Wed.Nov 25, 2020

Home Depot Settles 2014 Breach Lawsuit for $17.5 Million

Data Breach Today

Home Supply Retailer Must Also Implement Several Cybersecurity Protocols The Home Depot reached a $17.5 million settlement in a class-action lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million of the retailer's customers.

Retail 197

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

FBI Warns of Uptick in Ragnar Locker Ransomware Activity

Data Breach Today

Bureau Says the Attacks Are Hitting Many Sectors The FBI has sent out a private industry alert warning about increasing attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note

Cyber Public Health

Schneier on Security

In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine. Uncategorized cybersecurity infrastructure threat models video

IT 67

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Hackers Exploit MobileIron Flaw

Data Breach Today

NCSC: Nation-State Hackers, Others Leveraging Remote Code Execution Bug The U.K. National Cyber Security Center is warning that nation-state hackers and cybercriminals are exploiting a remote vulnerability in MobileIron's mobile device management tool to target organizations in the country

More Trending

Botnet Operators Drop Banking Trojans for Ransomware

Data Breach Today

IoT Unravelled Part 3: Security

Troy Hunt

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together.

IoT 87

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

Security Affairs

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems.

MDM 60

Bringing Focus to Information Governance for Credit Unions via Credit Union Times

IG Guru

Photo by rupixen.com on Unsplash Check out the article here. The post Bringing Focus to Information Governance for Credit Unions via Credit Union Times appeared first on IG GURU.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

Retail giant Home Depot has agreed to a $17.5 million settlement in a multi-state investigation of the data breach that the company suffered in 2014. The US largest home improvement retailer giant Home Depot agrees to $17.5 million settlement over the 2014 data breach.

Look Beyond the 'Big 5' in Cyberattacks

Dark Reading

Don't ignore cyber operations outside US and European interests, researcher says. We can learn a lot from methods used by attackers that aren't among the usual suspects

52

Watch out, WAPDropper malware could subscribe you to premium services

Security Affairs

Researchers spotted a new mobile malware dubbed WAPDropper that subscribes users to legitimate premium-rate services. Security researchers from Check Point have spotted a new malware family dubbed WAPDropper that targets mobile phone users to subscribe them to legitimate premium-rate services.

Webinar Recap: The Results of Our Benchmark Survey on Collaboration Data and Corporate Readiness

Hanzo Learning Center

This fall, the team at Hanzo and the Association of E-Discovery Specialists (ACEDS) conducted a benchmark survey to learn how organizations were addressing what we broadly refer to as “collaboration data”—chat-based discussions and associated shared documents from platforms like Slack, Microsoft Teams, Google Chat, and more.

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Tips for Building a Robust Secure Coding Program

Rocket Software

Software code — whether it’s on mobile devices, personal computers, servers or mainframes — runs the risk of getting hacked. In turn, this can give hackers control of a device or application and lead to loss of user access, service and organizational secrets, and damage to the system.

Risk 52

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Threatpost

The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.

IoT 72

Why Security Awareness Training Should Be Backed by Security by Design

Dark Reading

Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior

Critical MobileIron RCE Flaw Under Active Attack

Threatpost

Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Prevention Is Better Than the Cure When Securing Cloud-Native Deployments

Dark Reading

The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur

Cloud 40

How to Update Your Remote Access Policy – And Why You Should Now

Threatpost

Reducing the risks of remote work starts with updating the access policies of yesterday.

Interview with Anthony Cosgrove of Harbr

Information Matters

Our interviews with leaders and founders of data-driven businesses continues in this Q&A with Anthony Cosgrove, Chief Strategy Officer and Co-Founder of Harbr. Harbr offers an innovative platform on which enterprises can build private data exchanges. Based in London, the company recently raised $38.5 million in Series A funding that promises to place Harbr at Read more. The post Interview with Anthony Cosgrove of Harbr appeared first on Information Matters - How to Innovate With Data.

40

Major BEC Phishing Ring Cracked Open with 3 Arrests

Threatpost

Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares. Government Malware Web Security arrests BEC BEC attacks Business Email Compromise cybercriminals global attacks interpol malware nigeria scam social engineering

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

It’s Not Working!

Adam Shostack

As we launched the threat modeling manifesto , we ran into some trouble with TLS. Some of you even reported those troubles, by saying “it’s not working.” ” Thanks. That’s so helpful. Sarcasm aside, there’s a basic form to a helpful bug report: “I did A, and observed B.” ” If you want to make it really useful, add “I expected C,” or even “and the impact is D.”

IT 40

EU Parliament Approves Collective Redress Directive

Hunton Privacy

On November 24, 2020, the European Parliament endorsed the new directive on representative actions for the protection of the collective interests of consumers (the “ Collective Redress Directive ”).

Metadata management best practices

Collibra

Metadata management is a cross-organizational agreement on how to define informational assets. The first blog of this series discusses how businesses are increasingly realizing the need for metadata management to drive data governance, compliance, collaboration and higher data quality.

Webinar on Machine Learning Hot Topics: Negotiating Global Data Protection and IP Terms

Hunton Privacy

On December 3, 2020, Hunton Andrews Kurth will host a webinar on Machine Learning Hot Topics: Negotiating Global Data Protection and IP Terms. Join our Hunton speakers, Brittany Bacon , Tyler Maddry and Anna Pateraki , as they discuss key data protection and intellectual property considerations when drafting and negotiating global agreements involving machine learning (“ML”) services and engaging in new ML practices.

Risk 43

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

Tools in Data Science

Cllax

Data science: Data science is a field that used to extract knowledge and different insights from systems by using different methods. Data science is like a big tree with roots. The post Tools in Data Science first appeared on Cllax - Top of IT. Guest Post

Home Depot Agrees to Pay $17.5 Million in Multistate Settlement Following 2014 Data Breach

Hunton Privacy

On November 24, 2020, a multistate coalition of Attorneys General announced that The Home Depot, Inc. Home Depot”) agreed to pay $17.5 million and implement a series of data security practices in response to a data breach the company experienced in 2014. The $17.5 million payment will be divided among the 46 participating states and the District of Colombia.

Sales 40

Top 7 Best PCI Compliant Hosting Providers

Cllax

Most people do not have an idea what PCI compliant hosting is when it is probably one of the most important things they need to learn about the internet. Those. The post Top 7 Best PCI Compliant Hosting Providers first appeared on Cllax - Top of IT. Providers

IT 26