubbed CARROTBALL. Security experts at Palo Alto Networks have uncovered a new malware dropper called CARROTBALL that was used in targeted attacks against a U.S.

New Social Engineering Event to Train Business Pros on Human Hacking

Dark Reading

The DEF CON Social Engineering Capture the Flag contest inspired a new event aimed at teaching both security and non-security professionals on the fine art of hacking human behavior

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained

Schneier on Security

This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

Treasury Wants to Collect More Cyber Risk Details From Banks

Data Breach Today

Agency Wants to Gather More Data to Support Security of Financial Infrastructure The U.S. Treasury Department is proposing to collect more information from banks and financial markets about the cybersecurity risks they face to help ensure the security of financial infrastructure

Risk 195

NIST releases version 1.0 of the Privacy Framework

Security Affairs

The NIST released version 1.0 of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. The National Institute of Standards and Technology (NIST) has published the release version 1.0 of its privacy framework.

Risk 100