Sat.Oct 24, 2020 - Fri.Oct 30, 2020

How to Mitigate P2P Payment Fraud

Data Breach Today

2 Experts Discuss Selecting the Right Technologies Validating identity across every digital channel is essential to track money movement information and help control P2P payment fraud, two fraud-fighting experts say

159
159

Microsoft's Kubernetes Threat Matrix: Here's What's Missing

Dark Reading

With a fuller picture of the Kubernetes threat matrix, security teams can begin to implement mitigation strategies to protect their cluster from threats

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How to Clean Up Your Digital History

WIRED Threat Level

There are plenty of reasons to declutter your online traces. Here's how to tidy up. Security Security / Security Advice

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

FBI on Election: "There's Going to be a Lot of Noise"

Data Breach Today

FBI's Elvis Chan on What to Expect Before - and After - Nov. 3 Election FBI agent Elvis Chan has dedicated his past four years to ensuring U.S. election security. With the Nov.

More Trending

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Security Affairs

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams.

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S.

US Treasury Sanctions Russian Entity Over Triton Malware

Data Breach Today

Officials Have Also Slapped Sanctions on Iran Over Disinformation The Treasury Department has issued sanctions against a Russian research institute that U.S. officials now claim helped deploy Triton, a destructive malware designed to damage industrial control systems.

212
212

IMSI-Catchers from Canada

Schneier on Security

Gizmodo is reporting that Harris Corp.

Sales 109

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Google discloses unpatched Windows zero-day exploited in the wild

Security Affairs

Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation.

Access 108

Google Mending Another Crack in Widevine

Krebs on Security

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management (DRM) technology used by online streaming sites like Disney , Hulu and Netflix to prevent their content from being pirated.

New Online Platform Coordinates IoT Bug Reports

Data Breach Today

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices.

IoT 204

A Navy SEAL, a Quadcopter, and a Quest to Save Lives in Combat

WIRED Threat Level

On the battlefield, any doorway can be a death trap. A special ops vet, and his businessman brother, have built an AI to solve that problem. Security Security / National Security

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Enel Group suffered the second ransomware attack this year

Security Affairs

Multinational energy company Enel Group has been hit by Netwalker ransomware operators that are asking a $14 million ransom. Systems at the multinational energy company Enel Group has been infected with Netwalker ransomware , it is the second ransomware attack suffered by the energy giant this year.

Hackers Make Off With Millions From Wisconsin Republicans

Dark Reading

According to the Wisconsin Republican Party, thieves used altered invoices to make off with $2.3 million in election funds

103
103

Fraudsters Alter Election Phishing Scam

Data Breach Today

Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.

The Unsinkable Maddie Stone, Google's Bug-Hunting Badass

WIRED Threat Level

The Project Zero reverse engineer shuts down some of the world's most dangerous exploits—along with antiquated hacker stereotypes. Security Security / Security News

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Is the Abaddon RAT the first malware using Discord as C&C?

Security Affairs

Abaddon is the first RAT that uses the freeware instant messaging and VoIP app and digital distribution platform Discord as a command & control server.

Ransomware Wave Targets US Hospitals: What We Know So Far

Dark Reading

A joint advisory from the CISA, FBI, and HHS warns of an "increased and imminent" threat to US hospitals and healthcare providers

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Data Breach Today

Researchers: 'Katana' Features Many Enhancements A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab

IoT 201

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

WIRED Threat Level

As Covid-19 infections spike in many parts of the US, malware gangs are wreaking havoc on the health care system. Security Security / Cyberattacks and Hacks

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia.

Cybercriminals Extort Psychotherapy Patients Following Vastaamo Breach

Dark Reading

An attacker is running a Tor site to leak the session notes of 300 patients at Vastaamo, a Finnish psychotherapy facility

103
103

100,000 Windows Devices Still Exposed to SMBGhost Flaw

Data Breach Today

COVID-19 Distractions May Have Delayed Patching, Experts Say Almost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers.

The Legal Risks of Security Research

Schneier on Security

Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.”

Risk 95

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Ransomware attack disabled Georgia County Election database

Security Affairs

A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots.

JavaScript Obfuscation Moves to Phishing Emails

Dark Reading

Attackers are hiding malicious payloads in phishing emails via a technique traditionally used to hide malicious code planted on websites

Patients Blackmailed 2 Years After a Breach

Data Breach Today

Finnish Mental Health Provider's Clients Threated With Data Exposure Hackers are threatening patients of a Finnish mental health provider with the public release of their sensitive data exposed in a 2018 data breach if they do not pay a ransom.