Data Breach Today
JUNE 30, 2021
Workforce Expansion Act Would Create CISA, VA Training Programs Sens. Maggie Hassan and John Cornyn have introduced legislation that would create a pilot apprenticeship program within CISA. The Federal Cybersecurity Workforce Expansion Act would also create a cyber-training program within the Department of Veterans Affairs, equipping veterans to hold careers in cyber defense.
eSecurity Planet
JUNE 30, 2021
Virtual machines are becoming an increasingly popular avenue cybercriminals are taking to distribute their ransomware payloads onto compromised corporate networks. Bad actors have been exploiting VMs in recent years as a way of running under the radar, making it more difficult to detect their malware while it encrypts the data they intend to hold for ransom.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
OneHub
JUNE 30, 2021
File transfer protocol (FTP) turned 50 this year. In the fast-moving world of technology, that’s an eternity. File sharing looks much different now than it did half a century ago, but some companies are still using FTP to share their business files. Is it time to say goodbye to file transfer protocol, or is it an oldie but goodie? That depends on a few factors.
Security Affairs
JUNE 29, 2021
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total 756M users, is available for sale on forums on the dark web. The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experi
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Data Breach Today
JULY 2, 2021
Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
JULY 2, 2021
An apparent supply chain attack exploited Kaseya's IT management software to encrypt a "monumental" number of victims all at once.
Security Affairs
JUNE 29, 2021
The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware operators are now using a Linux encryptor to encrypts Vmware ESXi virtual machines which are widely adopted by enterprises. The availability of the Linux encryptor was announced by the REvil gang in May, a circumstance that suggests the group is expanding its operation.
Data Breach Today
JUNE 26, 2021
New JSSLoader Variant is Being Spread by TA543 Group A cybercrime group tracked as TA543 by security firm Proofpoint is deploying a new variant of a malware loader to target victims as part of a phishing campaign, the company reports.
Krebs on Security
JULY 1, 2021
Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month. Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and i
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
WIRED Threat Level
JULY 1, 2021
While SolarWinds rightly drew attention earlier this year, Moscow's Fancy Bear group has been on a password-guessing spree this whole time.
Security Affairs
JUNE 26, 2021
Mercedes-Benz USA disclosed a data breach that impacted 1.6 million customers, exposed data includes financial data and social security numbers (SSNs). Mercedes-Benz USA disclosed on Friday a data breach that impacted some of its customers and potential vehicle buyers. The incident exposed approximately 1.6 million unique records containing customers’ info, including customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact.
Data Breach Today
JULY 1, 2021
NSA: Attackers Targeting Cloud Services for Espionage The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
Krebs on Security
JUNE 30, 2021
Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you’ve shared this information in advance with the authorities each day for a year with no outward indication that they are doing anything about it.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
JUNE 26, 2021
Amazon acquires Wickr, the Senate holds up CISA, and more of the week’s top security news.
Security Affairs
JUNE 27, 2021
Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. “While the Windows system is in safe mode antivirus software doesn’t work.
Data Breach Today
JUNE 29, 2021
Code for Generating Unique Copies of Crypto-Locking Malware Uploaded to VirusTotal The code used to build copies of Babuk ransomware - to infect victims with the crypto-locking malware - has been leaked, after someone posted the software to virus-scanning service VirusTotal. Whether the leak was intentional - perhaps a rival gang seeking to burn the operation - remains unclear.
AIIM
JUNE 29, 2021
If you’ve been paying attention to the research we conduct and the educational information we share, you know that AIIM describes Intelligent Information Management (IIM) as all the things you want to do with, or get from, your organization’s information. We break these up into five key categories of actions or aspirations: Creating and Capturing Information.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
WIRED Threat Level
JUNE 27, 2021
As useful as all those add-ons can be, don't get complacent when it comes to making sure they're also secure.
Security Affairs
JULY 2, 2021
Wizard Spider, the cybercrime gang behind the TrickBot botnet, is believed to be the author of a new ransomware family dubbed Diavol, Fortinet researchers report. Researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider , the cybercrime gang behind the TrickBot botnet. The Trickbot botnet was used by threat actors to spread the Ryuk and Conti ransomware families, experts noticed similarities between Diavol and Conti threat
Data Breach Today
JULY 2, 2021
This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
AIIM
JULY 1, 2021
As the amount of data entering the organization proliferates, and the amount of content with business value (deemed a “record” in many cases) also increases, organizations everywhere are struggling with a massive information overload problem. Content is running rampant and sprawling, and records are being captured improperly, making discoverability and the resulting value of that information significantly lower.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
WIRED Threat Level
JUNE 28, 2021
The company says the Nobelium hacking group compromised a support agent's computer and levied brute-force attacks against some of its customers.
Security Affairs
JUNE 30, 2021
Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. Law enforcement has seized the servers of DoubleVPN (doublevpn.com), a Russian-based VPN service that provides double-encryption service widely used by threat actors to anonymize their operation while performing malicious activities.
Data Breach Today
JUNE 28, 2021
Lawyer Says Contract to Assist the Cajee Brothers Terminated Two brothers who run Africrypt, a currency exchange service based in Johannesburg, South Africa, have been accused by law firm Hanekom Attorneys, acting on behalf of investors, of 'vanishing' along with $3.6 billion in cryptocurrency investments.
The Last Watchdog
JUNE 30, 2021
The Solarwinds hack has brought vendor supply chain attacks — and the lack of readiness from enterprises to tackle such attacks — to the forefront. Related: Equipping Security Operations Centers (SOCs) for the long haul. Enterprises have long operated in an implicit trust model with their partners. This simply means that they trust, but don’t often verify, that their partners are reputable and stay compliant over time.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
JULY 1, 2021
The minimum hardware requirements for Microsoft’s next operating system will leave plenty of PCs stranded.
Security Affairs
JUNE 28, 2021
Microsoft is investigating an strange attack, threat actor used a driver signed by the company, the Netfilter Driver, to implant a Rootkit. Microsoft announced it is investigating a threat actor distributing malicious drivers in attacks aimed at the gaming industry in China. The actor submitted drivers that were built by a third party for certification through the Windows Hardware Compatibility Program (WHCP).
Data Breach Today
JUNE 30, 2021
Paige Thompson Now Faces Up to 20 Years in Federal Prison, Documents Show The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, which compromised the personal data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. She now faces a possible 20-year prison sentence.
Expert insights. Personalized for you.
264 
Let's personalize your content