July, 2020

How Ekans Ransomware Targets Industrial Control Systems

Data Breach Today

Researchers Identified Malware Variants With Advanced Capabilities Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report.

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CISA warns organizations of cyberattacks from the Tor network

Security Affairs

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned enterprises about cyberattacks from the Tor network.

Risk 111

The Security Value of Inefficiency

Schneier on Security

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing. Running just at the margins is efficient. A single just-in-time global supply chain is efficient. Consolidation is efficient. And that's all profitable.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Encryption-Busting EARN IT Act Advances in Senate

WIRED Threat Level

Plus: A massive crime bust in Europe, a warning from US Cyber Command, and more of the week's top security news. Security Security / Security News

More Trending

Just How Lucrative Are BEC Scams?

Data Breach Today

Suspect Laundered Millions, Flaunted His Wealth on Social Media, Prosecutors Say A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department.

204
204

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves.

Cisco Talos discloses technicals details of Chrome, Firefox flaws

Security Affairs

Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers.

Attackers Scan for Vulnerable BIG-IP Devices After Flaw Disclosure

Dark Reading

The US Cybersecurity and Infrastructure Security Agency encourages organizations to patch a critical flaw in the BIG-IP family of application delivery controllers, as firms find evidence that attackers are scanning for the critical vulnerability

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

New Mac Ransomware Is Even More Sinister Than It Appears

WIRED Threat Level

The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers. Security Security / Cyberattacks and Hacks Security / Security News

Hacked by Police

Schneier on Security

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents.

Hey Alexa. Is This My Voice Or a Recording?

Data Breach Today

Researchers Develop Tool to Detect Replay Attacks Against Voice Assistants Voice-controlled assistants can be fooled by replaying a recording of someone's voice.

200
200

UK cyber crime rate has doubled in the past five years

IT Governance

The number of UK businesses that have suffered cyber attacks has doubled in the past five years, according to a new report. Beaming’s Five Years in Cyber Security found that 1.5 million organisations fell victim to cyber crime in 2019.

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Try2Cry ransomware implements wormable capability to infect other Windows systems

Security Affairs

A new piece of ransomware dubbed Try2Cry leverages infected USB flash drives and Windows shortcuts (LNK files) to infect other Windows systems. A new ransomware dubbed Try2Cry implements wormable capabilities to infect other Windows systems by using USB flash drives or Windows shortcuts (LNK files).

Another COVID-19 Side Effect: Rising Nation-State Cyber Activity

Dark Reading

While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs

The Worst Hacks and Breaches of 2020 So Far

WIRED Threat Level

Iran, China, Russia—the gang was all here in the first half of this year. Oh, and also an unprecedented pandemic that’s been a boon for hackers. Security Security / Cyberattacks and Hacks

Sustaining Performance Under Extreme Stress

Troy Hunt

I started writing this blog post alone in a hotel room in Budapest last September. It was at the absolute zenith of stress; a time when I had never been under as much pressure as I was right at that moment.

Sales 113

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

NASA Still Struggling With Agency-Wide Cybersecurity Program

Data Breach Today

IG Report Finds Agency's Infrastructure Remains Tempting Target for Hackers A recent Inspector General's report finds that NASA still struggles with implementing an agency-wide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019.

ThiefQuest Ransomware for the Mac

Schneier on Security

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's hard to get infected: For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it.

Huawei faces 5G ban from British’s 5G network within months

Security Affairs

UK Prime Minister Boris Johnson is going to ban the use of equipment from the Chinese tech giant Huawei in Britain’s 5G network, reported The Daily Telegraph.

Making Sense of EARN IT & LAED Bills' Implications for Crypto

Dark Reading

After Senate Judiciary Committee pushes EARN IT Act a step closer to ratification, raising further concerns for privacy advocates, here's what to know

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

WIRED Threat Level

For companies that haven't patched their BIG-IP products, it may already be too late. Security Security / Cyberattacks and Hacks

IT 92

FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Threatpost

New ‘smishing’ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer. Hacks Malware Android China Data data theft FakeSpy infostealer malware mobile apps Phishing roaming mantis Smishing SMS USPS

It's Official: CCPA Enforcement Begins

Data Breach Today

Move Comes Despite Lack of Final Version of Sweeping Data Protection Law Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take

IT 201

Securing the International IoT Supply Chain

Schneier on Security

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries?

IoT 73

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

European police infiltrate and dismantled EncroChat chat network

Security Affairs

A joint operation conducted by European police arrested hundreds of criminals after that agents infiltrated into EncroChat encrypted chat network.

DHS Shares Data on Top Cyberthreats to Federal Agencies

Dark Reading

Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN

Schools Already Struggled With Cybersecurity. Then Came Covid-19

WIRED Threat Level

A lack of dedicated funding and resources made it hard to keep data secure—and that was before classes moved almost entirely online. Security Security / Cyberattacks and Hacks