2020

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Krebs on Security

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds , a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks.

Marriott Hit With $24 Million GDPR Privacy Fine Over Breach

Data Breach Today

Privacy Regulator in UK Cautions Organizations to Conduct Thorough Due Diligence Hotel giant Marriott has been hit with the second largest privacy fine in British history, after it failed to contain a massive, long-running data breach. But the final fine of $23.8

GDPR 285
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Current Chaos of Zero Trust Architecture

Adapture

Everyone seems to agree that organizations need to move to a zero trust architecture, but zero trust in action currently ranges from a single area that can be “zero trust-like” to a complete environment being considered a zero trust architecture… But there aren’t actually agreed upon standards as of yet.

How to Choose the Right Metrics for Your Records Management Program

TAB OnRecord

In a three-part post we are looking at the role of metrics in demonstrating the value of RM, specifically in organizations that have implemented an electronic records management system. In this post we outline a four-step process to arriving at the right metrics. Read More.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

In-House Legal Security: Using Cloud Technology to Address Threats

Zapproved

There are two major categories of security features cloud vendors can offer to address threats. Technology and operations each contribute to data security.

Cloud 52

More Trending

Probing Marriott's Mega-Breach: 9 Cybersecurity Takeaways

Data Breach Today

Hackers Stealing and Selling VoIP Access

Data Breach Today

Attackers Exploit a Vulnerability in Asterisk VoIP PBX Servers Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system

Access 285

CISA Warns of Password Leak on Vulnerable Fortinet VPNs

Data Breach Today

Agency Says Hackers Can Use a Known Bug for Further Exploitation CISA is warning about a possible password leak that could affect vulnerable Fortinet VPNs and lead to further exploitation.

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

DOJ Seizes $1 Billion Worth of Bitcoin Linked to Silk Road

Data Breach Today

Prosecutors Says Stolen Cryptocurrency Tied to Mysterious Digital Wallet The U.S. Justice Department is looking to seize more than $1 billion worth of bitcoin that investigators have linked to the notorious Silk Road darknet marketplace.

Data of 27 Million Texas Drivers Compromised in Breach

Data Breach Today

Misconfigured Database Might Have Led to Data Breach, Security Experts Say An unauthorized person appears to have gained entry to insurance software firm Vertafore and compromised the driver's license information of over 27 million Texas citizens.

Microsoft Finds Backdoor, CISA Warns of New Attack Vectors

Data Breach Today

Devastating Scope of Hacking Campaign Expands Microsoft says on Thursday it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.

Cybercrime Review: Hackers Cash in on COVID-19

Data Breach Today

Phishing, Spam, Malware, Social Engineering and Other Recent Attack Trends Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Senators Demand More Details on VA Breach

Data Breach Today

Lawmakers Say 17,000 Healthcare Providers Affected; VA Disputes Claim Several Senate Democrats are demanding answers from the Department of Veterans Affairs about cybersecurity practices after a breach that the VA says exposed data on 46,000 veterans, but which the senators claim also apparently affected 17,000 healthcare providers.

3 Iranian Hackers Charged With Targeting US Satellite Firms

Data Breach Today

DOJ: Hackers Used Social Engineering Techniques, Spear Phishing Three Iranian hackers have been charged in connection with using social engineering and phishing techniques to steal data and intellectual property from U.S. satellite and aerospace companies, according to the Justice Department.

Morgan Stanley Hit With $5 Million Data Breach Suit

Data Breach Today

Poor Procedures for Discarding Old Equipment Led to Breach, Lawsuit Alleges A $5 million lawsuit seeking class action status has been filed against Morgan Stanley, claiming the financial organization failed to properly safeguard personally identifiable information when the company discarded old computer equipment.

Elon Musk Says Tesla Saved From 'Serious' Ransom Attempt

Data Breach Today

FBI: $4 Million Scheme - Mixing Malware, DDoS and Extortion - Thwarted by Insider Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted.

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Malware-Wielding Extortionists Target Tesla: 8 Takeaways

Data Breach Today

How Many Organizations' Threat Models Feature Russian Criminals Bribing Insiders?

So You Want to Build a Vulnerability Disclosure Program?

Data Breach Today

Thinking of a Cybersecurity Career? Read This

Krebs on Security

Thousands of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills.

Medical Records Exposed via GitHub Leaks

Data Breach Today

Report: 9 Leaks Account for Exposure of PHI for at Least 150,000 Patients Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Ransomware Reportedly Hits Ventilator Maker

Data Breach Today

Incident Reflects Threats Facing Those Involved in COVID-19 Response A manufacturer of transit communication systems that pivoted to build ventilators during the COVID-19 pandemic is reportedly the latest victim of the DoppelPaymer ransomware gang

Biden's Cybersecurity Mission: Regain Momentum

Data Breach Today

Experts Say Cybersecurity Will Be a Higher Priority Cybersecurity is poised to become a higher White House priority when President-elect Joe Biden takes office. And he's expected to renew key international relationships needed in the fight against cyberattacks

APT Groups Target Firms Working on COVID-19 Vaccines

Data Breach Today

Microsoft Says Attacks on Seven Companies Blocked Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says

Who’s Behind Wednesday’s Epic Twitter Hack?

Krebs on Security

Twitter was thrown into chaos on Wednesday after accounts for some of the world’s most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

US Secret Service Forms Cyber Fraud Task Force

Data Breach Today

Newly Formed Task Force Combines Electronic and Financial Crimes Units The U.S. Secret Service is combining its electronic and financial crimes units into a single task force that will focus on investigating cyber-related financial crimes such as BEC schemes and ransomware attacks.

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Krebs on Security

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week.

SANS Institute Sees Its Breach as Teachable Moment

Data Breach Today

Cyberecurity Training Center Wants Others to Learn From Phishing Attack The SANS Institute, which is known for its cybersecurity training courses, is now planning to turn its own data breach into a teachable moment for its membership