Sat.Sep 19, 2020 - Fri.Sep 25, 2020

Small business cyber security: the ultimate guide

IT Governance

If you’re an SME, cyber security might feel seem impossibly complex and filled with endless pitfalls.

Unlocking the Five Steps to Proper Security Validation

Data Breach Today

Continuously Validate Security to Maximize the Value of Your Investments The 2020 Security Effectiveness Report shares our findings from an evaluation of 100+ enterprise production environments globally across every major vertical

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

Threatpost

When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics.

IT 109

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

179 Arrested in Massive Global Dark Web Takedown

WIRED Threat Level

Operation Disruptor is an unprecedented international law enforcement effort, stemming from last year’s seizure of a popular underground bazaar called Wall Street Market. Security Security / Security News

More Trending

Former NSA Director Keith Alexander Joins Amazon’s Board of Directors

Schneier on Security

This sounds like a bad idea. Uncategorized Amazon NSA privacy surveillance

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Krebs on Security

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Cybercrime Review: Hackers Cash in on COVID-19

Data Breach Today

Phishing, Spam, Malware, Social Engineering and Other Recent Attack Trends Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Making the Case for Medical Device Cybersecurity

Dark Reading

With an increasing number of Internet-connected medical devices in use to manage diabetes, protection against a variety of wireless network attacks could very well be a matter of life and death for patients

Who is Tech Investor John Bernard?

Krebs on Security

John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his wife on their honeymoon in India.

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT 109

Federal Agency Hacked Using Stolen Office 365 Credentials

Data Breach Today

CISA: Hacker Apparently Exploited VPN Vulnerabilty The U.S.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented case of a cyberattack causing a fatality.

The iOS 14 Privacy and Security Features You Should Know

WIRED Threat Level

The latest update for your iPhone and iPad will make them safer than ever. Security Security / Security Advice

Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug

Security Affairs

Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network.

Leaked FinCEN Reports Reveal Sensitive Security Details

Data Breach Today

Suspicious Activity Reports Reveal Tools and Techniques to Adversaries, Experts Warn What will be the impact of the leak of investigatory documents from FinCEN - the U.S. Treasury Department's Financial Crimes Enforcement Network?

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Can Schools Pass Their Biggest Cybersecurity Test Yet?

Dark Reading

Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks

A Patient Dies After a Ransomware Attack Hits a Hospital

WIRED Threat Level

The outage resulted in a significant delay in treatment. German authorities are investigating the perpetrators on suspicion of negligent manslaughter. Security Security / Cyberattacks and Hacks

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

Microsoft is warning of threat actors that are actively using the Windows Server Zerologon exploits in attacks in the wild. Microsoft has published a series of Tweets to warn of attackers that are actively exploiting the Windows Server Zerologon in attacks in the wild.

'Dark Overlord' Hacker Sentenced to 5-Year Prison Term

Data Breach Today

British Man Switches to Guilty Plea in Case Tied to Several Healthcare Hacks A U.K. resident who was a member of The Dark Overlord hacking group pleaded guilty to federal charges Monday and was sentenced to five years in prison, according to the U.S. Justice Department.

219
219

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

Attackers Target Small Manufacturing Firms

Dark Reading

The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report

How Twitter Survived Its Biggest Hack—and Plans to Stop the Next One

WIRED Threat Level

On July 15, Twitter melted down. On Election Day, that's not an option. Security Security / Cyberattacks and Hacks

IT 97

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

The Italian eyewear and eyecare giant Luxottica has reportedly suffered a cyber attack that disrupted its operations in Italy and China. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry.

Police Crack SMS Phishing Operation

Data Breach Today

Two Men Accused of Sending Messages to Obtain Personal, Bank Information Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Remote Work Exacerbating Data Sprawl

Dark Reading

More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds

Risk 94

The Cheating Scandal That Ripped the Poker World Apart

WIRED Threat Level

Mike Postle was on an epic winning streak at a California casino. Veronica Brill thought he had to be playing dirty. Let the chips fall where they may. Security Security / Security News Backchannel

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions.