Expert insights. Personalized for you.
Home Supply Retailer Must Also Implement Several Cybersecurity Protocols The Home Depot reached a $17.5 million settlement in a class-action lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million of the retailer's customers. MORE
Security expert Tolijan Trajanovski analyzed an SSH-backdoor Botnet that implements an interesting ‘Research’ infection technique. In a recent tweet , the malware researcher @ 0xrb shared a list containing URLs of recently captured IoT botnet samples. MORE
Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. MORE
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform MORE
What is GITOpS (and why does it matter)? Operations is the lifeblood of every IT department, and for most IT managers it’s also the bane of their existence. IT Operations can be costly, and it consumes vast amounts of resources in the form of time and labor. If it weren’t such a critical part of. MORE
77 
A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. MORE
Amid the mad dash for bargains and inevitable stories of shop-floor brawls, Black Friday brings with it a spike in cyber security threats, as cyber criminals take advantage of people desperate for bargains. MORE
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. MORE
For now, the security measure will be available only to people using the beta version of the app. Security Security / Security News MORE
2FA bypass discovered in web hosting software cPanel. More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. MORE
The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. MORE
The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S. MORE
Bureau Identifies Nearly 100 Spoofed Websites Created by Cybercriminals The FBI has identified nearly 100 spoofed websites that use some incarnation of the agency's name. Fraudsters and other cybercriminals potentially could leverage the sites disinformation campaigns and credential theft MORE
Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Breach Cloud Security Hacks Web Security account takeover Credential stuffing cyberattack elasticsearch database music streaming password reuse Spotify spotify credentials vpnMentor MORE
Regulatory and Employee Litigation Risks Face Businesses That Violate Privacy Rules Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. MORE
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice MORE
Ransomware as a service, exposed SMS photos, and more of the week's top security news. Security Security / Security News MORE
Bureau Says the Attacks Are Hitting Many Sectors The FBI has sent out a private industry alert warning about increasing attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note MORE
217 Answering these questions will help CISOs define a plan and take the organization in a positive direction MORE
With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is? MORE
Electric Car Manufacturer is Pushing Over-the-Air Updates to Patch Software Flaws Two vulnerabilities in Tesla's keyless entry system allowed researchers to clone a key fob and drive away with a Model X. MORE
211 Boffins have demonstrated how to steal a Tesla Model X in a few minutes by exploiting vulnerabilities in the car’s keyless entry system. MORE
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them MORE
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One. MORE
IT Governance
NOVEMBER 23, 2020
Amid the mad dash for bargains and inevitable stories of shop-floor brawls, Black Friday brings with it a spike in cyber security threats, as cyber criminals take advantage of people desperate for bargains.
Data Breach Today
NOVEMBER 24, 2020
Bureau Identifies Nearly 100 Spoofed Websites Created by Cybercriminals The FBI has identified nearly 100 spoofed websites that use some incarnation of the agency's name. Fraudsters and other cybercriminals potentially could leverage the sites disinformation campaigns and credential theft
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Threatpost
NOVEMBER 23, 2020
Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Breach Cloud Security Hacks Web Security account takeover Credential stuffing cyberattack elasticsearch database music streaming password reuse Spotify spotify credentials vpnMentor
Krebs on Security
NOVEMBER 21, 2020
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned.
Advertisement
In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.
WIRED Threat Level
NOVEMBER 23, 2020
The company is rolling out a patch today for the vulnerabilities, which allowed one researcher to break into one in 90 seconds and drive away. Security Security / Cyberattacks and Hacks
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Dark Reading
NOVEMBER 24, 2020
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice
Security Affairs
NOVEMBER 27, 2020
The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online.
WIRED Threat Level
NOVEMBER 21, 2020
Ransomware as a service, exposed SMS photos, and more of the week's top security news. Security Security / Security News
Data Breach Today
NOVEMBER 25, 2020
Home Supply Retailer Must Also Implement Several Cybersecurity Protocols The Home Depot reached a $17.5 million settlement in a class-action lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million of the retailer's customers.
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
Dark Reading
NOVEMBER 23, 2020
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them
Security Affairs
NOVEMBER 22, 2020
A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs.
Schneier on Security
NOVEMBER 24, 2020
Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying.
Data Breach Today
NOVEMBER 21, 2020
Researchers: Skimmer Compromised Website of Boom! Mobile In October Researchers have identified a fresh variant of the Grelos skimmer that has co-opted the infrastructure that MageCart uses for its own skimming attacks against e-commerce sites, according to RiskIQ.
Advertiser: Amplitude
As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.
Dark Reading
NOVEMBER 27, 2020
Not everyone in a security department is acting in good faith, and they'll do what they can to bypass those who do. Here's how to spot them
Security Affairs
NOVEMBER 26, 2020
Security expert Tolijan Trajanovski analyzed an SSH-backdoor Botnet that implements an interesting ‘Research’ infection technique. In a recent tweet , the malware researcher @ 0xrb shared a list containing URLs of recently captured IoT botnet samples.
WIRED Threat Level
NOVEMBER 22, 2020
For now, the security measure will be available only to people using the beta version of the app. Security Security / Security News
Data Breach Today
NOVEMBER 25, 2020
Bureau Says the Attacks Are Hitting Many Sectors The FBI has sent out a private industry alert warning about increasing attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
Dark Reading
NOVEMBER 25, 2020
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform
Security Affairs
NOVEMBER 23, 2020
The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S.
Troy Hunt
NOVEMBER 22, 2020
With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is?
Data Breach Today
NOVEMBER 27, 2020
Regulatory and Employee Litigation Risks Face Businesses That Violate Privacy Rules Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it.
Advertiser: ZoomInfo
Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!
Dark Reading
NOVEMBER 27, 2020
Each security incident should lead to a successive reduction in future incidences of the same type. Organizations that fail toward zero embrace failure and learn from their mistakes
Security Affairs
NOVEMBER 24, 2020
2FA bypass discovered in web hosting software cPanel. More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts.
Micro Focus
NOVEMBER 23, 2020
What is GITOpS (and why does it matter)? Operations is the lifeblood of every IT department, and for most IT managers it’s also the bane of their existence. IT Operations can be costly, and it consumes vast amounts of resources in the form of time and labor. If it weren’t such a critical part of.
Data Breach Today
NOVEMBER 26, 2020
Electric Car Manufacturer is Pushing Over-the-Air Updates to Patch Software Flaws Two vulnerabilities in Tesla's keyless entry system allowed researchers to clone a key fob and drive away with a Model X.
Advertiser: Amplitude
Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.
Dark Reading
NOVEMBER 23, 2020
Answering these questions will help CISOs define a plan and take the organization in a positive direction
Security Affairs
NOVEMBER 23, 2020
Boffins have demonstrated how to steal a Tesla Model X in a few minutes by exploiting vulnerabilities in the car’s keyless entry system.
Threatpost
NOVEMBER 23, 2020
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.
Let's personalize your content