Sat.Oct 10, 2020 - Fri.Oct 16, 2020

Cybercrime: 12 Top Tactics and Trends

Data Breach Today

From Ransomware and DDoS to Malware and SIM Swapping: Europol Describes Latest Threats Ransomware attacks remain the top cyber-enabled threat seen by law enforcement.

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

The US DHS’s Homeland Threat Assessment (HTA) report revealed that threat actors have targeted the US Census network during the last year. The US Department of Homeland Security revealed that unknown threat actors have targeted the network of the US Census Bureau during the last year.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More BEC Criminal Gangs Are Based in US

Data Breach Today

Agari: US Now Second to Nigeria for Business Email Compromise Fraudsters Business email compromise scams continue to proliferate around the globe, with the U.S.

Breach at Dickey’s BBQ Smokes 3M Cards

Krebs on Security

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week.

Sales 242

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

Dark Reading

At least three campaigns are now underway

More Trending

Health Data Breaches in 2020: Ransomware Incidents Dominate

Data Breach Today

Blackbaud, Magellan Health Incidents Trigger Numerous Breach Notifications Hacking incidents involving ransomware attacks continue to dominate the 2020 health data breach tally, with incidents affecting two companies - Blackbaud and Magellan Health - accounting for numerous breach notifications by their clients.

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

Krebs on Security

Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware.

Google Responds to Warrants for “About” Searches

Schneier on Security

One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal search would be on a name, or IP address, or phone number.

Is it still necessary for data protection laws to have particular processing rules for specific types pf personal data?

Data Protector

I think not. European laws have special rules for the processing of “sensitive data” or “special category data” regardless of the context within which the data will be processed. This has been the case in the UK since the coming into force of the first (1984) Data Protection Act.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

20 Arrested in Money-Laundering Crackdown

Data Breach Today

Group Allegedly Laundered Cash, Cryptocurrency for Other Cybercriminals A international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.

216
216

Microsoft Patch Tuesday, October 2020 Edition

Krebs on Security

It’s Cybersecurity Awareness Month! In keeping with that theme, if you (ab)use Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system.

Cybercrime Losses Up 50%, Exceeding $1.8B

Dark Reading

Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often

107
107

Why have I joined the LinkedIn Data Protection Reform Group?

Data Protector

There is an ongoing debate on the rights that data controllers should have, compared with the rights that private individuals should have. There’s also an ongoing debate on what role our national Data Protection supervisory authority should play in developing and enforcing privacy laws.

GDPR 156

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

For Sale: 3 Million Cards Used at Dickey's Barbeque Pit

Data Breach Today

Joker's Stash Darknet Marketplace Offering Payment Cards Used at Franchise Restaurants The Joker's Stash darknet marketplace has posted a fresh collection of 3 million credit cards that are likely related to a breach of the Dickey's Barbecue Pit chain of franchised restaurants, according to Gemini Advisory.

Sales 213

Tyler Technologies finally paid the ransom to receive the decryption key

Security Affairs

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector.

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Schneier on Security

Earlier this month, we learned that someone is disrupting the TrickBot botnet network.

Twitter Hack Analysis Drives Calls for Greater Security Regulation

Dark Reading

New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

US Warns: Hackers Chaining Zerologon, Other Vulnerabilities

Data Breach Today

CISA Says APTs Gained Access to State and Local Election Support Systems CISA is warning that sophisticated hacking groups are chaining vulnerabilities together, such as the recent Zerologon bug along with other flaws, to target state and local government networks.

Access 212

Carnival confirms data breach as a result of the August ransomware attack

Security Affairs

Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the august ransomware attack.

The Man Who Speaks Softly—and Commands a Big Cyber Army

WIRED Threat Level

Meet General Paul Nakasone. He reined in chaos at the NSA and taught the US military how to launch pervasive cyberattacks. And he did it all without you noticing. Security Security / National Security Backchannel

Academia Adopts Mitre ATT&CK Framework

Dark Reading

Security pros and academic researchers discuss the best ways to use MITRE's framework to inform cybersecurity efforts, analyze threats, and teach future workers

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Microsoft, Others Dismantle Trickbot Botnet

Data Breach Today

Court Order Enables Takedown of Servers to Disrupt Malware, Protect Election Microsoft collaborated with cybersecurity companies and government agencies to take down the million-device Trickbot botnet in an effort to help protect the Nov. 3 U.S.

The British government aims at improving its offensive cyber capability

Security Affairs

Britain’s most senior cyber general declared that the UK has implemented an advanced offensive cyberwar capability that could destroy its enemies.

Split-Second ‘Phantom’ Images Can Fool Tesla’s Autopilot

WIRED Threat Level

Researchers found they could stop a Tesla by flashing a few frames of a stop sign for less than half a second on an internet-connected billboard. Security Security / Cyberattacks and Hacks

What's Really Happening in Infosec Hiring Now?

Dark Reading

As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Analysis: Will Trickbot Takedown Impact Be Temporary?

Data Breach Today

Experts Weigh in on the Effects of Actions by Microsoft and Others to Disable Botnet Despite the takedown of the Trickbot botnet by Microsoft and others Monday, the malware is still functioning, and its operators retain the tools needed to rebuild their malicious network, some cybsersecurity experts say.

IT 202

Google researcher found BleedingTooth flaws in Linux Bluetooth

Security Affairs

Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks.

Internet Freedom Has Taken a Hit During the Covid-19 Pandemic

WIRED Threat Level

From arrests to surveillance, governments are using the novel coronavirus as cover for a crackdown on digital liberty. Security Security / Privacy