Sat.Jul 04, 2020 - Fri.Jul 10, 2020

How Ekans Ransomware Targets Industrial Control Systems

Data Breach Today

Researchers Identified Malware Variants With Advanced Capabilities Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report.

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CISA warns organizations of cyberattacks from the Tor network

Security Affairs

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned enterprises about cyberattacks from the Tor network.

Risk 111

Encryption-Busting EARN IT Act Advances in Senate

WIRED Threat Level

Plus: A massive crime bust in Europe, a warning from US Cyber Command, and more of the week's top security news. Security Security / Security News

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Just How Lucrative Are BEC Scams?

Data Breach Today

Suspect Laundered Millions, Flaunted His Wealth on Social Media, Prosecutors Say A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department.

202
202

More Trending

Cisco Talos discloses technicals details of Chrome, Firefox flaws

Security Affairs

Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers.

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

WIRED Threat Level

For companies that haven't patched their BIG-IP products, it may already be too late. Security Security / Cyberattacks and Hacks

IT 92

Hey Alexa. Is This My Voice Or a Recording?

Data Breach Today

Researchers Develop Tool to Detect Replay Attacks Against Voice Assistants Voice-controlled assistants can be fooled by replaying a recording of someone's voice.

196
196

UK cyber crime rate has doubled in the past five years

IT Governance

The number of UK businesses that have suffered cyber attacks has doubled in the past five years, according to a new report. Beaming’s Five Years in Cyber Security found that 1.5 million organisations fell victim to cyber crime in 2019.

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Try2Cry ransomware implements wormable capability to infect other Windows systems

Security Affairs

A new piece of ransomware dubbed Try2Cry leverages infected USB flash drives and Windows shortcuts (LNK files) to infect other Windows systems. A new ransomware dubbed Try2Cry implements wormable capabilities to infect other Windows systems by using USB flash drives or Windows shortcuts (LNK files).

How to Assess More Sophisticated IoT Threats

Dark Reading

Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis

IoT 76

NASA Still Struggling With Agency-Wide Cybersecurity Program

Data Breach Today

IG Report Finds Agency's Infrastructure Remains Tempting Target for Hackers A recent Inspector General's report finds that NASA still struggles with implementing an agency-wide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019.

How to Passcode Lock Any App on Your Phone

WIRED Threat Level

Letting someone see your phone shouldn't also mean letting them snoop on your texts, photos, or emails. Here's how to stop it from happening. Security Security / Privacy Security / Security Advice

IT 77

The North Star Playbook

Every product needs a North Star. In this guide, we will show you the metrics product managers need to tie product improvements to revenue impact. If you are looking for a more-focused, less-reactive way to work, this guide is for you.

Huawei faces 5G ban from British’s 5G network within months

Security Affairs

UK Prime Minister Boris Johnson is going to ban the use of equipment from the Chinese tech giant Huawei in Britain’s 5G network, reported The Daily Telegraph.

ThiefQuest Ransomware for the Mac

Schneier on Security

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's hard to get infected: For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it.

Patching Urged as F5 BIG-IP Vulnerability Exploited

Data Breach Today

Researchers Say Exploited Flaw Could Lead to Complete System Compromises Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week.

Android Adware Tied to Undeletable Malware

Dark Reading

Adware on inexpensive Android smartphone can carry additional malware and be undeletable

72

B2B Pocket Playbook: End-to-End Guide to Sales Enablement

Sales enablement is the strategic process of providing sales teams with the content, guidance, and mentorship needed to engage targeted buyers. It’s all about equipping sales professionals with the tools they need to put their best-selling foot forward. And if sales teams want to continuously sell better -- and faster -- their sales enablement process must have a game-winning strategy. It's time for you to start selling smarter - and hitting your sales number - with the best B2B database in the market. Get started today.

European police infiltrate and dismantled EncroChat chat network

Security Affairs

A joint operation conducted by European police arrested hundreds of criminals after that agents infiltrated into EncroChat encrypted chat network.

Looks Like Russian Hackers Are on an Email Scam Spree

WIRED Threat Level

A group dubbed "Cosmic Lynx" uses surprisingly sophisticated methods—and targets big game. Security Security / Cyberattacks and Hacks

61

Progress Report: FIDO's Effort to Eliminate Passwords

Data Breach Today

Andrew Shikiar Describes Alliance's Latest Initiatives and How to Overcome Barriers Andrew Shikiar, executive director at the FIDO Alliance, offers an update on the group's efforts to reduce reliance on passwords and discusses how to overcome barriers

North Korea's Lazarus Group Diversifies Into Card Skimming

Dark Reading

Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms

Pressure Points: How to Ensure Your B2B Pipeline Passes Inspection

This eBook highlights best practices for developing a pipeline management process that helps sales leaders and their team C.L.O.S.E (you’ll see what we mean in this eBook) more revenue through data-driven prospecting, stage analysis, and subsequent sales enablement.

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

North Korea-linked Lazarus APT has been stealing payment card data from customers of large retailers in the U.S. and Europe for at least a year.

A Decade of Microsoft Most Valuable Professional

Troy Hunt

Last week, I received my 10th Microsoft Most Valuable Professional award. Being recognised as an MVP was a pivotal moment in my career and to continue receiving the award all these years later is an honour.

IT 94

Lawsuits After Ransomware Incidents: The Trend Continues

Data Breach Today

In Latest Case, Florida Practice Sued for Damages, and Security Mandates Sought A lawsuit seeking damages as well as security mandates has been filed against a Florida-based orthopedic group in the wake of a ransomware incident.

BEC Busts Take Down Multimillion-Dollar Operations

Dark Reading

The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration

71

Marketing-Led Post-COVID-19 Growth Strategies

Businesses are laying off workers, shutting their doors (some permanently), and struggling to react to the radical destruction that coronavirus (COVID-19) is doing to our society and communities. Most have already sustained massive damage, and we still have yet to see the scope of impact of the global pandemic that has upended the globe. Any return to normalcy may seem far-off, but sales and marketing are on the front lines of restarting the economy. When the dust settles, we have a responsibility to turn our shock and grief into fierce determination, and lead the charge of responsible, strategic, sustainable future growth. However, there’s no team better suited to lead that charge than the marketing department. Marketers are uniquely positioned to provide creative solutions to aid their organization in times of change and chart a course for navigating success.

US Cyber Command urges F5 customers to fix critical flaw in BIG-IP product

Security Affairs

F5 Networks has published a security advisory warning customers to patch a critical flaw in BIG-IP product that is very likely to be exploited.

IoT Security Principles

Schneier on Security

The BSA -- also known as the Software Alliance, formerly the Business Software Alliance -- is an industry lobbying group. They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things.". They call for: Distinguishing between consumer and industrial IoT.

57

North Korean Hacking Infrastructure Tied to Magecart Hits

Data Breach Today

Hidden Cobra Stealing E-Commerce Payment Card Data, Security Firm Sansec Reports Hackers with apparent ties to North Korea have extended their bag of online attack tricks beyond cryptocurrency mining, online bank heists and ransomware. Now, they're also hitting e-commerce merchants in the U.S.

Mining 147