Dark Reading
SEPTEMBER 29, 2020
Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack.
Data Breach Today
SEPTEMBER 28, 2020
Stolen Credentials, Lack of MFA Leading to Millions in Banking Losses The FBI is warning organizations in the financial sector about an increase in botnet-launched credential stuffing attacks that are leading to the theft of millions. Many of these attacks, which target APIs, are being fed by billions of stolen credentials leaked over the last several years.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
SEPTEMBER 30, 2020
Report Finds Hackers Targeting Think Tanks, Human Rights Groups, Healthcare Organizations Over the last year, nation-state hackers, including those with links to the Russian government, have shifted from targeting critical infrastructure to focusing on think tanks, human rights groups and nongovernment organizations in an attempt to influence public policy, according to Microsoft.
Krebs on Security
OCTOBER 1, 2020
Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Image: Shutterstock. In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial in
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Security Affairs
SEPTEMBER 29, 2020
The French maritime transport and logistics giant CMA CGM S.A. revealed it was the victim of a malware attack that affecting some servers on its network. CMA CGM S.A. , a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. The company is present in over 160 countries through 755 offices and 750 warehouses with 110,000 employees and 489 vessels.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
SEPTEMBER 29, 2020
William Dixon of World Economic Forum on the Need to Create a Coalition William Dixon of the World Economic Forum is calling for the formation of a "quantum computing security coalition" to help build trust in the technology, which could play a key role in enhancing security.
Krebs on Security
SEPTEMBER 29, 2020
Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft ‘s Azure web services platform, which also was struggling with a widespread outage at the time. However, multiple sources tell KrebsOnSecurity the 911 issues stemmed from some kind of technical snafu involving Intrado and Lumen , two companies that together handle 911 calls for a broad swath of the Uni
Security Affairs
SEPTEMBER 29, 2020
While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. The name AgeLocker comes from the use of the Actually Good Encryption ( AGE ) algorithm to encrypt files, experts warn that encrypted files can’t be recovered without paying t
WIRED Threat Level
OCTOBER 2, 2020
There’s a small but real possibility that we won’t know which party controls the Senate until 2021, thanks to a special election and a unique state requirement.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
SEPTEMBER 28, 2020
Research Highlights Danger of Insecure Firmware in Line of Coffee Machines An internet-connected coffee machine is the IoT latest device to show security problems. Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to stop it? Unplug the machine.
Krebs on Security
OCTOBER 2, 2020
Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. A text snippet from one of the bogus Trickbot configuration updates.
Security Affairs
SEPTEMBER 26, 2020
Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam. A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. According to telecoms firm Magyar Telekom, the attack took place on Thursday and was launched from servers in Russia, China and Vietnam.
WIRED Threat Level
SEPTEMBER 28, 2020
“All computers are completely shut down,” one Universal Health Services employee told WIRED.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
SEPTEMBER 30, 2020
Hackers Continue to Exploit the Vulnerability as Users Struggle With Initial Fix Microsoft has issued additional instructions on how to better implement a patch to fix an elevation of privilege vulnerability called Zerologon in Windows Server that affects the Netlogon Remote Protocol. The update comes as Cisco Talos researchers report a spike in attempts to exploit the flaw.
Data Protector
OCTOBER 2, 2020
I am he as you are he as you are me and we are all together See how they stun the world and my mum, see how they fine I'm crying Sitting in the courthouse, waiting for the man to come Covid mask and goggles, stupid bloody Tuesday Man, you been a naughty boy, you set your cookies wrong I am the bad man, I spammed some good men My fine is enormous, goo goo g'joob Mister lead prosecutor sitting Pretty little lawyers in a row See how they drone “he should have known,” see how they fine I'm crying, I
Security Affairs
SEPTEMBER 26, 2020
Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the end of August 2020. .
WIRED Threat Level
SEPTEMBER 28, 2020
Government officials have increasingly sounded alarms on the risks of foreign interference and disinformation campaigns leading up to—and after—November 3.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
SEPTEMBER 29, 2020
Separately, Ivanti Buys Security Firms MobileIron and Pulse Secure McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
Troy Hunt
OCTOBER 2, 2020
Sexuality, relationships and online dating are all rather personal things. They're aspects of our lives that many people choose to keep private or at the very least, share only with people of our choosing. Grindr is "The World's Largest Social Networking App for Gay, Bi, Trans, and Queer People" which for many people, makes it particularly sensitive.
Security Affairs
SEPTEMBER 29, 2020
US-based Arthur J. Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. US-based Arthur J. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. The company did not provide technical details about the attack, it is not clear how the ransomware operators breached the company and which is the family of malware that infected its systems.
WIRED Threat Level
SEPTEMBER 27, 2020
Many of the updates to Google's mobile OS are behind the scenes—but they can help you control your app permissions and keep your data safe.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
SEPTEMBER 28, 2020
Tyler Technologies Urges Agencies to Reset Passwords After 'Suspicious Logins' Following a ransomware attack last week that affected its corporate network and phone systems, Tyler Technologies, a supplier of software and services to local, state and federal government agencies, is urging its customers to reset their passwords after reports of "suspicious logins to client systems.
The Guardian Data Protection
SEPTEMBER 29, 2020
Allegation follows new law that lets Hong Kong ask for sensitive data if deemed to threaten national security Big technology companies may already be complying with secret Chinese requests for user information held in Hong Kong and ought to “come clean” about the vulnerability of the data they hold there, a senior US state department official has said.
Security Affairs
SEPTEMBER 27, 2020
Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. The Joker malware is a malicious code camouflaged as a system app and allows attackers to perform a broad range of malicious operations, including disable the Google Play Protect service , install malicious apps, generate fake reviews, and
WIRED Threat Level
OCTOBER 1, 2020
A researcher reverse engineered an internet-connected coffee maker to see what kinds of hacks he could do with it. The answer: quite a lot.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
OCTOBER 2, 2020
Rapid7 Researcher Calls Upatched Microsoft Servers 'Dangerous as Hell' Eight months after Microsoft issued a critical security update fixing a remote code execution flaw in Exchange Server, more than half of these mail servers in use remain vulnerable to exploits, according to the security firm Rapid7.
Schneier on Security
SEPTEMBER 29, 2020
As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it. After just a week of effort, the unqualified answer was: quite a lot. Specifically, he could trigger the coffee maker to turn on the burner, dispense water, spin the bean grinder, and display a ransom message, all while beeping repeatedly.
Security Affairs
SEPTEMBER 28, 2020
REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. The REvil Ransomware (Sodinokibi) operators have deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. Some hacker forum allows members to deposit funds that can be used to buy any kind of illicit services or product offered by other members.
Expert insights. Personalized for you.
131 
Let's personalize your content