Sat.Jun 06, 2020 - Fri.Jun 12, 2020

Honda Confirms Hack Attack Disrupted Global Production

Data Breach Today

Ransomware Is the Likely Culprit, Security Experts Say Japanese auto giant Honda has confirmed that it sustained a hack attack earlier this week that has affected production operations at several of its global facilities, including plants in the U.S., Japan, Turkey and Italy. Security researchers suspect ransomware is the likely culprit

Safeguard Your Remote Workforce

Dark Reading

DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

3 Ways the Pandemic Will Affect Enterprise Security in the Future

Dark Reading

While CISOs have been focused on immediate threats, it's time to look ahead to what a post-COVID-19 future will look like

IT 70

Will Vote-by-App Ever Be Safe?

Dark Reading

Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

7 Ransomware Trends: Gangs Join Forces, Decryptors Improve

Data Breach Today

Can't Stop the Crypto-Locking Malware Attacks? Criminals Keep Hitting Big Targets Ransomware gangs continue to innovate: Recently, reports have emerged of collaboration between the Maze and Lockbit gangs, and REvil not just leaking stolen data for free, but auctioning it off to the highest bidder. On the upside, however, security firms continue to release free decryptors for some strains

More Trending

Report: Tycoon Ransomware Targets Windows, Linux Systems

Data Breach Today

Attacks Targeting Education and Software Companies Started in December 2019 A sophisticated strain of ransomware called Tycoon has been selectively targeting education and software companies since December 2019, according to a joint report released by BlackBerry and KPMG. Due to its unique development, this crypto-locking malware can target both Windows and Linux systems

How Covid-19 Contact Tracing Works on Your Phone

WIRED Threat Level

Developers are working on track-and-trace systems to keep infection levels low. The apps aren't here yet, but here's what they do—and how you can enable them. Gear Gear / How To and Advice Security

Critical flaw could have allowed attackers to control traffic lights

Security Affairs

A critical vulnerability in traffic light controllers manufactured by SWARCO could have been exploited by attackers to disrupt traffic lights. A critical vulnerability in traffic light controllers designed by SWARCO could have been exploited by hackers to disrupt traffic lights. SWARCO is the world’s largest manufacturer of signal heads and the number two internationally for reflective glass beads.

Asset Management Mess? How to Get Organized

Dark Reading

Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

Kingminer Botnet Targeting SQL Servers for Cryptomining

Data Breach Today

Sophos: Botnet Uses Brute-Force Attacks Targeting Vulnerable Databases The operators behind the Kingminer botnet have recently started targeting vulnerable Microsoft SQL Server databases using brute-force methods in order to mine cryptocurrency, according to research from Sophos. In addition, the botnet operators have attempted to exploit the EternalBlue vulnerability

Mining 165

Phishing Attacks Traced to Indian Commercial Espionage Firm

Data Breach Today

Researchers at Citizen Lab Accuse Indian Firm of Criminal Hacking for Hire Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators

Microsoft Fixes 129 Bugs in Largest Patch Tuesday Release

Dark Reading

The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services

Honda Hit By Possible Ransomware Attack

Adam Levin

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

How to keep your remote work team together

OpenText Information Management

Remote work teams around the world are showing that despite today’s extraordinary circumstances, we can still churn out hearty levels of productivity. But it’s challenging. Maybe it’s our innate desire for connection or our drive to escape social isolation, but lately many of us are missing our teammates and the buzz of an office environment. … The post How to keep your remote work team together appeared first on OpenText Blogs.

IT 74

7 Ransomware Trends: Gangs Join Forces, Auction Stolen Data

Data Breach Today

Can't Stop the Crypto-Locking Malware Attacks? Criminals Keep Hitting Big Targets Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Krebs on Security

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Google is indexing the phone numbers of WhatsApp users raising privacy concerns

Security Affairs

A researcher is warning that Google is indexing the phone numbers of WhatsApp users raising serious privacy concerns. Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Spies Can Eavesdrop by Watching a Light Bulb's Vibrations

WIRED Threat Level

The so-called lamphone technique allows for real-time listening in on a room that's hundreds of feet away. Security Security / Cyberattacks and Hacks

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert

Data Breach Today

DoppelPaymer Hit Comes as Ransomware Attacks - and Data-Leaking Shakedowns - Surge The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key

Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service

Krebs on Security

The co-owners of vDOS , a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court. vDOS as it existed on Sept. 8, 2016.

DHS Warns on New Exploit of Windows 10 Vulnerability

Dark Reading

The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software

85

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts.

IoT Privacy and Security: Will Product Labels Help Buyers?

Data Breach Today

Food-Like Labeling for Connected Devices Developed by Carnegie Mellon University With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose

IoT 187

Microsoft Patch Tuesday, June 2020 Edition

Krebs on Security

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention — particularly for enterprises and employees working remotely.

Facebook Helped Develop a Tails Exploit

Schneier on Security

This is a weird story : Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which routes all inbound and outbound connections through the open-source Tor network to anonymize it. According to Vice, the FBI had tried to hack into Hernandez's computer but failed, as the approach they used "was not tailored for Tails."

Risk 81

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Japanese car-maker giant Honda hit by a ransomware attack

Security Affairs

Japanese carmaker Honda announced it has been hit by a cyberattack that disrupted its business in several countries. The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware.

Kubeflow Targeted in XMRig Monero Cryptomining Campaign

Data Breach Today

Researchers: Admin Shortcut May Have Opened the Door to Hackers Microsoft's Azure Security Center has detected a new hacking campaign that for the first time specifically targets the Kubeflow platform on Kubernetes and uses XMRig cryptominer to mine for monero across multiple clusters

Mining 183

ICS Threat Snake Ransomware Suspected in Honda Attack

Dark Reading

An attack targeting the automaker reportedly infected internal servers and led to the suspension of production at plants around the world