Sat.Jul 16, 2022 - Fri.Jul 22, 2022

Getting to Zero Trust Requires Good Cybersecurity Baselines

Data Breach Today

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

The 911 service as it exists today.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trojanized Password Crackers Targeting Industrial Systems

Dark Reading

Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says

GUEST ESSAY: The case for physically destroying — and not just wiping clean — old hard drives

The Last Watchdog

Cybersecurity poses a risk to all businesses. Related: Biden moves to protect critical infrastructure. Dataprot reports that 59 percent of Americans have experienced cybercrime in the past. An estimate stated that $6 trillion worth of damage was caused by cybercrime in 2022, making it vital for businesses to securely destroy data. Deleting information from a hard disk drive (HDD) is not enough. Hackers can recover data from physical drives, even when the information has been removed.

Build Your Open Data Lakehouse on Apache Iceberg

Speaker: Veena Vasudevan and Jason Hughes

In this webinar, Dremio and AWS will discuss the most common challenges in data architecture and how to overcome them with an open data lakehouse architecture on AWS. Sign up now!

Settlements Reached In 2 Large Healthcare Hack Lawsuits

Data Breach Today

Experts: Class Actions Filed in Wake of Big Data Breaches Keep Growing Two recent data breach lawsuit settlements by healthcare organizations underscore mounting liability risk stemming from a growing number of lawsuits. Missouri-based BJC Healthcare has agreed to pay up to $2.7

More Trending

The Kronos Ransomware Attack: What You Need to Know So Your Business Isn't Next

Dark Reading

Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments

Risk 113

Facebook Is Now Encrypting Links to Prevent URL Stripping

Schneier on Security

Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties.

Blockchain Security Firm Halborn Raises $90M to Guard Crypto

Data Breach Today

The Series A Proceeds Will Help Halborn Expand Its Audit and Pen Testing Services Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry.

New Luna ransomware targets Windows, Linux and ESXi systems

Security Affairs

Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems.

The Ultimate Guide to Hardening Windows Servers

IT Professional looking to harden your servers? ThreatLocker’s got you covered. The Ultimate Guide to Hardening Windows Servers offers tips and best practices to help mitigate cyber threats, better protect your servers, and secure your endpoints. Download today!

The Market Is Teeming: Bargains on Dark Web Give Novice Cybercriminals a Quick Start

Dark Reading

A study of the unregulated dark markets shows that the vast majority of malware, exploits, and attacker tools sell for less than $10, giving would-be criminals a fast entry point

Amazon Handed Ring Videos to Cops Without Warrants

WIRED Threat Level

Plus: A wild Indian cricket scam, an elite CIA hacker is found guilty of passing secrets to WikiLeaks, and more of the week's top security news. Security Security / Cyberattacks and Hacks Security / Privacy

Premint Fingers Open Source Flaw For NFT Hack

Data Breach Today

Premint NFT Shares $500K Attack Details, Promises Compensation Premint NFT platform users became victims last weejend of one of the biggest NFT attacks ever.

Several apps on the Play Store used to spread Joker, Facestealer and Coper malware

Security Affairs

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Unpatched GPS Tracker Security Bugs Threaten 1.5M Vehicles with Disruption

Dark Reading

A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles

The Unsolved Mystery Attack on Internet Cables in Paris

WIRED Threat Level

As new details about the scope of the sabotage emerge, the perpetrators—and the reason for their vandalism—remain unknown. Security Security / National Security

Romanian Malware Hosting Vendor Extradited to US

Data Breach Today

Mihai Paunescu, aka Virus, Faces 3 Criminal Counts in Court The DOJ extradited from Colombia 37-year-old Mihai Ionut Paunescu, who faces criminal charges for allegedly running a "bulletproof" hosting service that helped cybercriminals launch malware attacks.

Lightning Framework, a previously undetected malware that targets Linux systems

Security Affairs

Researchers discovered a previously undetected malware dubbed ‘Lightning Framework’ that targets Linux systems. Researchers from Intezer discovered a previously undetected malware, tracked as Lightning Framework , which targets Linux systems.

TCO Considerations of Using a Cloud Data Warehouse for BI and Analytics

Enterprises poured $73 billion into data management software in 2020 – but are seeing very little return on their data investments. 22% of data leaders surveyed have fully realized ROI in the past two years, with 56% having no consistent way of measuring it.

Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene

Dark Reading

The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities

Cloud 108

Copyright Claim Email is a LockBit Ransomware Phishing Attack in Disguise

KnowBe4

The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years. Phishing Ransomware

Romanian Who Allegedly Sold Malware Hosting Extradited to US

Data Breach Today

Mihai Paunescu, aka Virus, Faces 3 Criminal Counts in Court The DOJ extradited from Colombia 37-year-old Mihai Ionut Paunescu, who faces criminal charges for allegedly running a "bulletproof" hosting service that helped cybercriminals launch malware attacks.

Atlassian patched a critical Confluence vulnerability

Security Affairs

Atlassian released security updates to address a critical security vulnerability affecting Confluence Server and Confluence Data Center. Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138.

12 Considerations When Evaluating Data Lake Engine Vendors for Analytics and BI

Businesses today compete on their ability to turn big data into essential business insights. Modern enterprises leverage cloud data lakes as the platform used to store data. 57% of the enterprises currently using a data lake cite improved business agility as a benefit.

Retbleed Fixed in Linux Kernel, Patch Delayed

Dark Reading

Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing

107
107

Critical Vulnerabilities in GPS Trackers

Schneier on Security

This is a dangerous vulnerability: An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720 , a GPS tracker that sells for about $20 and is widely available.

Platform Security Firm SonicWall Promotes Sales Guru to CEO

Data Breach Today

SonicWall Taps Bob VanKirk to Grow Cloud Transformation and Enterprise Coverage SonicWall promoted its chief revenue officer to CEO, tasking him with accelerating cloud transformation, expanding enterprise coverage and enabling managed service providers.

Sales 201

A massive cyberattack hit Albania

Security Affairs

A synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack. Albania was hit by a massive cyberattack over the weekend, the government confirmed on Monday.

Checklist Report: Preparing for the Next-Generation Cloud Data Architecture

Data architectures have evolved dramatically. It is time to reconsider the fundamental ways that information is accumulated, managed, and then provisioned to the different downstream data consumers.

Cybercrime Group TA4563 Targets DeFi Market With Evolving Evilnum Backdoor

Dark Reading

The cyber campaign, aimed at siphoning funds, uses an improved version of the malware, which can adjust infection paths based on recognized antivirus software

The 2022 US Midterm Elections' Top Security Issue: Death Threats

WIRED Threat Level

While cybersecurity and foreign meddling remain priorities, domestic threats against election workers have risen to the top of the list. Security Security / Cyberattacks and Hacks Security / National Security Business / National Affairs

Separating the Quantum Computing Hype From the Reality

Data Breach Today

Future quantum computers will decrypt encrypted data, so businesses feel pressure to find quantum-resistant security solutions for data transmission. Wells Fargo Bank's Peter Bordow discusses the state of quantum computing, approaches to quantum security, and privacy-enhancing technologies