Sat.Jun 12, 2021 - Fri.Jun 18, 2021

Malicious PDFs Flood the Web, Lead to Password-Snarfing

Threatpost

SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware. Malware Web Security

How AI is Transforming Data Governance in Today’s World

Security Affairs

How AI is Transforming Data Governance? Consumers are becoming more aware of their rights, making data governance more relevant across organizations. Data governance is a set of standards, metrics, and processes that allow organizations to responsibly use consumer data.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

VPNs and Trust

Schneier on Security

TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies.

Biden Warns Putin of Cyber Retaliation

Data Breach Today

Wants 16 Critical Infrastructure Entities Off-Limits to Attack At their Geneva summit meeting Wednesday, U.S. President Joe Biden told Russian President Vladimir Putin that if Russia continued to wage cyberattacks against the U.S., it would face retaliation

The Top 5 Business Outcomes Companies Can Achieve From Monitoring Consolidation

In this eBook, learn what the top five business outcomes are that organizations see when leveraging Datadog's end-to-end monitoring tool.

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims.

More Trending

Over a billion records belonging to CVS Health exposed online

Security Affairs

Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records.

Union Benefits Administrator Says Data Deleted in Hack

Data Breach Today

Service Employees International Union 775 Benefits Group: PII and PHI Deleted A Seattle-based benefits administrator for unionized home healthcare and nursing home workers has reported a hacking incident affecting 140,000 individuals that involved deleting certain data

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Ukraine Police Disrupt Cl0p Ransomware Operation

Dark Reading

Growing list of similar actions in recent months may finally be scaring some operators into quitting, but threat is far from over, security experts say

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Vigilante malware stops victims from visiting piracy websites

Security Affairs

This strange malware stops you from visiting pirate websites. Sophos researchers uncovered a malware campaign that aims at blocking infected users’ from being able to visit a large number of piracy websites. .

NATO Endorses Cybersecurity Defense Policy

Data Breach Today

Agreement Comes in Advance of Biden Meeting With Putin on Wednesday The U.S. and its NATO allies endorsed a new cybersecurity defense policy during President Biden's visit this week with member states in Brussels.

First American Financial Pays Farcical $500K Fine

Krebs on Security

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years.

How President Biden Can Better Defend the US From Russian Hacks

Dark Reading

Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web

Security Affairs

The MASQ tool could be used by attackers to emulate device fingerprints thus allowing them to bypass fraud protection controls.

Researcher: 1 Billion CVS Health Website Records Exposed

Data Breach Today

Database Contains Website Visitor Activity Logs, But Not Personal Information The discovery of an unsecured database containing over 1 billion records related to CVS Health website visitor activity illustrates yet again how security missteps can potentially leave sensitive data exposed, some security experts say.

DuckDuckGo’s Quest to Prove Online Privacy Is Possible

WIRED Threat Level

The company best known for its search engine is launching a new set of tools aimed at creating an “easy button” for protecting your data online. Security Security / Privacy

VPN Attacks Surged in First Quarter

Dark Reading

But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown

114
114

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Volkswagen discloses data breach, 3.3 million customers impacted

Security Affairs

Volkswagen America discloses a data breach at a third-party vendor that exposed the personal details of more than 3.3 million of its customers. Volkswagen America discloses a data breach suffered by a third-party vendor used by the car vendor for sales and marketing purposes.

Volkswagen, Audi Notify 3.3 Million of Data Breach

Data Breach Today

Data Was Left Unsecured by Unidentified Marketing Services Company Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier.

What You Should Know About Voilá, the Latest Viral Selfie App

WIRED Threat Level

Before you use it to cartoonify your face, consider the risks to your data. Security Security / Privacy

Risk 107

Cyber Analytics Database Exposed 5 Billion Records Online

Dark Reading

In an ironic twist, Cognyte's data alerts customers to third-party data exposures

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Security Affairs

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices.

U.K. Plans for Enhanced Cybersecurity Role

Data Breach Today

Joint Effort with US to Maintain a Black List of Hackers Among Plan proposals The U.K. says it plans to turn the country into a global leader in cybersecurity, in partnership with the U.S, to counter threats ranging from ransomware to critical infrastructure attacks, according to a report by U.K.

TikTok Can Now Collect Biometric Data

Schneier on Security

This is probably worth paying attention to: A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content.

This Week in Database Leaks: Cognyte, CVS, Wegmans

Dark Reading

Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers

108
108

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Poland institutions and individuals targeted by an unprecedented series of cyber attacks

Security Affairs

Poland ‘s government announced that it was targeted by an ‘Unprecedented’ series of cyber attacks, hackers hit against institutions and individuals.

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Data Breach Today

16 Critical Infrastructure Sectors Especially Off Limits - Or Else, President Warns U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit this week, saying that should Russia continue to launch cyberattacks against U.S.

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function.