Sat.Aug 22, 2020 - Fri.Aug 28, 2020

Iranian Hackers Using LinkedIn, WhatsApp to Target Victims

Data Breach Today

Charming Kitten' Threat Group Continues Impersonating Journalists "Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky.

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

At the height of his cybercriminal career, the hacker known as “ Hieupc ” was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world’s top data brokers.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: Skeptical about buying life insurance online? Here’s how to do it — securely

The Last Watchdog

Purchasing life insurance once meant going to an insurer’s office or booking an appointment with an insurance agent. Then, in most cases, you’d have to undergo a medical examination and wait a few weeks to get approved and complete the whole process. But this scenario doesn’t seem to fit the fast-paced world we live in anymore. Today’s generation is used to getting everything done fast and easy, so life insurance providers had to get with the times and cover all customers’ needs and requirements.

What Is Data Governance? (And Why Your Organization Needs It)

erwin

Organizations with a solid understanding of data governance (DG) are better equipped to keep pace with the speed of modern business. In this post, the erwin Experts address: What Is Data Governance? Why Is Data Governance Important? What Is Good Data Governance?

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

More Ransomware Gangs Threaten Victims With Data Leaking

Data Breach Today

22% of Ransomware Incidents Now Involve Data Exfiltration, Investigators Find Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through.

More Trending

NEW TECH: Trend Micro flattens cyber risks — from software development to deployment

The Last Watchdog

Long before this awful pandemic hit us, cloud migration had attained strong momentum in the corporate sector. As Covid19 rages on, thousands of large to mid-sized enterprises are now slamming pedal to the metal on projects to switch over to cloud-based IT infrastructure. A typical example is a Seattle-based computer appliance supplier that had less than 10 percent of its 5,000 employees set up to work remotely prior to the pandemic. Seattle reported the first Covid19 fatality in the U.S. ,

Risk 122

US Postal Service Files Blockchain Voting Patent

Schneier on Security

The US Postal Service has filed a patent on a blockchain voting method: Abstract: A voting system can use the security of blockchain and the mail to provide a reliable voting system.

Malware-Wielding Extortionists Target Tesla: 8 Takeaways

Data Breach Today

How Many Organizations' Threat Models Feature Russian Criminals Bribing Insiders?

240
240

Confessions of an ID Theft Kingpin, Part II

Krebs on Security

Yesterday’s piece told the tale of Hieu Minh Ngo , a hacker the U.S. Secret Service described as someone who caused more material financial harm to more Americans than any other convicted cybercriminal.

Retail 188

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

MITRE Releases 'Shield' Active Defense Framework

Dark Reading

Free knowledge base offers techniques and tactics for engaging with and better defending against network intruders

109
109

Identifying People by Their Browsing Histories

Schneier on Security

Interesting paper: " Replication: Why We Still Can't Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories ": We examine the threat to individuals' privacy based on the feasibility of reidentifying users through distinctive profiles of their browsing history visible to websites and third parties.

Paper 113

Elon Musk Says Tesla Saved From 'Serious' Ransom Attempt

Data Breach Today

FBI: $4 Million Scheme - Mixing Malware, DDoS and Extortion - Thwarted by Insider Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted.

234
234

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Original post: [link].

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Is China the World's Greatest Cyber Power?

Dark Reading

While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power

IT 107

A Tesla Employee Thwarted an Alleged Ransomware Plot

WIRED Threat Level

Elon Musk confirmed Thursday night that a ransomware gang had approached a Gigafactory employee with alleged promises of a big payout. Security Security / Security News

New Zealand Stock Exchange Trades Again After DDoS

Data Breach Today

Trading Resumes Following Several Days of Difficulties The New Zealand Stock Exchange resumed trading in the early afternoon on Friday after the impacts of distributed denial-of-service disruptions reverberated into a fourth day.

232
232

Elon Musk confirms that Russian hackers tried to recruit Tesla employee to plant a malware

Security Affairs

Elon Musk confirmed that Russian hackers attempted to recruit an employee to install malware into the network of electric car maker Tesla.

Access 105

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

How CISOs Can Play a New Role in Defining the Future of Work

Dark Reading

Rather than just reacting to security issues in the COVID-19 era, CISOs are now in a position to be change agents alongside their C-suite peers

DiceKeys

Schneier on Security

DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and then use an app to convert those dice into a key.

DOJ Seeks to Recover Stolen Cryptocurrency

Data Breach Today

Justice Department: North Korean Hackers Laundered Millions Through Chinese Traders The U.S. Justice Department has filed a civil forfeiture complaint in an effort to recover millions in cryptocurrency from 280 accounts that allegedly was stolen by North Korean hackers.

229
229

FBI arrested a Russian national for recruiting employee of US firm to plant malware

Security Affairs

FBI authorities arrested a Russian national in the U.S. after attempting to recruit an employee at a targeted company to plant a malware.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Deep Fake: Setting the Stage for Next-Gen Social Engineering

Dark Reading

Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs

105
105

Ransomware Has Gone Corporate—and Gotten More Cruel

WIRED Threat Level

The DarkSide operators are just the latest group to adopt a veneer of professionalism—while at the same time escalating the consequences of their attacks. Security Security / Cyberattacks and Hacks

Alert: Vishing Attacks Are Surging

Data Breach Today

FBI, CISA Warn: Hackers Targeting Those Who Are Working at Home The FBI and CISA warn that hackers are increasingly using voice phishing, or vishing, to target employees who are working from home due to the COVID-19 pandemic, steal their credentials and other data and use the information to launch other attacks or to steal financial data.

A Google Drive weakness could allow attackers to serve malware

Security Affairs

A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Large Ad Network Collects Private Activity Data, Reroutes Clicks

Dark Reading

A Chinese mobile advertising firm has modified code in the software development kit included in more than 1,200 apps, maliciously collecting user activity and performing ad fraud, says Snyk, a software security firm

How to Vote by Mail and Make Sure It Counts

WIRED Threat Level

There's a lot going on with the USPS right now. Here's a complete state-by-state guide to how to get your ballot—and when it's due. Security Security / Security Advice

IT 95

Implications for CSOs of Charges Against Joe Sullivan

Data Breach Today

Feds Accuse Former Uber CSO of Covering Up Hacker Attack and Data Breach Federal prosecutors have charged Uber's former CSO, Joe Sullivan, with covering up a hack attack and data breach.