Sat.Sep 05, 2020 - Fri.Sep 11, 2020

Cyber Incidents Disrupt More Schools

Data Breach Today

Districts in Connecticut, Florida Among the Latest Targets The start of classroom instruction at Hartford Public Schools in Connecticut was canceled Tuesday as a result of a ransomware attack - the latest in a series of cyber incidents to disrupt schools this fall.

Russian Indicted in Tesla Ransom Scheme

Data Breach Today

Faces Five Years in Prison If Convicted in Connection With Thwarted Scam A federal grand jury has formally indicted a Russian national in connection with a thwarted attempt at stealing corporate data from electric vehicle manufacturer Tesla so it could be used to extort a $4 million ransom

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Building human-centered AI

DXC

For all the hype and excitement surrounding artificial intelligence right now, the AI movement is still in its infancy. The public perceptions of its capabilities are painted as much by science fiction as by real innovation.

IT 87

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Julian Assange Lays Out His Case Against US Extradition

WIRED Threat Level

The argument hinges in part on psychiatrists' testimony that Assange is a high suicide risk. Security Security / Security News

Risk 114

More Trending

Adequacy

Data Protector

In data protection law, transfers of personal data must be safeguarded by written contracts between the parties.

Legality of Security Research to be Decided in US Supreme Court Case

Dark Reading

A ruling that a police officer's personal use of a law enforcement database is "hacking" has security researchers worried for the future

The Best Privacy-Friendly Alternatives to Google Maps

WIRED Threat Level

Google Maps is arguably the easiest mapping service to use, but that doesn't mean it's the most secure. Security Security / Security Advice

Hackers Use Cloud Monitoring Tool to Install Cryptominers

Data Breach Today

Reports: TeamTNT Using Weave Scope Tool to Target Cloud Platforms TeamTNT, a recently uncovered hacking group, is weaponizing Weave Scope, a legitimate cloud monitoring tool, to help install cryptominers in cloud environments, according to reports from Intezer and Microsoft

Cloud 241

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Onna is breaking down how the concept of information governance has evolved and ways today’s businesses can develop a holistic framework to keep up with a rapidly accelerating datasphere.

Decrypting TLS connections with new Raccoon Attack

Security Affairs

Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications.

APT Groups Set Sights on Linux Targets: Inside the Trend

Dark Reading

Researchers see more advanced attack groups creating tools and platforms to target Linux-based devices

105
105

A Florida Teen Shut Down Remote School With a DDoS Attack

WIRED Threat Level

Plus: Predictive policing taken even farther, Amazon surveillance of private Facebook groups, and more of the week’s top security news. Security Security / Security News

99 Ransomware Problems - and a Decryptor Ain't One

Data Breach Today

Criminals Keep Finding New Ways to Make Ransomware Victims Pay With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

FBI issued a second flash alert about ProLock ransomware in a few months

Security Affairs

FBI issued a second flash alert about ProLock ransomware stealing data, four months after the first advisory published by the feds on the same threat. The FBI has issued the 20200901-001 Private Industry Notification about ProLock ransomware stealing data on September 1st.

Next-Gen Firewalls 101: Not Just a Buzzword

Dark Reading

In a rare twist, "next-gen" isn't just marketing-speak when it comes to next-gen firewalls, which function differently than traditional gear and may enable you to replace a variety of devices

Kids' Smartwatches Are a Security Nightmare Despite Years of Warnings

WIRED Threat Level

Five out of six brands tested by researchers would have allowed hackers to track kids—and in some cases eavesdrop on them. Security Security / Cyberattacks and Hacks

Court Dismisses Privacy Case Against Google, Medical Center

Data Breach Today

But Judge Opens the Door to Filing an Amended Complaint A federal judge has dismissed a lawsuit filed last year against Google and the University of Chicago Medicine involving complex privacy and other issues related to the use of patients' de-identified electronic health record data.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Newcastle University infected with DoppelPaymer Ransomware

Security Affairs

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack.

Spear-Phishers Leverage Office 365 Ecosystem to Validate Stolen Creds in Real Time

Dark Reading

New attack technique uses Office 365 APIs to cross-check credentials against Azure Active Directory as victim types them in

94

More on NIST's Post-Quantum Cryptography

Schneier on Security

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection criteria. Interesting stuff. NOTE: We're in the process of moving this blog to Wordpress.

IT 95

US Election Hack Attacks Traced to Russia, China, Iran

Data Breach Today

Microsoft: Democratic and Republican Campaigns Targeted; Most Attacks Blocked Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S.

214
214

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

Visa issued a warning regarding a new credit card JavaScript skimmer, tracked as Baka, that implements new features to evade detection. Visa issued a warning regarding a new e-skimmer known as Baka that removes itself from memory after having exfiltrating payment card details.

Two Years on from GDPR: Has It Driven Growth in Cybersecurity Insurance?

Dark Reading

Whilst GDPR has put the spotlight on data privacy and cyber issues, there are other more prominent trends that are driving a greater take-up of cyber insurance, says Ben Maidment, Class Underwriter - Cyber, Physical & Technology at Brit Insurance

Russia’s Fancy Bear Hackers Are Hitting US Campaign Targets Again

WIRED Threat Level

Microsoft says the GRU hacking group has attacked hundreds of organizations over the past year, many of them tied to the upcoming election. Security Security / Cyberattacks and Hacks

BEC Scam Losses Surge as the Number of Attacks Diminish

Data Breach Today

Cosmic Lynx the First Russian Gang to Enter the BEC Game The average amount stolen in a business email compromise (BEC) scam increased 48% during the second quarter of 2020, however, this transpired as the number of attacks decreased during that period, reports the Anti-Phishing Working Group

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services.

3 Secure Moments: A Tranquil Trio of Security Haiku

Dark Reading

Placid poems to quiet the infosec pro's harried mind. (Or Or placid, by infosec standards

Schneier.com is Moving

Schneier on Security

I'm switching my website software from Movable Type to Wordpress, and moving to a new host. The migration is expected to last from approximately 3 AM EST Monday until 4 PM EST Tuesday. The site will still be visible during that time, but comments will be disabled.

IT 89