Sat.Oct 24, 2020 - Fri.Oct 30, 2020

How to Mitigate P2P Payment Fraud

Data Breach Today

2 Experts Discuss Selecting the Right Technologies Validating identity across every digital channel is essential to track money movement information and help control P2P payment fraud, two fraud-fighting experts say

152
152

Microsoft's Kubernetes Threat Matrix: Here's What's Missing

Dark Reading

With a fuller picture of the Kubernetes threat matrix, security teams can begin to implement mitigation strategies to protect their cluster from threats

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How to Clean Up Your Digital History

WIRED Threat Level

There are plenty of reasons to declutter your online traces. Here's how to tidy up. Security Security / Security Advice

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

FBI on Election: "There's Going to be a Lot of Noise"

Data Breach Today

FBI's Elvis Chan on What to Expect Before - and After - Nov. 3 Election FBI agent Elvis Chan has dedicated his past four years to ensuring U.S. election security. With the Nov.

More Trending

A Navy SEAL, a Quadcopter, and a Quest to Save Lives in Combat

WIRED Threat Level

On the battlefield, any doorway can be a death trap. A special ops vet, and his businessman brother, have built an AI to solve that problem. Security Security / National Security

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S.

New Online Platform Coordinates IoT Bug Reports

Data Breach Today

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices.

IoT 243

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Security Affairs

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Survey Uncovers High Level of Concern Over Firewalls

Dark Reading

More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology

113
113

Google Mending Another Crack in Widevine

Krebs on Security

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management (DRM) technology used by online streaming sites like Disney , Hulu and Netflix to prevent their content from being pirated.

Fraudsters Alter Election Phishing Scam

Data Breach Today

Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia.

How to Build Customer-Centric Products With Fast Feedback Loops

Check out our latest guide and learn the benefits of fast feedback loops and how you can use them to inform your product decisions, so you can confidently build products that meet your customers’ needs.

The Unsinkable Maddie Stone, Google's Bug-Hunting Badass

WIRED Threat Level

The Project Zero reverse engineer shuts down some of the world's most dangerous exploits—along with antiquated hacker stereotypes. Security Security / Security News

Ransomware Wave Targets US Hospitals: What We Know So Far

Dark Reading

A joint advisory from the CISA, FBI, and HHS warns of an "increased and imminent" threat to US hospitals and healthcare providers

Microsoft: Iranian Hackers Targeted Security Experts

Data Breach Today

Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

Microsoft researchers are warning that threat actors are continuing to actively exploit the ZeroLogon vulnerability in attacks in the wild. Microsoft is warning that threat actors are actively exploiting the ZeroLogon vulnerability in the Netlogon Remote Protocol.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

WIRED Threat Level

As Covid-19 infections spike in many parts of the US, malware gangs are wreaking havoc on the health care system. Security Security / Cyberattacks and Hacks

MITRE Shield Matrix Highlights Deception & Concealment Technology

Dark Reading

The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today's security landscape

Post-Election Cyber Disruptions: What to Expect

Data Breach Today

The latest edition of the ISMG Security Report features a discussion with FBI Agent Elvis Chan on the cyber disruptions to expect immediately after the Nov. 3 U.S. election. Also featured: smart lock security flaws; cryptocurrency-funded crimes in 2021

Google discloses unpatched Windows zero-day exploited in the wild

Security Affairs

Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation.

Access 111

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

IMSI-Catchers from Canada

Schneier on Security

Gizmodo is reporting that Harris Corp.

Sales 110

Cybercriminals Extort Psychotherapy Patients Following Vastaamo Breach

Dark Reading

An attacker is running a Tor site to leak the session notes of 300 patients at Vastaamo, a Finnish psychotherapy facility

112
112

Updated Malware Tied to Russian Hackers

Data Breach Today

2 Hacking Groups Target Government Agencies U.S Cyber Command and the Cybersecurity and Infrastructure Security Agency have issued warnings about two Russian hacking groups that are using updated malware to target government agencies around the world

Operation Earth Kitsune: hackers target the Korean diaspora

Security Affairs

Experts uncovered a new watering hole attack, dubbed Operation Earth Kitsune , targeting the Korean diaspora that exploits flaws in web browsers.

Remote Testing and Feedback: The Key to Customer Empathy

Remote testing and feedback is the key to customer empathy. Through remote qualitative testing, you can uncover and understand how real people respond to your products and experiences.

Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition

Schneier on Security

Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names.

103
103

Hackers Make Off With Millions From Wisconsin Republicans

Dark Reading

According to the Wisconsin Republican Party, thieves used altered invoices to make off with $2.3 million in election funds

111
111

Patients Blackmailed 2 Years After a Breach

Data Breach Today

Finnish Mental Health Provider's Clients Threated With Data Exposure Hackers are threatening patients of a Finnish mental health provider with the public release of their sensitive data exposed in a 2018 data breach if they do not pay a ransom.