Sat.Sep 26, 2020 - Fri.Oct 02, 2020

Securing Slack: 5 Tips for Safer Messaging, Collaboration

Dark Reading

Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack

FBI Warns: Credential Stuffing Attacks on the Rise

Data Breach Today

Stolen Credentials, Lack of MFA Leading to Millions in Banking Losses The FBI is warning organizations in the financial sector about an increase in botnet-launched credential stuffing attacks that are leading to the theft of millions.

256
256

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Microsoft: Hacking Groups Shift to New Targets

Data Breach Today

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Image: Shutterstock.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

My (data) fine is enormous

Data Protector

156
156

More Trending

Want Your Coffee Machine Back? Pay a Ransom

Data Breach Today

Research Highlights Danger of Insecure Firmware in Line of Coffee Machines An internet-connected coffee machine is the IoT latest device to show security problems. Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water.

IoT 241

Who’s Behind Monday’s 14-State 911 Outage?

Krebs on Security

Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft ‘s Azure web services platform, which also was struggling with a widespread outage at the time.

Researchers Adapt AI With Aim to Identify Anonymous Authors

Dark Reading

At Black Hat Asia, artificial intelligence and cybersecurity researchers use neural networks to attempt to identify authors, but accuracy is still wanting

Hacking a Coffee Maker

Schneier on Security

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it.

IoT 108

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Universal Health Services' IT Network Crippled

Data Breach Today

Apparent Ransomware Attack Has National Impact A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S. and U.K.

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency

WIRED Threat Level

New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week. Security Security / Cyberattacks and Hacks

Detecting Deep Fakes with a Heartbeat

Schneier on Security

Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face: In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation.

Paper 106

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Fresh Joker Malware Variant Targeting Android Users

Data Breach Today

Dozens of Trojanized Apps Found in Google Play, Third-Party App Stores A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to reports from Zscaler and Zimperium.

219
219

Victims of ThunderX ransomware can recover their files for free

Security Affairs

Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files.

A Guide to the NIST Cybersecurity Framework

Dark Reading

With cybersecurity threats growing exponentially, it has never been more important to put together an efficient cyber-risk management policy, and NIST's framework can help

COVID-19 and Acedia

Schneier on Security

Note: This isn’t my usual essay topic. Still, I want to put it on my blog. Six months into the pandemic with no end in sight, many of us have been feeling a sense of unease that goes beyond anxiety or distress.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Anthem Hit With $48 Million in Additional Breach Penalties

Data Breach Today

Settlements Tied to 2014 Breach Also Require Insurer to Take Security Steps The attorneys general of 42 states plus Washington, D.C., have slapped health insurer Anthem with a $39.5 million settlement in the wake of a 2014 cyberattack that affected nearly 79 million individuals.

Twitter removed around 130 Iranian accounts for interference in US Presidential debate

Security Affairs

Twitter removed around 130 Iranian accounts for attempting to disrupt the public recent US Presidential Debate.

Microsoft: Ransomware & Nation-State Attacks Rise, Get More Sophisticated

Dark Reading

Malware-based attacks are out, phishing is in, along with credential stuffing and business email compromise. Microsoft recommends defensive tactics in its new report on rising threats

Free Remote-Work App: Remote Work Made Easy with erwin WFH Impact Manager

erwin

The erwin WFH (Work From Home) Impact Manager is a remote-work app that provides visibility and intelligence to help remote workers be more productive and process-compliant. The global pandemic is the single most disruptive event in modern times.

Sales 95

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Federal IoT Guidelines Move Closer to Becoming Law

Data Breach Today

IoT Products Would Have to Meet Minimum Security Requirements for Use by Government Legislation that establishes minimum security standards for IoT devices procured by the federal government is moving closer to becoming law.

IoT 211

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware.

Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink'

Dark Reading

With twice as much malware now targeting Macs, IT pros need to scramble to adapt to a large, and likely permanent, work-from-home population, experts say

The Strangest Election Scenario Runs Through Georgia

WIRED Threat Level

There’s a small but real possibility that we won’t know which party controls the Senate until 2021, thanks to a special election and a unique state requirement. Security Security / National Security

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Russian Gets 7-Year Sentence for Hacking LinkedIn, DropBox

Data Breach Today

Prosecutors Say He Stole Millions of Credentials Yevgeniy Nikulin, a Russian national who was found guilty of hacking LinkedIn and DropBox and stealing millions of user credentials, has been sentenced to more than seven years in federal prison

210
210

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware.

CFAA 101: A Computer Fraud & Abuse Act Primer for InfoSec Pros

Dark Reading

From WarGames, to Aaron Swartz, to bug bounties, to Van Buren, here's what cybersecurity researchers should know about the US's primary anti-hacking law before it gets its day in the Supreme Court