Sat.Jul 17, 2021 - Fri.Jul 23, 2021

The Best Tools for Secure Online Privacy

IG Guru

Since the emergence of the COVID 19 pandemic, most businesses and individuals have embraced remote working. However, with more people working from home, the issue of online privacy has taken precedence.

A New Approach to Finding Cybersecurity Talent: A Conversation with Alan Paller

eSecurity Planet

A group of technology luminaries have launched an effort to find and train a new generation of cybersecurity talent, an effort that will gain steam tomorrow with The Cyber Talent CIO Forum.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Document Processing Vs. Robotic Process Automation

AIIM

The Difference Between Intelligent Document Processing and RPA — Or Is There One? For many businesses, content and data capture tools are highly sought out, particularly in the banking and insurance sectors.

Serial Swatter Who Caused Death Gets Five Years in Prison

Krebs on Security

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Congress Focuses on Industrial Control System Security

Data Breach Today

Senate Bill Would Require CISA to Identify and Respond to ICS Threats A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure

More Trending

Biden Puts a $10M Bounty on Foreign Hackers

WIRED Threat Level

Plus: REvil goes dark, spyware runs amok, and more of the week's top security news. Security Security / Security News

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups.

Alert for Ransomware Attack Victims: Here's How to Respond

Data Breach Today

As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery

Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

eSecurity Planet

A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the entire OS altogether.

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Your Work Email Address is Your Work's Email Address

Troy Hunt

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read.

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

Peter Levashov, appearing via Zoom at his sentencing hearing today.

Saudi Aramco Says Supplier Leaked Company Data

Data Breach Today

Cybercriminals Reportedly Demanding $50 Million Payment From Oil Giant Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached.

IT 201

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT 83

What E-Commerce Performance Metrics Are CTOs Monitoring?

In this eBook, Danny Miles, CTO of Dollar Shave Club, reveals an efficient framework for thinking about and prioritizing the performance metrics that matter most to him, providing a blueprint for fellow e-commerce CTOs to follow as they evaluate their own business.

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

Threatpost

Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn. Breach Cloud Security Government Hacks Web Security

Cloud 114

How China's Hacking Entered a Reckless New Phase

WIRED Threat Level

The country's hackers have gotten far more aggressive since 2015, when the Ministry of State Security largely took over the country’s cyberespionage. Security Security / National Security

Saudi Aramco Traces Data Leak to Attack on Supplier

Data Breach Today

Extortionists Demand $50 Million - Payable in Monero Cryptocurrency - From Oil Giant Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached.

IT 183

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists.

9 Developer Enablement Practices to Achieve DevOps at Enterprise Scale

In this eBook, Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.

LPE flaw in Linux kernel allows attackers to get root privileges on most distros

Security Affairs

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros.

Email in PDF – Pushing the (email) envelope.

National Archives Records Express

[link]. When NARA released its revised Format Guidance for the Transfer of Permanent Electronic Records in 2014, we identified the file formats acceptable for use by Federal agencies when transferring permanent email messages to NARA. These formats include EML, MBOX, MSG, and PST.

Resiliency Is Key to Surviving a CDN Outage

Data Breach Today

Akamai Incident Highlights Risks of Relying on a Single Provider A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems.

Risk 177

MacOS Being Picked Apart by $49 XLoader Data Stealer

Threatpost

Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and it’s selling like hotcakes. Malware Web Security

IT 113

The Forrester Wave™: B2B Marketing Data Providers, Q2 2021

In our 24-criterion evaluation of B2B marketing data providers, we identified the 11 most significant vendors — Data Axle, Dun & Bradstreet, Enlyft, Global Database, InsideView, Leadspace, Oracle, SMARTe, Spiceworks Ziff Davis, TechTarget, and ZoomInfo Technologies — and researched, analyzed, and scored them. This report shows how each provider measures up and helps B2B marketing professionals select the right one for their needs.

7 Ways AI and ML Are Helping and Hurting Cybersecurity

Dark Reading

In the right hands, artificial intelligence and machine learning can enrich our cyber defenses. In the wrong hands, they can create significant harm

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco.

Sales 82

US Blacklists 6 Russian Organizations Over Security Concerns

Data Breach Today

Commerce Department Says Organizations Are Aligned With Russian Intelligence The Department of Commerce is restricting trade with four Russian IT and cybersecurity firms, along with two other entities, over concerns that these organizations pose a threat to U.S. national security

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

Threatpost

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Vulnerabilities

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Commercial Location Data Used to Out Priest

Schneier on Security

A Catholic priest was outed through commercially available surveillance data.

Oracle fixes critical RCE vulnerabilities in Weblogic Server

Security Affairs

Oracle released its Critical Patch Update for July 2021 , it fixes hundreds of flaws, including Critical Remotely Exploitable vulnerabilities in Weblogic Server.

Kaseya Obtains Decryptor Key

Data Breach Today

Software Firm Helping Customers Affected by Ransomware to Recover The software firm Kaseya Thursday said it has received a decryptor key from a "third-party" that is enabling it to help clients recover from a REvil, aka Sodinokibi, ransomware attack