SolarWinds Hires Chris Krebs to Reboot Its Cybersecurity

Data Breach Today

Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.

Biden's $10 Billion Cybersecurity Proposal: Is It Enough?

Data Breach Today

trillion plan for COVID-19 relief includes nearly $10 billion in cybersecurity and IT spending. Security Experts Say Proposal Amounts to a 'Down Payment' President-elect Joe Biden's $1.9 Some security experts hope the amount as just a "down payment" toward a broader effort

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

IT??????????????????????

DXC

IT????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????EC???????????????????????????????????????????????????????????IT???????????????????????????????????????????????? IT???????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????IT?????????????????????????????????

IT 64

COVID-19 First Anniversary: It's About Vaccines & Variants

Data Breach Today

marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants. Pandemic Expert Regina Phelps Says Next Weeks Are Critical As the U.S.

IT 155

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.

SonicWall Investigating Zero-Day Attacks Against Its Products

Data Breach Today

Company Says Certain VPNs and Gateways Affected By 'Coordinated Attack' Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products.

IT 179

Universal Health Services' IT Network Crippled

Data Breach Today

Apparent Ransomware Attack Has National Impact A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S. and U.K.

Joker’s Stash Carding Market to Call it Quits

Krebs on Security

Joker’s Stash , by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. and European authorities seized a number of its servers.

CIA Finds It Failed to Secure Its Own Systems

Data Breach Today

Senator Wyden Releases CIA's Own 2017 Report Into Leak of 'Vault 7' Hacking Tools An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks

IT 161

SANS Institute Sees Its Breach as Teachable Moment

Data Breach Today

Cyberecurity Training Center Wants Others to Learn From Phishing Attack The SANS Institute, which is known for its cybersecurity training courses, is now planning to turn its own data breach into a teachable moment for its membership

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

'UltraRank' Gang Sells Card Data It Steals

Data Breach Today

Group-IB Finds Hacking Group Attacked Hundreds of Checkout Sites A cybercriminal gang dubbed "UltraRank" that has planted malicious JavaScript code in hundreds of e-commerce websites around the world over the last five years to steal payment card data also takes the unusual step of selling the data on its own, the security firm Group-IB reports.

IT 174

It's Official: CCPA Enforcement Begins

Data Breach Today

Move Comes Despite Lack of Final Version of Sweeping Data Protection Law Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take

IT 155

WhatsApp will share your data with Facebook and its companies

Security Affairs

Curiously the announcement comes a few days after the company has updated its Privacy Policy and Terms of Service. ,, “Respect for your privacy is coded into our DNA,” states WhatsApp’s privacy policy.

IT 101

Instagram Leaked Minors' PII Again, But Now It's Fixed

Data Breach Today

Exposure Comes as Ireland Probes Facebook's Handling of Children's Data For at least a month, Instagram leaked the email addresses of minors, which occurred as Ireland's Data Protection Commission probed whether its parent company, Facebook, failed to protect children's personal data.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

APT Group Targeting Military Refines Its Tactics

Data Breach Today

Alert: Chinese Malware Targeting IT Service Providers

Data Breach Today

The Taidoor RAT, which has been around for over 10 years, has recently been spotted in several campaigns against IT service providers CISA, DOD, FBI Issue Warning About Campaign Using Taidoor RAT A trio of U.S.

IT 166

Ransomware: IT Services Firm Faces $60 Million Recovery

Data Breach Today

France's Sopra Steria Was Hit By Previously Unseen Version of Ryuk Ransomware French IT services firm Sopra Steria, which was hit with Ryuk ransomware in October, now estimates that the attack could cost the company up to $60 million in recovery costs.

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. The post Facebook links cyberespionage group APT32 to Vietnamese IT firm appeared first on Security Affairs.

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

Addressing Shadow IT Issues During COVID-19 Crisis

Data Breach Today

Security Experts Offer Risk Mitigation Tips With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved

IT 169

Docker Hub Breach: It's Not the Numbers; It's the Reach

Data Breach Today

But the breach has caused a collective gasp because it potentially magnifies risks for enterprises Potential Leak of GitHub, Bitbucket Tokens As Well Docker, which offers an open source container platform, is notifying users that an intruder briefly had access to sensitive data from 190,000 Docker Hub accounts, or less than 5 percent of Hub users.

IT 167

Maze Claims to End Its Ransomware and Extortion Operations

Data Breach Today

Security Researchers Believe Gang or its Affiliates Are Likely to Return The Maze cybercrime gang, which revolutionized the ransomware business by adding an extortion element to each attack, has issued a statement saying it has hung up its spikes and will retire, at least temporarily.

Supply Chain Attacks: Hackers Hit IT Providers

Data Breach Today

Symantec Sees New Tortoiseshell Gang Hitting Targets in Middle East A hacker group called Tortoiseshell has been hitting targets in the Middle East since at least July 2018, apparently targeting IT service providers to gain access to many potential targets at once.

IT 201

The ABC’s of Recruiting for Gen Z

Take a look around you at any given moment, and somebody is likely surfing the web on their phone. In 2020, society has fully immersed itself in the web and all it has to offer - and no one more so than those of Generation Z. With “Gen Zers” beginning to enter the workforce at entry-level positions, it’s crucial to understand that this generation operates differently from the last. With this caveat in mind, read on to learn how to adapt your recruiting strategy to appeal to this pool of potential employees.

Cloud Security: Mess It Up and It's on You

Data Breach Today

It's also created a bevy of new security challenges. Jay Heiser of Gartner says if organizations don't get cloud security right, it's their own fault. Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. Here's why

IT 144

Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts

Security Affairs

The hosts with the outdated version were exposing travel portals implemented by Apple to its employees. Even if the outdated versions were affected by security flaws, the experts pointed out that Apple was using WAF to mitigate the attacks against its applications.

CMS 94

The British government aims at improving its offensive cyber capability

Security Affairs

Britain’s most senior cyber general declared that the UK has implemented an advanced offensive cyberwar capability that could destroy its enemies. Sanders explained that its cyber army was supported by the GCHQ intelligence agency to deliver offensive cyber capabilities.

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Turn on MFA Before Crooks Do It For You

Krebs on Security

But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. ” Microsoft support sent Dayman and his son a list of 20 questions to answer about their account, such as the serial number on the Xbox console originally tied to the account when it was created.

IT 209

French IT Services Firm Confirms Ryuk Ransomware Attack

Data Breach Today

Sopra Steria: Recovery Effort Will Take Weeks, But No Data Has Leaked French IT services firm Sopra Steria is confirming that its internal infrastructure sustained a Ryuk ransomware attack that has disrupted its operations, with a full recovery expected to take weeks

Citrix Warns Its ADC Products Are Being Used in DDoS Attacks

Data Breach Today

Company Notes: Permanent Fix Won't Be Ready Until January Citrix is warning its customers that attackers are taking advantage of the company's ADC products to conduct and amplify DDoS attacks, according to a notification published by the firm.

IT 201

The IT Backbone of Cybercrime

Dark Reading

Like their counterparts who run legitimate businesses, cybercriminals need hosting and cybersecurity protection, too

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [ NYSE:WIT ] is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. 12, Nair sent a statement that acknowledged none of the questions Wipro was asked about an alleged security incident involving attacks against its own customers.

IT 199

Garmin shut down its services after an alleged ransomware attack

Security Affairs

Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. The outage also impacted the company call centers, making it impossible for the company to provide information to its users.

NATO is checking its systems to determine the impact of SolarWinds hack

Security Affairs

NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO announced it is checking its systems after the SolarWinds supply chain attack to determine if they were infected with a backdoor.

IT 105

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. In recent attacks, the group was observed deploying the Clop ransomware into the networks of its victims.

Best Practices for a Marketing Database Cleanse

As frustrating as contact and account data management can be, this is still your database – a massive asset to your organization, even if it is rife with holes and inaccurate information. Entrusting a vendor to help maintain its accuracy and completeness is no ordinary engagement. Download ZoomInfo’s latest data-driven eBook aimed to help marketing leaders understand the best practices around choosing a B2B contact data provider.