Krebs on Security

AUGUST 27, 2020

Yesterday’s piece told the tale of Hieu Minh Ngo , a hacker the U.S. Secret Service described as someone who caused more material financial harm to more Americans than any other convicted cybercriminal. Ngo was recently deported back to his home country after serving more than seven years in prison for running multiple identity theft services.

Identity Theft 313

Identity Theft Retail Government Banking 313

Schneier on Security

AUGUST 27, 2020

Cory Doctorow has writtten an extended rebuttal of The Age of Surveillance Capitalism by Shoshana Zuboff. He summarized the argument on Twitter. Shorter summary: it's not the surveillance part, it's the fact that these companies are monopolies. I think it's both. Surveillance capitalism has some unique properties that make it particularly unethical and incompatible with a free society, and Zuboff makes them clear in her book.

Surveillance 275

Surveillance 275

Tech Republic Security

AUGUST 27, 2020

Global tech professionals reveal recruiting projects fueled by budgets prioritizing staff education, according to a recent IT trends report from Netwrix.

Education 218

Education 218

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Anubis is the name of an Android malware well-known in the community of malware analysts, but the family reported by Microsoft is not related to it.

Malware 124

Malware Advertising Cryptocurrency Cybercrime 124

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

AUGUST 27, 2020

The BeagleBoyz have made off with nearly $2 billion since 2015, and they're back to attacking financial institutions after a short lull in activity.

Banking 216

Banking Government 216

Threatpost

AUGUST 27, 2020

Malicious attachments continue to be a top threat vector in the cybercriminal world, even as public awareness increases and tech companies amp up their defenses.

Phishing 128

Phishing Malware 128

Security Affairs

AUGUST 27, 2020

Experts found an unsecured data bucket containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. Original post at: [link]. The CyberNews research team uncovered an unsecured data bucket owned by an unidentified party, containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses.

Social Engineering 124

Social Engineering Passwords Marketing Phishing 124

Tech Republic Security

AUGUST 27, 2020

Government agencies can suffer from differences in funding, a lack of standard policies, and other issues that affect security, says BlueVoyant.

Government 178

Government 178

Dark Reading

AUGUST 27, 2020

Rather than just reacting to security issues in the COVID-19 era, CISOs are now in a position to be change agents alongside their C-suite peers.

CISO 129

CISO 129

Tech Republic Security

AUGUST 27, 2020

If you frequently hand your phone over to others, Guest Mode is a feature you should be using on Android. Jack Wallen shows you how to access the feature from your lock screen.

Accountability 148

Accountability 148

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

AUGUST 27, 2020

New Zealand’s stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days. New Zealand’s stock exchange ( NZX ) has been hit by distributed denial-of-service (DDoS) attacks that took it offline for two days, trading activity was interrupted until the connectivity was restored.

DDOS 113

DDOS Marketing Advertising Internet 113

Tech Republic Security

AUGUST 27, 2020

The latest variant of this trojan extracts email threads from Outlook, which it uses for phishing attacks, says Check Point Research.

Phishing 172

Phishing 172

Threatpost

AUGUST 27, 2020

Magecart's successes have led to threat actors actively advertising 'sniffers' that can be injected into e-commerce websites in order to exfiltrate payment cards.

Marketing 119

Marketing Advertising Hacking 119

Tech Republic Security

AUGUST 27, 2020

Anxious to get your Linux server SSH access locked down? Jack Wallen shows you one more step you can take--one that will only take seconds.

155

155

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Threatpost

AUGUST 27, 2020

Former Cisco employee Sudhish Kasaba Ramesh admitted to accessing Cisco’s cloud infrastructure and deleting 16,000 Webex Teams employee accounts.

Accountability 125

Accountability Hacking 125

Tech Republic Security

AUGUST 27, 2020

If you're serious about managing your browser's history, Vivaldi makes this task incredibly easy. Jack Wallen shows you how.

154

154

Security Affairs

AUGUST 27, 2020

Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security updates to create a trustworthy platform for new IoT experiences.

Advertising 97

Advertising IoT Hacking Information Security 97

Tech Republic Security

AUGUST 27, 2020

From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.

Penetration Testing 120

Penetration Testing Cybersecurity 120

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

WIRED Threat Level

AUGUST 27, 2020

Elon Musk confirmed Thursday night that a ransomware gang had approached a Gigafactory employee with alleged promises of a big payout.

Ransomware 109

Ransomware 109

Dark Reading

AUGUST 27, 2020

New Zealand Exchange officials say the motive for the attacks is unclear.

DDOS 140

DDOS 140

Threatpost

AUGUST 27, 2020

While privacy experts praised Apple’s upcoming iOS 14 updates, Facebook said the new features could cut its advertising business in half.

Advertising 105

Advertising Mobile 105

WIRED Threat Level

AUGUST 27, 2020

There's a lot going on with the USPS right now. Here's a complete state-by-state guide to how to get your ballot—and when it's due.

106

106

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Affairs

AUGUST 27, 2020

REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. .

Healthcare 81

Healthcare Ransomware Advertising Cyber Risk 81

WIRED Threat Level

AUGUST 27, 2020

In China, the messaging platform blocked thousands of keywords related to the virus, a new report reveals.

107

107

Dark Reading

AUGUST 27, 2020

Latest version of Qbot has acquired a new feature for collecting email threads from Outlook clients.

Malware 104

Malware 104

WIRED Threat Level

AUGUST 27, 2020

Mozilla has rewritten the app to rely on its own infrastructure rather than Google’s. But will its privacy and UI tweaks convince people to make the switch?

77

77

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

AUGUST 27, 2020

How internal manipulators can actually degrade your organization's cyber defense, and how to defend against them.

95

95

Threatpost

AUGUST 27, 2020

New version of trojan is spreading fast and already has claimed 100,000 victims globally, Check Point has discovered.

Phishing 83

Phishing Software Ransomware Malware 83

Dark Reading

AUGUST 27, 2020

The collision of Microsoft and Oracle patches on the same day has contributed to risk and stress for organizations.

InfoSec 94

InfoSec Risk 94

McAfee

AUGUST 27, 2020

It was every administrator’s worst nightmare. A small district hospital in western Colorado lost access to 5 years’ worth of patient records after ransomware attackers exploited holes in an aging infrastructure to strike. But it was also an increasingly familiar story as ransomware attackers escalate their attacks and go after targets across all sectors of the economy.

Ransomware 54

Ransomware Technology Big data Backups 54

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.