Sat.Aug 14, 2021 - Fri.Aug 20, 2021

What Are the Cyber Security Challenges of Hybrid Working?

IT Governance

When it comes to the ideal post-pandemic work environment, employers and employees and have very different ideas. According to a Microsoft study , 73% of workers want to keep the flexible work arrangements created in response to COVID-19, and 67% want a return to in-person collaboration.

IT 94

Hard Drive Health & Data Security

Record Nations

Hard drive health and data security are very closely connected. A failing hard drive can pose a number of security risks to any business. It’s important to recognize the signs of a failing drive, as well as what can be done to make sure that the data within remains accessible.

Risk 83
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How Ready Are You for a Ransomware Attack?

Threatpost

Oliver Tavakoli, CTO at Vectra, lays out the different layers of ransomware defense all companies should implement. Cloud Security InfoSec Insider Malware Vulnerabilities Web Security

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

Data Breach Today

Security Experts Size Up Impact of US Rush to Leave Afghanistan It's unlikely that the U.S. abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say

Risk 279

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection.

More Trending

More on Apple’s iPhone Backdoor

Schneier on Security

In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM detection system were expected, and not a concern.

IT 114

Houdini Malware Used in New Way

Data Breach Today

Cato Networks: Malware Now Used to Spoof Devices Researchers at SASE platform provider Cato Networks say they have discovered a novel use of the Houdini malware for spoofing of devices

275
275

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

Krebs on Security

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company.

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

So NortonLifeLock has acquired Avast for more than $8 billion. This deal reads like to the epilogue to a book titled The First 20 Years of the Supremely Lucrative Antivirus Market. Way back in 1990, Symantec acquired Norton Utilities and made Norton the heart of its antivirus subscription offering. Related: The coming of ubiquitous passwordless access.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Schneier on Security

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3,

IT 114

Insurer Tokio Marine Hit by Ransomware

Data Breach Today

Firm Says Singapore Unit Was Targeted Tokio Marine, a Japan-based property and casualty insurer, says its Tokio Marine Insurance Singapore unit was hit by a ransomware attack this week

T-Mobile Investigating Claims of Massive Data Breach

Krebs on Security

Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR

Security Affairs

The German state’s data protection agency (DPA) warns that the use of the videoconferencing platform Zoom violates the European Union’s GDPR.

GDPR 114

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

T-Mobile Data Breach

Schneier on Security

It’s a big one : As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000.

T-Mobile USA Investigates Possible Data Breach

Data Breach Today

Group Claims GGSN Misconfiguration Led to 100 Million User Accounts T-Mobile USA says it is investigating a claim that as many as 100 million accounts may have been compromised in a data breach.

China Aims Its Propaganda Firehose at the BBC

WIRED Threat Level

The alleged digital operation has deployed hundreds of websites and social media accounts to attack the broadcaster's reporting. Security Security / Security News

IT 108

1.9 million+ records from the FBI’s terrorist watchlist available online

Security Affairs

A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between July 19 and August 9, 2021. A security researcher Bob Diachenko discovered a secret terrorist watchlist with 1.9

Access 114

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

Tetris: Chinese Espionage Tool

Schneier on Security

I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents. Uncategorized China cyberespionage espionage spyware

100
100

T-Mobile: Attackers Stole 8.6 Million Customers' Details

Data Breach Today

40 Million Credit Applications Also Stolen; Social Security Numbers Exposed T-Mobile USA has confirmed that its systems were breached and that details for 7.8

3 ways the Digital Twin can transform Healthcare

OpenText Information Management

The Digital Twin is becoming widely adopted in many industries. Yet, it is still in its infancy when it comes to Healthcare. In this blog, I’d like to look at three areas where this technology can generate substantial value in transforming quality, experience, and innovation.

Adobe addresses two critical vulnerabilities in Photoshop

Security Affairs

Adobe has addressed two critical security vulnerabilities affecting its Photoshop image manipulation software. Ad obe released security updates to address two critical security vulnerabilities, tracked as CVE-2021-36065 and CVE-2021-36066, affecting the popular image manipulation software Photoshop.

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

Millions of Web Camera and Baby Monitor Feeds Are Exposed

WIRED Threat Level

A vulnerability in the Kalay platform leaves countless IoT devices susceptible to hackers. Security / Security News

IoT 95

Memorial Health System in Ohio Latest Entity Hit With Attack

Data Breach Today

Hospitals Diverting ER Patients to Other Area Facilities Memorial Health System in Ohio is the latest healthcare entity hit with an apparent ransomware incident that is disrupting patient care services

T-Mobile Confirms Data Breach, Says Too Early to Assess Damage

eSecurity Planet

T-Mobile USA officials have confirmed they are investigating a breach of company systems, but say it’s too early to tell whether the personal data of 100 million customers has been exposed, as the alleged hackers have claimed.

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Security Affairs

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date.

Cloud 103

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Google Docs Scams Still Pose a Threat

WIRED Threat Level

A 2017 worm caused havoc across the internet. One researcher is warning that despite new protections put in place, it could still happen again. Security Security / Security News

IT 90

'Neurevt' Trojan Targets Mexican Bank Customers

Data Breach Today

Updated Malware Now Includes Spyware and a Backdoor Researchers at the security firm Cisco Talos have spotted an ongoing campaign using an updated variant of the "Neurevt" Trojan to target customers of financial institutions in Mexico

Phishing Campaign Used Morse Code to Evade Detection: Microsoft

eSecurity Planet

A phishing campaign that Microsoft security researchers have been tracking for about a year highlights not only the ongoing success of social engineering efforts by hackers to compromise systems, but also the extent to which the bad actors will go to cover their tracks while stealing user credentials.