2019

MY TAKE: What everyone should know about the promise and pitfalls of the Internet of Things

The Last Watchdog

214
214

Dark Patterns: How Weaponized Usability Hurts Users

Data Breach Today

254
254

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Managed Attribution Threat Modeling

Adam Shostack

The more I learn about threat modeling, the more I think the toughest part is how we answer the question: “What can go wrong?” ” Perhaps that’s “finding threats.” ” Maybe it’s “discovering” or “eliciting” them.

IT 81

What Is Single Sign-On, and How Can It Make Your Enterprise More Secure?

eSecurity Planet

We define single sign-on and how SSO solutions can be implemented to make your organization more secure

IT 95

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Innovation Lab: The Role of Blockchain in Information Governance

Everteam

Something is exciting about diving into innovative technology and figuring out how it can improve the way you do business.

More Trending

A Shortage in Common Sense: The Myth of the Talent Gap

The Falcon's View

I have a visceral reaction every time I encounter yet another article bemoaning the so-called "talent gap" or "labor gap" in cybersecurity. Having been in and out of the job market several times over the past decade (for better and, more often, for worse), I can honestly say this is utter nonsense.

Why Personal Data Privacy Needs a Customer-centric Focus

Collibra

When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Meanwhile, organizations are panicked about complying with the latest regulation deadline.

Forced Password Reset? Check Your Assumptions

Krebs on Security

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded $76,000, paid in Bitcoin, for a decryption key.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners

Data Breach Today

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks.

Mining 236

Legal Threats Make Powerful Phishing Lures

Krebs on Security

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else.

Who Owns Your Wireless Service? Crooks Do.

Krebs on Security

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary.

Crime Gang Advertises Stolen 'Anti-Virus Source Code'

Data Breach Today

Researchers: 'Fxmsp' Russian Hacking Collective Exploits Victims Via RDP and Active Directory The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S.

Access 285

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

How Not to Acknowledge a Data Breach

Krebs on Security

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach.

What You Should Know About the Equifax Data Breach Settlement

Krebs on Security

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans.

Unsecured Database Leaves 8.4TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4TB of email metadata.

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

NY Payroll Company Vanishes With $35 Million

Krebs on Security

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies.

Cybercrime Gangs Advertise Fresh Jobs, Hacking Services

Data Breach Today

Offerings Abound on Darknet Forums; The Dark Overlord Seeks Multilingual Hackers Numerous cybercrime gangs continue to use darknet forums to seek fresh recruits, sell stolen data or advertise hacking services.

284
284

GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value

The Last Watchdog

Social media consumers are getting wise to the joke that when the product is free, they’re the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants.

FBI Shutters DeepDotWeb Portal; Suspected Admins Arrested

Data Breach Today

Suspects Accused of Receiving Bitcoins Worth Millions for Referral Fees The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested.

IT 281

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Why Phone Numbers Stink As Identity Proof

Krebs on Security

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities.

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

Data Breach Today

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords.

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach.

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley.

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

Louisiana Government Recovering From Ransomware Attack

Data Breach Today

Governor Describes 'Aggressive' Incident Response Efforts After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

The U.S.

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.