Dark Reading

APRIL 14, 2020

The pandemic has driven more of our personal and work lives online - and for the bad guys, business is booming. Here's how you can protect yourself.

113

113

Data Breach Today

APRIL 17, 2020

Prices for Kits Soar; Ads Proliferate on Dark Net Markets Ads for phishing kits doubled last year on underground forums and dark net markets, with prices skyrocketing over 149 percent - an apparent indicator of strong demand, according to security firm Group-IB.

Phishing 165

Phishing Marketing Security 165

Dark Reading

APRIL 15, 2020

The more things change, the more they stay the same. Much of the world is still behind on the basics.

Cybersecurity 80

Cybersecurity 80

Troy Hunt

APRIL 16, 2020

Hot on the heels of onboarding the USA government to Have I Been Pwned last month , I'm very happy to welcome another national government - Iceland! As of today, Iceland's National Computer Security Incident Response Team ( CERT-IS ), now has access to the full gamut of their gov domains for both on-demand querying and ongoing monitoring. As with the USA and Iceland, I expect to continue onboarding additional governments over the course of 2020 and expanding their access to meaningful data about

Government 140

Government Access Security 140

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

APRIL 14, 2020

Study Shows Fingerprints Made With 3D Printer Can Fool Sensors, But Process Is Difficult Fake fingerprints created with a 3D printer can bypass biometric scanners to unlock smartphones, laptops and other devices under certain circumstances, according to a study from a Cisco Talos.

260

260

Data Breach Today

APRIL 17, 2020

Suspected Arson Attacks on Transmitter Masts Disrupt Emergency Services As countries pursue national 5G rollouts, an unwanted security challenge has intensified: Some extremists have been vandalizing or even firebombing transmitter masts, driven by conspiracy theories suggesting not only that 5G poses a public health risk, but that it also helps cause COVID-19.

Risk 243

Risk Security IT 243

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also announced to have blocked more than 240 million spam messages related to the ongoing COVID-19 pandemic.

Phishing 362

Phishing Government Security IT 362

Thales Cloud Protection & Licensing

APRIL 16, 2020

The drastic changes we’re experiencing in our personal and professional lives would have been impossible to imagine just a year ago when we shared this blog about CEOs becoming more actively involved in data security conversations in the boardroom. Now, our new reality demands these questions are asked and answered by C-suite executives who must be certain about data security in uncertain times.

Security 79

Security Encryption Cloud Compliance 79

Data Breach Today

APRIL 14, 2020

Hank Thomas of Strategic Cyber Ventures on How the Industry Is Poised to Emerge From Crisis Before the COVID-19 pandemic, venture capitalist Hank Thomas helped launch SCVX, a cybersecurity-focused special purpose acquisition company. Post-pandemic, Thomas sees a bright future in filling what he sees as the market need for a scalable, integrated platform.

Cybersecurity 165

Cybersecurity Marketing 165

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Schneier on Security

APRIL 17, 2020

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them : GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and awareness tasks it set out to. The status of various efforts is simply unknown because no one has tracked their progress.

IT 93

IT Security Education Cybersecurity 93

Security Affairs

APRIL 13, 2020

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police. The operation was conducted with the support of Europol, Interpol, and the FBI along with web hosting providers and domain registrars.

IoT 363

IoT Government Personal data Access 363

Threatpost

APRIL 13, 2020

The Grandoreiro banking malware uses remote overlay and a fake Chrome browser plugin to steal from banking customers.

115

115

The Last Watchdog

APRIL 13, 2020

We’ve come to rely on our smartphones to live out our digital lives, both professionally and personally. When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while at the same time respecting an individual’s privacy. Reacting to the BYOD craze , mobile security frameworks have veered from one partially effective approach to the next over the past decade.

Security 205

Security Computer and Electronics Encryption Privacy 205

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Data Breach Today

APRIL 11, 2020

Ukrainian Man Behind the Actual Hacking Remains at Large The U.S. SEC has settled charges against two traders who were accused of profiting from the hacking of an EDGAR server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.

Authentication 342

Authentication IT 342

Security Affairs

APRIL 16, 2020

Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker. The threat is not new, hackers are again attacking clients of Portuguese banking organizations via a specially crafted Android Trojan-Banker from phishing campaigns launched from Brazil. The last occurrence this line was recorded on March 13rd, 2020, where a similar Trojan-Banker was disseminated targeting other clients of different banking organizations.

Authentication 363

Authentication Phishing Data structuring Access 363

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives.

Cybersecurity 340

Cybersecurity Phishing Government Ransomware 340

WIRED Threat Level

APRIL 12, 2020

Online tracking can often feel downright invasive. From using VPNs to clearing browser histories, we've got your back.

Security 317

Security 317

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

APRIL 13, 2020

Officials Say Usernames and Passwords Stolen San Francisco International Airport has disclosed that hackers stole usernames and passwords from two of its websites in March.

Passwords 342

Passwords IT 342

Security Affairs

APRIL 13, 2020

Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Sellers are advertising them for.0020 cents each, in some cases they are offered for free. The huge trove of account credentials was not stolen by Zoom, instead, it appears the result of credential stuffing attacks that leverage records from third-party data breaches.

Sales 364

Sales Passwords Phishing Data breaches 364

Krebs on Security

APRIL 16, 2020

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic.

Phishing 321

Phishing Data collection Security Government 321

The Last Watchdog

APRIL 16, 2020

Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber crimes ever get reported to law enforcement.

Security 276

Security Ransomware Authentication Access 276

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

Data Breach Today

APRIL 15, 2020

Video-Sharing Service Does Not Always Use TLS/SSL Encryption TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say. That could be especially damaging in the current pandemic environment, where misinformation and confusion abounds.

Encryption 334

Encryption IT 334

Security Affairs

APRIL 12, 2020

Security researchers discovered an archive available on a dark web forum that includes thousands of compromised Zoom credentials. Researchers discovered a database available on an underground forum in the dark web that contained more than 2,300 compromised Zoom credentials. Some of the records also included meeting IDs, names and host keys. The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software comp

Phishing 364

Phishing Archiving Passwords Data breaches 364

Krebs on Security

APRIL 14, 2020

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.

Libraries 307

Libraries Security Authentication IT 307

WIRED Threat Level

APRIL 11, 2020

Plus: WhatsApp updates, a ransomware scheme, and more of the week's top security news.

Ransomware 266

Ransomware IT Security 266

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

APRIL 15, 2020

More Advanced Cybercrime Services Help Hackers Boost Illicit Earnings Many criminals are continuing to tap cybercrime platforms and services to make it easier to earn an illicit paycheck, sometimes by combining tools, such as Emotet, Ryuk and TrickBot. This "loader-ransomware-banker trifecta has wreaked havoc" in recent years, says security firm Intel 471.

Ransomware 331

Ransomware Security IT 331

Security Affairs

APRIL 11, 2020

Monte dei Paschi, one of the biggest Italian banks, suffered a cyber attack, hackers accessed the mailboxes of some employees and sent emails to clients. Italian state-owned bank Monte dei Paschi discloses a security breach, hackers have accessed the mailboxes of some employees and sent emails to clients. The news was reported by the Reuters that seen a notice sent by the Italian bank to its customers.

Access 363

Access Phishing Government Security 363

AIIM

APRIL 16, 2020

Thanks to the internet and the connected world we live in, working remotely is increasing in popularity for a good reason ! The benefits of working from home have been good for both organization and their employees. On the one hand, organizations can hire talent despite the geographical issue and provide a flexible work schedule, minimized exposure to germs, and so on!

Security 149

Security Passwords Cloud Risk 149