Krebs on Security

OCTOBER 12, 2020

Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that the crime machine abused the software giant’s trademarks.

Ransomware 360

Ransomware Military Passwords IT 360

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia.

Ransomware 145

Ransomware IoT Sales Communications 145

Data Breach Today

OCTOBER 23, 2020

Report: Hall County Continuing to Restore Systems An Oct. 7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. The DoppelPaymer gang has taken credit for the attack.

Ransomware 348

Ransomware 348

Krebs on Security

OCTOBER 15, 2020

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country. An ad on the popular carding site Joker’s Stash for “BlazingSun,” which fraud experts have traced back to a card breach at Dickey’s BBQ.

Sales 360

Sales Data breaches Retail Ransomware 360

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

OCTOBER 13, 2020

Words are important. Beyond that, the words you choose can mean the difference between someone understanding what you’re saying and someone giving you that glazed expression with one eyebrow lifted saying, “Huh?”. It’s just as important to think of WHO you are communicating to, as it is to think of WHAT you’re trying to say. Allow me to share a quick example to illustrate my point.

Records Management 244

Records Management Information governance Government Content services 244

erwin

OCTOBER 8, 2020

More and more companies are looking at cloud migration. Migrating legacy data to public, private or hybrid clouds provide creative and sustainable ways for organizations to increase their speed to insights for digital transformation, modernize and scale their processing and storage capabilities, better manage and reduce costs, encourage remote collaboration, and enhance security, support and disaster recovery.

Cloud 145

Cloud Government Metadata Data structuring 145

Security Affairs

OCTOBER 24, 2020

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. The bait message uses fake notifications of a “missed chat” from Microsoft Teams, the campaigns aims at stealing Office 365 recipients’ login credentials.

Phishing 145

Phishing Passwords Communications Security 145

Data Breach Today

OCTOBER 5, 2020

Employee Surveillance Violations Trigger Germany's Biggest Privacy Fine to Date Privacy regulators in Germany have slammed clothing retailer H&M with a $41 million fine for collecting and retaining private employee data in violation of the EU's General Data Protection Regulation. H&M has apologized, instituted changes and promised to financially compensate employees.

Retail 345

Retail GDPR Privacy 345

Krebs on Security

OCTOBER 1, 2020

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Image: Shutterstock. In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial in

Ransomware 363

Ransomware Insurance Risk Government 363

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Troy Hunt

OCTOBER 2, 2020

Sexuality, relationships and online dating are all rather personal things. They're aspects of our lives that many people choose to keep private or at the very least, share only with people of our choosing. Grindr is "The World's Largest Social Networking App for Gay, Bi, Trans, and Queer People" which for many people, makes it particularly sensitive.

Passwords 145

Passwords Access Security Authentication 145

Schneier on Security

OCTOBER 2, 2020

Note: This isn’t my usual essay topic. Still, I want to put it on my blog. Six months into the pandemic with no end in sight, many of us have been feeling a sense of unease that goes beyond anxiety or distress. It’s a nameless feeling that somehow makes it hard to go on with even the nice things we regularly do. What’s blocking our everyday routines is not the anxiety of lockdown adjustments, or the worries about ourselves and our loved ones — real though those worries ar

Education 144

Education IT Risk 144

erwin

OCTOBER 16, 2020

It’s certainly no secret that data has been growing in volume, variety and velocity, and most companies are overwhelmed by managing it, let alone harnessing it to put it to work. We’re now generating 2.5 quintillion bytes of data every day, and 90% of the world’s data volume has been created in the past two years alone. With this absolute data explosion, it’s nearly impossible to filter out the time-sensitive data, the information that has immediate relevance and impact o

Artificial Intelligence 145

Artificial Intelligence Analytics Digital transformation Customer Experience 145

Security Affairs

OCTOBER 13, 2020

Britain’s most senior cyber general declared that the UK has implemented an advanced offensive cyberwar capability that could destroy its enemies. Gen Sir Patrick Sanders, the UK’s strategic command chief, announced that that the UK has implemented an advanced offensive cyberwar capability that could potentially “degrade, disrupt and destroy” the critical infrastructure of its adversaries.

Government 145

Government Military IT Security 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

OCTOBER 20, 2020

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.

Military 338

Military 338

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.

Security 357

Security Ransomware Agriculture Cybersecurity 357

Troy Hunt

OCTOBER 28, 2020

Been a lot of "victim blaming" going on these last few days. The victim, through no fault of their own, has been the target of numerous angry tweets designed to ridicule their role in internet security and suggest they are incapable of performing their duty. Here's where it all started: This is a great example of how bad people are at reading and understanding even the domain part of the URL then making decisions based on that which affect their security and privacy (see the answer under the pol

Phishing 144

Phishing Passwords Education IT 144

Schneier on Security

OCTOBER 12, 2020

Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. So far, they have received $289K. One of the worst of all the bugs they found would have allowed criminals to create a worm that would automatically steal all the photos, videos, and documents from someone’s iCloud account and then do the same to the victim’s contacts.

143

143

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

erwin

OCTOBER 1, 2020

The erwin WFH (Work From Home) Impact Manager is a remote-work app that provides visibility and intelligence to help remote workers be more productive and process-compliant. The global pandemic is the single most disruptive event in modern times. Almost overnight organizations across the globe faced lockdowns, forcing them to switch to a remote-first workforce.

Compliance 143

Compliance Sales Communications Financial Services 143

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. Threat actors have managed to steal employee salary payments at several Swiss universities, including the University of Basel. “According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities.

Phishing 145

Phishing Access IT Security 145

Data Breach Today

OCTOBER 5, 2020

In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.

Ransomware 328

Ransomware 328

Krebs on Security

OCTOBER 9, 2020

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Image: Shuttstock.

Ransomware 340

Ransomware Military Passwords Access 340

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Hunton Privacy

OCTOBER 2, 2020

On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an advisory alerting companies of potential sanctions risks related to facilitating ransomware payments. The five-page advisory states that ransomware victims who pay ransom amounts, and third-party companies that negotiate or pay ransom on their behalf, “not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”.

Ransomware 143

Ransomware Risk Government Security 143

Troy Hunt

OCTOBER 15, 2020

You know how some people are what you'd call "house proud" in that they like everything very neat and organised? You walk in there and everything is in its place, nice and clean without clutter. I'm what you'd call "network proud" and the same principle applies to how I manage my IP things: That's just a slice of my Ubiquiti network map which presently has 91 IP addresses on it between clients and network devices.

Privacy 141

Privacy IoT Risk IT 141

erwin

OCTOBER 22, 2020

Thoughts on erwin Insights Day No. 2 Keynote. If you didn’t watch New York Times Best-Selling Author Keith Ferrazzi’s keynote from erwin Insights 2020 , what are you waiting for? I was blown away by Keith’s perspective on “Leading Without Authority” and it got me thinking about my own career, our employees here at erwin, work as we knew it, and work as we’ll know it in a post-COVID world.

Authentication 140

Authentication IT 140

Security Affairs

OCTOBER 11, 2020

The US DHS’s Homeland Threat Assessment (HTA) report revealed that threat actors have targeted the US Census network during the last year. The US Department of Homeland Security revealed that unknown threat actors have targeted the network of the US Census Bureau during the last year. The attacks were reported in the first Homeland Threat Assessment (HTA) report released earlier this week.

Government 145

Government Data collection Access Communications 145

Advertisement

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

Education

Data Breach Today

OCTOBER 28, 2020

FBI's Elvis Chan on What to Expect Before - and After - Nov. 3 Election FBI agent Elvis Chan has dedicated his past four years to ensuring U.S. election security. With the Nov. 3 election less than a week away, he opens up on concerns about Russian, Chinese and Iranian interference and threats he'll be watching before and after the vote.

Security 321

Security 321

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. A text snippet from one of the bogus Trickbot configuration updates.

Ransomware 339

Ransomware Passwords Security IT 339

Schneier on Security

OCTOBER 5, 2020

Interesting usability study: “ More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

Authentication 141

Authentication Risk Passwords Paper 141