Sat.Apr 04, 2020 - Fri.Apr 10, 2020

Spear-Phishing Campaign Uses COVID-19 to Spread LokiBot

Data Breach Today

FortiGuard Labs Researchers Find WHO Images Used As Lure Again A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using WHO images as a lure

BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

The Last Watchdog

Cyber criminals who specialize in plundering local governments and school districts are in their heyday. Related : How ransomware became a scourge Ransomware attacks and email fraud have spiked to record levels across the U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How to Keep Your Zoom Chats Private and Secure

WIRED Threat Level

Trolls. Prying bosses. Zoom's a great video chat platform, but a few simple steps also make it a safe one. Security Security / Security Advice

Emotat Malware Causes Physical Damage

Schneier on Security

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Using Metrics to Tell a Security Risk Story

Data Breach Today

Metrics can help CISOs clearly communicate the potential impact of risks to senior executives and win support for a risk management strategy, say Randall Frietzsche, enterprise CISO of Denver Health, and consultant Dave Bailey of CynergisTek, who describe a step-by-step approach in a joint intervie

Risk 141

More Trending

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

vpnMentor researchers discovered that the popular digital wallet application Key Ring exposed data belonging to millions of users in a huge data leak. The digital wallet application Key Ring recently exposed information from its 14 million users.

Micro Focus: a solution to the skills issue

Micro Focus

IBM Mainframe COBOL, enterprise-class, core application environments are often the lifeblood of an organisation. Whether commercial or government, revenue generating or providing vital services, these trusted systems underpin many of the most critical services that IT provides.

NIST Specialist Offers Telework Security Insights

Data Breach Today

With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice

How Marriott Customers Can Protect Themselves From The Latest Breach

Adam Levin

Marriott International announced a data breach that may have exposed the information of 5.2 million guests. Among the information potentially compromised are names, birthdates, mailing addresses, phone numbers, email addresses, and birthdates.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai.

This Map Shows the Global Spread of Zero-Day Hacking Techniques

WIRED Threat Level

The collection of countries using those secret hacking techniques has expanded far beyond the usual suspects. Security Security / Security News

Researcher Finds Flaws in HP's Software Assistant Tool

Data Breach Today

Bill Demirkapi Says Software Is Risky With Unpatched Issues A security researcher found 10 flaws within HP's Software Assistant Tool, which is installed across HP's desktop and laptop computers.

Thank You GoDaddy / Sucuri. A New Chapter Begins.

PerezBox

April 5th, 2020 marked the end of my three year journey with GoDaddy, and 9+ years with Sucuri. The time has come to say goodbye and venture off on a. Read More. The post Thank You GoDaddy / Sucuri. A New Chapter Begins. appeared first on PerezBox.

99

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

ENISA released a Tool to map dependencies to International Standards

Security Affairs

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators.

The Defense Production Act Won’t Fix America’s N95 Face Mask Shortage

WIRED Threat Level

The Trump administration put off using the DPA for weeks. Now it may be too late to help secure N95 masks where they're needed most. Security Security / Security News

IT 73

Prosecutors: 'Zoom-Bombing' Could Lead to Charges

Data Breach Today

Video Conferencing Hacking Violates U.S. Laws, Prosecutors Say Those who hack video conferences, such as via "Zoom bombing," are violating federal and state laws and could face prosecution, U.S. law enforcement officials say

141
141

Securing Corporate Data When Remote Working is the Norm

Thales eSecurity

While many companies have deployed extra measures to secure employees’ remote access to corporate resources and apps, it is important to think of all the necessary security measures to be taken in protecting sensitive data.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

New Coronavirus-themed campaign spread Lokibot worldwide

Security Affairs

Researchers spotted a new Coronavirus-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer.

A Notorious Spyware Vendor Wants to Track Coronavirus Spread

WIRED Threat Level

Plus: An evacuated aircraft carrier, Iranian hackers, and more of the week's top security news. Security Security / Security News

The Right Roles for SIEM and EDR

Data Breach Today

Cybereason's Sam Curry on Honing Threat Hunting Capabilities When it comes to threat hunting, what are the complementary uses of SIEM and EDR technologies? What are the unique use cases for each, and how can they coexist?

IT 141

Firefox Zero-Day Flaws Exploited in the Wild Get Patched

Threatpost

Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution. Hacks Vulnerabilities Web Security Firefox Firefox 74.0.1 for Linux 64-bit Firefox 74.0.1 for macOS Firefox 74.0.1 for Windows 32-bit Firefox 74.0.1

IT 103

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Firefox 74.0.1 addresses two zero-days exploited in the wild

Security Affairs

Mozilla releases Firefox version 74.0.1 to address two vulnerabilities exploited by threat actors in attacks in the wild, users should update their browsers asap.

IT 85

Why Humans Are Phishing's Weakest Link

Dark Reading

And it's not just because they click when they shouldn't. they also leave a trail of clues and details that make them easy to spoof

Zoom Promises Geo-Fencing, Encryption Overhaul for Meetings

Data Breach Today

Web Conferencing Provider Blames Routing of Keys via China on Scaling-Up Error Zoom, responding to research that identified encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls.

Government VPN Servers Targeted in Zero-Day Attack

Threatpost

The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360. Cloud Security Government Hacks Vulnerabilities advanced persistent threat APT attack China Chinese government coronavirus COVID-19 Cyberattacks Darkhotel Qihoo 360 remote working vpn servers

Popular OGUsers hacking forum breached for the second time in a year

Security Affairs

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet.

The cyber security risks of working from home

IT Governance

The days of 9–5 office hours were over long before coronavirus forced the majority of us to work from home.

Risk 60

Agile BI & Analytics is the Need of the Hour – Drive insights during Pandemic Uncertainty

Perficient Data & Analytics

In uncertain times like these its essential that we consider the disruption that is happening and take a nimble approach to help Organizations including my own by driving analytics and insights across the various Lines of Business.

FBI Threatens ‘Zoom Bombing’ Trolls With Jail Time

Threatpost

The FBI is cracking down on the practice of Zoom bombing, saying the hijacking of web conferences can be punishable by jail time. Vulnerabilities Web Security coronavirus Discord FBI hack Reddit work from home zoom zoom attack Zoom-bombing