Sat.Dec 04, 2021 - Fri.Dec 10, 2021

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States.

IT 193

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

The Last Watchdog

Without much fanfare, digital twins have established themselves as key cogs of modern technology. Related: Leveraging the full potential of data lakes. A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. Digital twins enable simulations to be run without risking harm to the physical entity; they help inform efficiency gains made in factories and assure the reliability of jet engines, for instance.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool

Dark Reading

A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say

A Log4J Vulnerability Has Set the Internet 'On Fire'

WIRED Threat Level

The flaw in the logging framework has security teams scrambling to put in a fix. Security Security / Security News

100 Pipeline Plays: The Modern Sales Playbook

For the first time, we’re sharing the winning plays that took us from scrappy startup to a publicly traded company. Use our proven data-driven plays to grow your pipeline and crush your revenue targets.

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Security Affairs

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library.

More Trending

The Vulnerability Lag: Cut Ransomware Risks Resulting From Digital Transformation

Dark Reading

Exploring ransomware and other data integrity risks from accelerated digital transformation in the wake of COVID-19

How to Opt Out of Verizon’s Custom Experience Tracking

WIRED Threat Level

Unless you manually opt out of the program, Verizon will store personal information and create user interest profiles. Security Security / Privacy

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers.

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

The Last Watchdog

In 2021 we witnessed the continuation of the seismic shift in how people work, a change that started at the beginning of the global pandemic. The acceleration of cloud, mobility, and security initiatives proved to be critical for organizations looking to weather the new threats and disruptions. Related: How ‘SASE’ blends connectivity, security.

Cloud 138

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls

Dark Reading

The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks

114
114

A Password Manager Isn't Just for Christmas, It's for Life (So Here's 50% Off!)

Troy Hunt

I was having a coffee with a good mate the other day. He's not a techie (he runs a pizza restaurant), but somehow, we ended up talking about passwords.

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems.

New German Government is Pro-Encryption and Anti-Backdoors

Schneier on Security

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Lack of Patching Leaves 300,000 Routers at Risk for Attack

Dark Reading

A significant percentage of the 2 million consumer and small-business routers produced by a Latvian firm are vulnerable and being used by attackers, a security firm says

Risk 114

Microsoft Seizes Domains Used by a Chinese Hacking Group

WIRED Threat Level

The move delivers a blow to the hackers behind sophisticated attacks on government agencies, think tanks, and other organizations. Security Security / Cyberattacks and Hacks

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers.

Someone Is Running Lots of Tor Relays

Schneier on Security

IT 100

Your Guide to Using Conversational Marketing to Drive Demand Generation

What is conversational marketing really about? This guide will examine the market forces at play, shifting buyer trends, how to leverage conversation marketing, and the tactics involved in adopting it for a B2B demand generation strategy.

Emotet Is Back and More Dangerous Than Before

Dark Reading

Volume of traffic associated with the malware is now back at 50% of the volume before law enforcement took the botnet operation down in January 2021, security vendor says

Apache Log4j Zero Day Exploit Puts Large Number of Servers at Severe Risk

eSecurity Planet

A critical vulnerability in the open-source logging software Apache Log4j 2 is fueling a chaotic race in the cybersecurity world, with the Apache Software Foundation (ASF) issuing an emergency security update as bad actors searched for vulnerable servers.

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations.

Google Shuts Down Glupteba Botnet, Sues Operators

Schneier on Security

Google took steps to shut down the Glupteba botnet, at least for now. The botnet uses the bitcoin blockchain as a backup command-and-control mechanism, making it hard to get rid of it permanently.) So Google is also suing the botnet’s operators. It’s an interesting strategy.

IT 93

Monitoring AWS Container Environments at Scale

In this eBook, learn how to monitor AWS container environments at scale with Datadog and which key metrics to monitor when leveraging two container orchestration systems (ECS and EKS).

How to Stop Hackers From Turning Your Systems Against You

Dark Reading

Cybercriminals are increasingly adopting "living-off-the-land’ techniques, leveraging commonly used tools to fly under the radar of conventional detection tools. But with AI, thousands of organizations have regained the upper hand

113
113

Russia’s Internet Censorship Machine Is Going After Tor

WIRED Threat Level

The attempt to block the site, which helps users mask their online activity, is the latest step in the country's efforts to control the internet. Security Security / Privacy

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide.

Thieves Using AirTags to “Follow” Cars

Schneier on Security

From Ontario and not surprising : Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them.

IT 92

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

How Do I Empower a Remote Workforce Without Compromising Security?

Dark Reading

To transition to a zero-trust architecture, focus on doing the things that offer the most value

What’s new in OpenText Extended ECM for Engineering and Core for Building Information Modelling – CE 21.4

OpenText Information Management

OpenText™?Extended

ECM 86

SonicWall strongly urges customers to apply patches to SMA 100 devices

Security Affairs

SonicWall strongly urges customers using SMA 100 series appliances to install security patches that address multiple security flaws, some of them rated as critical.