Sat.May 08, 2021 - Fri.May 14, 2021

3 Cybersecurity Myths to Bust

Dark Reading

Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks

Security at Bay: Critical Infrastructure Under Attack

Security Affairs

The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

What's Google Floc? And How Does It Affect Your Privacy?

WIRED Threat Level

There's a battle raging over how advertisers can target us on the web—or whether they should be able to target us at all. Security Security / Privacy

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Colonial Pipeline Starts Recovery from Ransomware

Data Breach Today

Report: DarkSide Ransomware Gang Infected Fuel Supplier Colonial Pipeline Company has restored smaller pipelines that ship fuels to the U.S. East Coast after a ransomware incident, but its larger ones are still offline as it assesses safety. Citing U.S.

More Trending

85% of Data Breaches Involve Human Interaction: Verizon DBIR

Dark Reading

Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast.

DarkSide's Pipeline Ransomware Hit: Strictly Business?

Data Breach Today

Affiliate-Driven Ransomware-as-a-Service Operations Keep Generating Big Profits "It's not personal. It's strictly business."

RSAC insights: Security Compass leverages automation to weave security deeper into SecOps

The Last Watchdog

In a day and age when the prime directive for many organizations is to seek digital agility above all else, cool new apps get conceived, assembled and deployed at breakneck speed. Related: DHS instigates 60-day cybersecurity sprints. Software developers are king of the hill; they are the deeply-committed disciples pursuing wide open, highly dynamic creative processes set forth in the gospels of DevOps and CI/CD.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

When AI Becomes the Hacker

Dark Reading

Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society

Microsoft Patch Tuesday, May 2021 Edition

Krebs on Security

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users.

FBI: DarkSide Ransomware Used in Colonial Pipeline Attack

Data Breach Today

Company Moves Into Remediation Phase; White House Monitoring Incident The FBI and White House confirmed Monday that the DarkSide ransomware variant was used in the Friday attack that caused disruptions at Colonial Pipeline Co., which operates a pipeline that supplies fuel throughout the eastern U.S.

RSAC insights: How the ‘CIEM’ framework is helping companies manage permissions glut

The Last Watchdog

A permissions glut is giving rise to an explosion of new exposures in modern business networks. Related: Securing digital identities. Companies are adopting multi-cloud and hybrid cloud infrastructures and relying on wide-open app development like never before. In doing so, permissions to make myriad software connections are proliferating. Taken together these man-to-machine and machine-to-machine connections result in cool new digital services.

Cloud 135

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet.

Fintech Startup Offers $500 for Payroll Passwords

Krebs on Security

How much is your payroll data worth? Probably a lot more than you think.

US and UK Issue Joint Alert on Russian Cyber Activity

Data Breach Today

SVR's TTPs and General Tradecraft Detailed U.S. and U.K.

212
212

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

The Last Watchdog

The value of sharing threat intelligence is obvious. It’s much easier to blunt the attack of an enemy you can clearly see coming at you. Related: Supply chains under siege. But what about trusted allies who unwittingly put your company in harm’s way? Third-party exposures can lead to devastating breaches, just ask any Solar Winds first-party customer. So could sharing intelligence about third-party suppliers help?

Risk 136

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

Adobe Issues Patch for Acrobat Zero-Day

Dark Reading

The vulnerability is being exploited in limited attacks against Adobe Reader users on Windows

114
114

Threat actors added thousands of Tor exit nodes to carry out SSL stripping attacks

Security Affairs

Since early 2020, bad actors have added Tor exit nodes to the Tor network to intercep traffic to cryptocurrency-related sites.

Access 114

Colonial Pipeline Restarts Operations Following Attack

Data Breach Today

Company Says It Will Take Several Days to Restore Supply Chain Colonial Pipeline Co. announced Wednesday that it had restarted its operations following a ransomware attack last Friday. The company says it will take several days to restore all of its supply chain operations

RSAC insights: Sophos report dissects how improved tools, tactics stop ransomware attack

The Last Watchdog

A new report from Sophos dissects how hackers spent two weeks roaming far-and-wide through the modern network of a large enterprise getting into a prime position to carry out what could’ve been a devasting ransomware attack. Related: DHS embarks on 60-day cybersecurity sprints. This detailed intelligence about a ProxyLogon-enabled attack highlights how criminal intruders are blending automation and human programming skills to great effect.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Colonial Pipeline Cyberattack: What Security Pros Need to Know

Dark Reading

As the massive US pipeline operator works to restore operations after a DarkSide ransomware attack late last week, experts say it's a cautionary tale for critical infrastructure providers

Newly Unclassified NSA Document on Cryptography in the 1970s

Schneier on Security

This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “ New Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era ,” Cryptographic Quarterly , Spring 1996, author still classified.

FOIA 113

DarkSide Ransomware Gang Says It Has Shut Down

Data Breach Today

Colonial Pipeline Attack Used DarkSide Malware The gang behind DarkSide ransomware, which U.S. authorities say was used in the attack against Colonial Pipeline Co., says it's closed its ransomware-as-a-service operation after losing access to part of its infrastructure

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

The Last Watchdog

It’s accurate to say that security has been bolted onto modern business networks. It also has become very clear that we won’t achieve the full potential of digital transformation without security somehow getting intricately woven into every layer of corporate IT systems. We’re still a long way from achieving that, but a promising roadmap has emerged.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Chart: Cybersecurity Now a Top Corporate Priority

Dark Reading

Majority of global IT decision makers say cybersecurity is extremely or more important now than it was pre-pandemic, according to Cisco

The Colonial Pipeline Hack Is a New Extreme for Ransomware

WIRED Threat Level

An attack has crippled the company’s operations—and cut off a large portion of the East Coast’s fuel supply—in an ominous development for critical infrastructure. Security Security / Cyberattacks and Hacks

Colonial Restarts Operations Following Ransomware Attack

Data Breach Today

Company Says It Will Take Several Days for Supply Chain to Return to Normal Colonial Pipeline on Wednesday announced that the company had restarted its operations following a ransomware attack last week.