Sat.Jun 18, 2022 - Fri.Jun 24, 2022

Securing Digital Payments in the Future

Data Breach Today

Mastercard's Nick Coleman Discusses 'Threatcasting' and Real-Time Payments Ten years from now, "the ability to transact on a global basis will continue," says Nick Coleman, CSO, real-time payments at MasterCard, who adds, "Maybe my car will buy stuff for me."

7 Ways to Avoid Worst-Case Cyber Scenarios

Dark Reading

In the wake of devastating attacks, here are some of the best techniques and policies a company can implement to protect its data

IT 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

FBI Warns of Fraudsters on LinkedIn

KnowBe4

The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, told CNBC in an interview that cryptocurrency scams have been particularly widespread recently.

92

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Authorities in the United States, Germany, the Netherlands and the U.K.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Police Dismantle Dutch Phishing Gang

Data Breach Today

Belgian and Dutch Police Arrest 9 Suspects Over Theft of 'Millions of Euros' Belgian and Dutch police with the support of Europol dismantled an organized crime gang involved in carrying out phishing, money laundering and other scams.

More Trending

On the Dangers of Cryptocurrencies and the Uselessness of Blockchain

Schneier on Security

Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space. Nothing in that letter is out of the ordinary, and is in line with what I wrote about blockchain in 2019.

Without Conti On The Scene, LockBit 2.0 Leads Ransomware Attacks

Dark Reading

Analysts say an 18% drop in ransomware attacks seen in May is likely fleeting, as Conti actors regroup

Canada's Desjardins Settles Data Breach Lawsuit for $155M

Data Breach Today

Million Customers' Private Details Sold by 'Malicious' Insider for 26 Months Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit.

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

The Last Watchdog

Specialization continues to advance apace in the cybercriminal ecosystem. Related: How cybercriminals leverage digital transformation. Initial access brokers, or IABs , are the latest specialists on the scene. IABs flashed to prominence on the heels of gaping vulnerabilities getting discovered and widely exploited in Windows servers deployed globally in enterprise networks.

Access 144

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods

Security Affairs

Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods.

IoT 110

AI Is Not a Security Silver Bullet

Dark Reading

AI can help companies more effectively identify and respond to threats, as well as harden applications

Siemens Patches Vulnerabilities in Network Management System

Data Breach Today

15 Flaws Can Be Exploited for DoS and RCE Attacks, Credential Leaks Siemens is advising its SINEC NMS customers to update to version V1.0 SP2 or newer in order to prevent exploitation of vulnerabilities that could allow remote execution of malicious code.

GUEST ESSAY: New SEC rules aim to help C-levels, board members quantify cyber risks

The Last Watchdog

The U.S. Securities and Exchange Commission (SEC) is taking steps to crack down on insufficient cyber risk reporting. Related : Making third-party risk audits actionable. Seeking to minimize cybersecurity threat effects, the SEC has proposed several amendments requiring organizations to report on cyber risk in a “fast, comparable, and decision-useful manner.”. Worryingly, threats are beginning to outpace organizations’ ability to effectively prevent and respond to them.

Risk 127

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Symbiote Backdoor in Linux

Schneier on Security

Interesting : What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines.

Microsoft 365 Users in US Face Raging Spate of Attacks

Dark Reading

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes

Cyberattack Blamed for Setting Off Rocket Sirens in Israel

Data Breach Today

Sirens Ring in Jerusalem, Eilat; System Used to Warn Citizens About Missile Attacks Iranian hackers may be responsible for rocket sirens sounding for almost an hour in two Israeli cities on Sunday night.

Fireside chat: New ‘SASE’ weapon chokes off ransomware before attack spreads laterally

The Last Watchdog

It’s stunning that the ransomware plague persists. Related: ‘SASE’ blends connectivity and security. Verizon’s Data Breach Incident Report shows a 13 percent spike in 2021, a jump greater than the past years combined; Sophos’ State of Ransomware survey shows victims routinely paying $1 million ransoms. In response, Cato Networks today introduced network-based ransomware protection for the Cato SASE Cloud.

Cloud 130

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills

Schneier on Security

Two bills attempting to reduce the power of Internet monopolies are currently being debated in Congress: S. 2992, the American Innovation and Choice Online Act ; and S. 2710, the Open App Markets Act.

Feds Take Down Russian 'RSOCKS' Botnet

Dark Reading

RSOCKS commandeered millions of devices in order to offer proxy services used to mask malicious traffic

111
111

Flagstar Bank Breach Affects 1.5 Million Customers

Data Breach Today

Bank Discovers Breach 6 Months After Attack; Second Such Incident in 2 Years A publicly traded issuer of home mortgages is notifying 1.5 million consumers of a December cyber incident on its network that leaked PII, including customers' Social Security numbers.

Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

The Last Watchdog

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. This worked extremely well for users accessing network resources remotely via their company-issued laptops and immobile home computers.

Cloud 122

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28.

Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign

Dark Reading

Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine

102
102

Techniques to Improve Supply Chain Confidence

Data Breach Today

Highlights from ISACA's Supply Chain Security Report Former ISACA board chair Rob Clyde shares highlights from ISACA's "Supply Chain Security Gaps: A 2022 Global Research Report," in which 25% of respondents say they experienced a supply chain attack last year, and offers recommendations for assessments and testing of software.

The Importance of Data Governance and Compliance

IT Governance

Data governance and regulatory compliance go hand in hand. Organisations need robust governance practices if they are to stay on top of their legal requirements, while those obligations are designed to help them operate more effectively.

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. Resecurity, Inc. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft.

Why Financial Institutions Must Double Down on Open Source Investments

Dark Reading

Open source is here to stay, and it's imperative that CIOs have a mature, open source engagement strategy, across consumption, contribution, and funding as a pillar of digital transformation

Lawsuit: Facebook Is Collecting Patient Data of 'Millions'

Data Breach Today

Class Action Alleges Meta Pixel Code Tracks Websites, Patient Portal Interactions A proposed federal class action lawsuit alleges that Facebook is unlawfully collecting "millions" of individuals' information from the websites and patient portals of "hundreds" of medical providers without the knowledge and consent of patients.