2022

FBI: Russian Forums Sell Higher Education Credentials

Data Breach Today

Agency Spotted Compromised Credentials On Various Dark Web Forums The FBI is warning the U.S. higher education sector about compromised sensitive credentials and network access information advertised for sale across various public and Dark Web forums.

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Krebs on Security

Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address or physical address.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

Google, Microsoft and Apple are bitter arch-rivals who don’t often see eye-to-eye. Related: Microsoft advocates regulation of facial recognition tools. Yet, the tech titans recently agreed to adopt a common set of standards supporting passwordless access to websites and apps.

Ukraine and Romania Suffer Large Scale DDoS Attacks

Data Breach Today

Killnet Claims Responsibility for Targeting Romanian Authorities The Computer Emergency Response Team of Ukraine, along with the National Bank of Ukraine, are warning of massive DDoS attacks against pro-Ukrainian targets.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

A $150 Million Plan to Secure Open-Source Software

Data Breach Today

Areas of Proposed Investments Include SBOMs, Software Supply Chains The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S.

More Trending

Highlights of RSA Conference 2022

Data Breach Today

The latest edition of the ISMG Security Report includes highlights and observations from RSA Conference 2022, including a key message from RSA CEO Rohit Ghai. It also discusses the value of automation and the Cybersecurity and Infrastructure Security Agency's mission to grow cyber talent

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level.

Reports: Russian IPs Scanning US Energy Firms, Others

Data Breach Today

Bulletin Reportedly Issued Just Days Before Biden Warned of Cyber Activity Just days before U.S. President Joe Biden warned that intelligence is pointing toward potential Russian cyberattacks against the U.S.,

IRS Will Soon Require Selfies for Online Access

Krebs on Security

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year.

Access 285

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Phisher Jailed After Tricking Pentagon Out of $24 Million

Data Breach Today

California Resident Found Guilty on Total of 6 Criminal Counts Sercan Oyuntur, a 40-year-old California resident, has been found guilty of stealing payments of over $23 million from the U.S. Department of Defense, according to the U.S. Department of Justice.

T-Mobile Breached Again; Lapsus$ Behind the Attack

Data Breach Today

Company Says No Sensitive Customer or Government Information Leaked The US telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts.

CISA Advises Federal Agencies to Patch VMware Flaws

Data Breach Today

Emergency Directive Says Many Threat Actors Are Exploiting the Bugs in the Wild An emergency directive from the U.S.

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. These individuals have many transferable skills that would make cybersecurity a prosperous civilian career.

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Ransomware Ecosystem: Big Changes Since Colonial Pipeline

Data Breach Today

The latest edition of the ISMG Security Report analyzes the changes in the ransomware landscape one year after the attack on Colonial Pipeline. It also revisits the Ryuk ransomware attack on a school district in Illinois and examines common culprits hindering effective Zero Trust adoption

ISMG Editors: Are We Closing in on a Federal Privacy Law?

Data Breach Today

The State of Passwordless in 2022, New Identity Technologies In the latest weekly update, Jeremy Grant, coordinator of the Better Identity Coalition, joins three editors at ISMG to discuss important cybersecurity issues, including where we are with passwordless, if we are getting closer to a U.S.

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency.

Mining 278

Twitter Fined $150M for Misusing Private Data to Sell Ads

Data Breach Today

Firm Deceptively Used Account Security Data of 140 Million Users A $150 million penalty has been slapped on Twitter for deceptively using account security data of millions of users for targeted advertising, the U.S. Justice Department and the Federal Trade Commission say.

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

FBI: Hospital Averted 'Despicable' Iranian Cyberattack

Data Breach Today

FBI Director Says Boston Children's Hospital Was Targeted Last Summer Boston Children's Hospital thwarted a cyberattack by government-backed Iranian hackers last summer after U.S.

APTs Using New Tools to Target ICS/SCADA

Data Breach Today

US Government Agencies, Mandiant, Dragos, Schneider Electric Issue Joint Advisory U.S.

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Krebs on Security

Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers.

Scammers Send Fake Ukraine Aid Requests to Phish Victims

Data Breach Today

Criminals Seek Cryptocurrency and Other Monetary Donations , FBI Says The FBI says in an alert that scammers have been posing as Ukrainian entities to fraudulently seek donations and other financial assistance for the war-torn country.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

The Evolution of Phishing From Email to SMS and Voice Hacks

Data Breach Today

KnowBe4's Roger Grimes on Why MFA Alone Isn't a Successful Hack Prevention Strategy Phishing is no longer restricted to just emails.

Fake Windows Upgrade Site Delivering Info-Stealer Malware

Data Breach Today

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade.

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

Might it be possible to direct cool digital services at holistically improving the wellbeing of each citizen of planet Earth? Related: Pursuing a biological digital twin. A movement aspiring to do just that is underway — and it’s not being led by a covey of tech-savvy Tibetan monks. This push is coming from the corporate sector.

Sophos Buys Startup SOC.OS to Spot Attacker Activity Sooner

Data Breach Today

Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms.

Data Value Scorecard Report

This report examines the quantitative research of data leaders on data value and return on investment.

Breach At Turkey’s Pegasus Airlines Exposes 6.5 TB of Data

Data Breach Today

Misconfigured AWS S3 Bucket, Which Led to the Breach, Has Now Been Secured A data breach at Turkish firm Pegasus Airlines has put more than 6.5 TB of sensitive electronic flight bag data at risk, including sensitive flight details, source code and staff data, say researchers.

Norton 360 Now Comes With a Cryptominer

Krebs on Security

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers.

Mining 268

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Krebs on Security

Researchers are tracking a number of open-source “ protestware ” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine.