Sat.May 23, 2020 - Fri.May 29, 2020

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S.

Thermal Imaging as Security Theater

Schneier on Security

Seems like thermal imaging is the security theater technology of today. These features are so tempting that thermal cameras are being installed at an increasing pace.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

5 Simple Ways to Make Your Gmail Inbox Safer

WIRED Threat Level

These built-in features definitely protect your data, but they can help keep your inbox tidy too. Security Security / Privacy Security / Security Advice

Top Ransomware Attack Vectors: RDP, Drive-By, Phishing

Data Breach Today

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

The Last Watchdog

Doing authentication well is vital for any company in the throes of digital transformation.

More Trending

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens.

Mercedes-Benz Data Leak Lesson: Lock Down Code Repositories

Data Breach Today

Luckily for Car Giant, Access Control Gaff Didn't Expose Secret Data - This Time Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.

Access 266

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

The Last Watchdog

If the devastating health and economic ramifications weren’t enough, individual privacy is also in the throes of being profoundly and permanently disrupted by the coronavirus pandemic.

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office

Krebs on Security

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Steganography in targeted attacks on industrial enterprises in Japan and Europe

Security Affairs

Threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks, Kaspersky reported. Researchers from Kaspersky’s ICS CERT unit reported that threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks.

Ransomware Gang Posting Financial Details From Bank Attack

Data Breach Today

Maze Started Releasing Payment Card Data From Costa Rican Bank This Week The Maze ransomware gang has started releasing payment card data from an attack that happened earlier this year at Banco BCR, which is the state-owned Bank of Costa Rica.

There's a Jailbreak Out for the Current Version of iOS

WIRED Threat Level

The Unc0ver tool works on all versions of iOS from 11 to 13.5, the current release. Security Security / Security News

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services.

Paper 178

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

3 hacking forums have been hacked and database have been leaked online

Security Affairs

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums.

Hackers Breached 6 Unpatched Cisco Internal Servers

Data Breach Today

Servers Support Company's Virtual Networking Service Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities.

IT 237

To Live and Love in the Time of Corona

OpenText Information Management

As we approach 100 days of quarantine or shelter in place, I wanted to take an inventory of what we know, what we need to know, and how to live and love in the time of Corona.

108
108

Websites Conducting Port Scans

Schneier on Security

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors. Looking at the list of ports they are scanning, they are looking for VNC services being run on the host, which is the same thing that was reported for bank sites.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

The Florida Unemployment System suffered a data breach

Security Affairs

Officials revealed that the Florida Unemployment System suffered a data breach that impacted some residents who have made unemployment claims.

New Version of ZLoader Banking Malware Resurfaces

Data Breach Today

Researchers Observe Over 100 Campaigns Since Start of 2020 Two years after it was last seen in February 2018, a new version of the ZLoader banking malware has resurfaced, with cybercriminals distributing the malware through email campaigns, according to security firm Proofpoint

A Rogues' Gallery of MacOS Malware

Dark Reading

MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise

Look Out for This Covid-19 Excel Phishing Scam

WIRED Threat Level

Plus: An iOS leak, an EasyJet breach, and more of the week's top security news. Security Security / Security News

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Maze ransomware operators leak credit card data from Costa Rica’s BCR bank

Security Affairs

Maze ransomware operators published credit card details stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week. Maze ransomware operators have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

Mercedes-Benz Data Leak: Embarrassing But Endurable

Data Breach Today

The Mistake Could Have Been Much Worse in an Era of Connected Vehicles Last week, a curious data breach occurred: Almost 9 GB of software development documentation from Daimler AG, the parent company of Mercedes-Benz.

Data Loss Spikes Under COVID-19 Lockdowns

Dark Reading

Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy

The DHS Prepares for Attacks Fueled by 5G Conspiracy Theories

WIRED Threat Level

The claim that 5G can spread the coronavirus has led to dozens of cell-tower burnings in Europe. Now, the US telecom industry is on alert as well. Security Security / Security News

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

Experts reported the existence of a botnet, tracked as Silent Night based on the Zeus banking Trojan that is available for sale in several underground forums.

Sales 102

'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data

Data Breach Today

Google: Hackers Using COVID-19 Phishing Themes to Target Businesses "Hack-for-hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group

Bank of America Security Incident Affects PPP Applicants

Dark Reading

The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared