Sat.Jun 27, 2020 - Fri.Jul 03, 2020

article thumbnail

COVID-19 ‘Breach Bubble’ Waiting to Pop?

Krebs on Security

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse.

Sales 344
article thumbnail

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind couching these events as newsworthy is that the attacks involve publicly traded companies or recognizable brands, and that investors and th

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Security Value of Inefficiency

Schneier on Security

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing. Running just at the margins is efficient. A single just-in-time global supply chain is efficient. Consolidation is efficient. And that's all profitable. Inefficiency, on the other hand, is waste. Extra inventory is inefficient.

Security 111
article thumbnail

US Cyber Command Alert: Patch Palo Alto Networks Products

Data Breach Today

'Critical' Authentication Bypass Risk Posed by Easy-to-Exploit PAN-OS Software Flaw Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

Researchers revealed that the number of daily brute-force attacks on Windows RDP has doubled during the pandemic lockdown. Security experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown. The phenomenon is not surprising because during the COVID-19 lockdown employees were forced to work from home remote accessing company infrastructure.

Passwords 144

More Trending

article thumbnail

Is It Legal for Cops to Force You to Unlock Your Phone?

WIRED Threat Level

Because the relevant Supreme Court precedents predate the smartphone era, the courts are divided on how to apply the Fifth Amendment.

IT 112
article thumbnail

University of California SF Pays Ransom After Medical Servers Hit

Dark Reading

As one of at least three universities hit in June, the school paid $1.14 million to cybercriminals following an attack on "several IT systems" in the UCSF School of Medicine.

IT 89
article thumbnail

Co-Creator of Site That Sold Payment Card Data Pleads Guilty

Data Breach Today

Infraud Organization's Site, Shuttered in 2018, Tied to $530 Million in Fraud A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty.

328
328
article thumbnail

The State of Content Management in 2020 [Expert Tips & Research]

AIIM

Few announcements in information management have been bigger than Gartner’s article heard round the world that announced the death of Enterprise Content Management (ECM) as we knew it. Michael Woodbridge’s quote gets straight to the point here: “ECM is now dead (kaput, finite, an ex-market name), at least in how Gartner defines the market. It’s been replaced by the term content services, a strategic concept that covers three aspects, namely content services Applications, Platforms and Components

ECM 193
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Worst Hacks and Breaches of 2020 So Far

WIRED Threat Level

Iran, China, Russia—the gang was all here in the first half of this year. Oh, and also an unprecedented pandemic that’s been a boon for hackers.

Security 145
article thumbnail

How You Can Write Better Threat Reports

Lenny Zeltser

Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I’m happy to share what I’ve learned over the years about writing effective threat reports in the following 36-minute video.

Phishing 145
article thumbnail

Victim Count in Magellan Ransomware Incident Soars

Data Breach Today

Breach Reports Show Growing Tally of Affiliates, Individuals Affected The number of companies and individuals affected by an April ransomware attack on managed care provider Magellan Health continues to grow. This illustrates the risks faced by interconnected organizations in the healthcare sector.

article thumbnail

Netgear is releasing fixes for ten issues affecting 79 products

Security Affairs

Netgear is addressing ten vulnerabilities affecting nearly 80 of its products, including issues discovered at the Pwn2Own hacking competition. Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI).

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Threatpost

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.

article thumbnail

Marketers: Your Role In Social Discourse Is Critical

John Battelle's Searchblog

How Brands Can Fix the Relationship Between Platforms, Audiences, and Media Companies (Hint: It’s Not a Boycott). (Second of a series. The first post reviews the media and platform ecosystem, and laments the role brand marketers have played in its demise.) . In my first post of this series, I laid out a fundamental problem with how digital media works today.

Marketing 143
article thumbnail

Brute-Force Attacks Targeting RDP on the Rise

Data Breach Today

ESET Researchers: Attacks Open the Door to Launching Ransomware, Planting Cryptominers Since the start of the COVID-19 pandemic, the number of brute-force attacks targeting RDP connections has steadily increased, spiking to 100,000 incidents per day in April and May, according to the security firm ESET. These attacks pave the way for launching ransomware attacks and planting cryptominers.

article thumbnail

A threat actor is selling databases stolen from 14 companies

Security Affairs

A threat actor is selling databases containing data belonging to 14 different companies he claimed were hacked in 2020. A threat actor is selling databases that contain user records for 14 different organizations he claimed were hacked in 2020, only for four of them ( HomeChef , Minted , Tokopedia , and Zoosk ) were previously reported data breaches.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Refreshing Insights for Modern COBOL

Micro Focus

Introduction In its seventh decade, COBOL’s heritage is legendary. This month sees yet another stride forward in COBOL innovation, with the latest release of the Micro Focus Visual COBOL and Enterprise product sets. But what of its practitioners? Where is the investment? We caught up two new members of the COBOL community, from our recent. View Article.

IT 142
article thumbnail

New Mac Ransomware Is Even More Sinister Than It Appears

WIRED Threat Level

The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers.

IT 141
article thumbnail

It's Official: CCPA Enforcement Begins

Data Breach Today

Move Comes Despite Lack of Final Version of Sweeping Data Protection Law Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take.

IT 303
article thumbnail

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.

Passwords 145
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Threatpost

New ‘smishing’ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.

Phishing 137
article thumbnail

Schools Already Struggled With Cybersecurity. Then Came Covid-19

WIRED Threat Level

A lack of dedicated funding and resources made it hard to keep data secure—and that was before classes moved almost entirely online.

article thumbnail

Digital IDs: A Progress Report

Data Breach Today

The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.

Security 299
article thumbnail

France Télévisions group hit by a cyber attack, its antennas were not impacted

Security Affairs

The France Télévisions group announced yesterday that it was hit by a cyber attack, targeting one of its broadcasting sites. The France Télévisions group announced Friday that it was the victim of a cyber attack that targeted one of its broadcasting sites. According to the group, the attack did not impact its antennae. “One of its dissemination sites has been infected with a computer virus.” reads a statement issued by the Franch group.

IT 145
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Rikke Jacobsen: Helping Danish companies build solid analytics foundations and prepare for change

IBM Big Data Hub

Follow @IBMAnalytics. This story is part of Analytics Heroes, a series of profiles on leaders transforming the future of business analytics.

Analytics 132
article thumbnail

EDPB Publishes One-Stop-Shop Decisions Register

Hunton Privacy

On June 25, 2020, the European Data Protection Board (“EDPB”) published a new register containing decisions by national supervisory authorities (“SAs”) based on the One-Stop-Shop cooperation procedure set forth under Article 60 of the EU General Data Protection Regulation (the “GDPR”). Under Article 60 of the GDPR, SAs have the duty to cooperate on cross-border cases to ensure consistent application of the GDPR.

GDPR 123
article thumbnail

Studying an 'Invisible God' Hacker: Could You Stop 'Fxmsp'?

Data Breach Today

Successful Hacking Operation Often Relied on Simple, Easy-to-Block Tactics Could your organization withstand an attack by the master hacking operation known as "Fxmsp"? Hollywood loves to portray hackers as having ninja-like skills. But Fxmsp often favored the simplest tools for the job, because they so often worked. Defenders: Take note.

279
279