The India-based call centers scammed US victims out of millions of dollars between 2013 and 2016. Advertise on IT Security News. Read the complete article: Indian National Pleads Guilty to Multimillion-Dollar Call Center Scam
Tag: Dark Reading:
5 Tips on How to Build a Strong Security Metrics Framework
The carpentry maxim ‘measure twice, cut once’ underscores the importance of timely, accurate, and regular metrics to inform security leaders’ risk decisions. Advertise on IT Security News. Read the complete article: 5 Tips on How to Build a Strong…
Study Points to Lax Focus on Cybersecurity
Despite ranking at the top of respondents’ concerns, organizations still show gaps in acting on cybersecurity, Society for Information Management (SIM) report finds. Advertise on IT Security News. Read the complete article: Study Points to Lax Focus on Cybersecurity
Attackers Increase Focus on North American Electric Utilities: Report
Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm. Advertise on IT Security News. Read the complete article: Attackers Increase Focus on…
Chinese Malware Found Preinstalled on US Government-Funded Phones
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless. Advertise on IT Security News. Read the complete article: Chinese Malware Found Preinstalled on US Government-Funded Phones
TrickBot Group Adds New PowerShell-Based Backdoor to Arsenal
PowerTrick is sort of a custom-version of PowerShell Empire and can be used to download additional malware, SentinelOne says. Advertise on IT Security News. Read the complete article: TrickBot Group Adds New PowerShell-Based Backdoor to Arsenal
AWS Issues ‘Urgent’ Warning for Database Users to Update Certs
Users of AWS Aurora, DocumentDB, and RDS databases must download and install a fresh certificate and rotate the certificate authority. Advertise on IT Security News. Read the complete article: AWS Issues ‘Urgent’ Warning for Database Users to Update Certs
Operationalizing Threat Intelligence at Scale in the SOC
Open source platforms such as the Malware Information Sharing Platform are well positioned to drive a community-based approach to intelligence sharing. Advertise on IT Security News. Read the complete article: Operationalizing Threat Intelligence at Scale in the SOC
7 Free Tools for Better Visibility Into Your Network
It’s hard to protect what you don’t know is there. These free tools can help you understand just what it is that you need to protect — and need to protect yourself from. Advertise on IT Security News. Read…
Rockwell Automation to Buy ICS Security Services Firm
Industrial control systems vendor plans to acquire Avnet Data Security, which provides penetration testing, assessments, training, and managed network and security services for the ICS sector. Advertise on IT Security News. Read the complete article: Rockwell Automation to Buy…
15% of Ransomware Victims Paid Ransom in 2019, Quadrupling 2018
Increasing sophistication of ransomware attacks might be forcing victims to open their wallets. Advertise on IT Security News. Read the complete article: 15% of Ransomware Victims Paid Ransom in 2019, Quadrupling 2018
Las Vegas Suffers Cyberattack on First Day of CES
The attack, still under investigation, hit early in the morning of Jan. 7. Advertise on IT Security News. Read the complete article: Las Vegas Suffers Cyberattack on First Day of CES
Developers Still Don’t Properly Handle Sensitive Data
The top classes of vulnerabilities for 2019 indicate that developers still don’t correctly sanitize inputs, nor protect passwords and keys as they should. Advertise on IT Security News. Read the complete article: Developers Still Don’t Properly Handle Sensitive Data
Google’s Project Zero Policy Change Mandates 90-Day Disclosure
The updated disclosure policy aims to achieve more thorough and improved patch development, Google reports. Advertise on IT Security News. Read the complete article: Google’s Project Zero Policy Change Mandates 90-Day Disclosure
In App Development, Does No-Code Mean No Security?
No-code and low-code development platforms are part of application development, but there are keys to making sure that they don’t leave security behind with traditional coding. Advertise on IT Security News. Read the complete article: In App Development, Does…
TikTok Bugs Put Users’ Videos, Personal Data At Risk
Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users’ personal data. Advertise on IT Security News. Read the complete article: TikTok Bugs Put Users’ Videos, Personal…
The “Art of Cloud War” for Business-Critical Data
How business executives’ best intentions may be negatively affecting security and risk mitigation strategies – and exposing weaknesses in organizational defenses. Advertise on IT Security News. Read the complete article: The “Art of Cloud War” for Business-Critical Data
DHS Warns of Potential Iranian Cyberattacks
Recent US military action in Baghdad could prompt retaliatory attacks against US organizations, it says. Advertise on IT Security News. Read the complete article: DHS Warns of Potential Iranian Cyberattacks
Cloudflare Adds New Endpoint, Web Security Service
“Teams” and a new browser security acquisition expand the cloud firm’s security offerings. Advertise on IT Security News. Read the complete article: Cloudflare Adds New Endpoint, Web Security Service
The Discovery and Implications of ‘MDB Leaker’
The “MDB Leaker” vulnerability in the Microsoft Access Database could lead to a memory leak if left unpatched. Advertise on IT Security News. Read the complete article: The Discovery and Implications of ‘MDB Leaker’
Car Hacking Hits the Streets
The top-three carmakers sell only connected vehicles in the United States – and other manufacturers are catching up – creating a massive opportunity for attacks, which black-hat hackers are not overlooking. Advertise on IT Security News. Read the complete…
Accenture to Buy Symantec’s Cyber Security Services
The purchase, for an undisclosed amount, is scheduled to close in March. Advertise on IT Security News. Read the complete article: Accenture to Buy Symantec’s Cyber Security Services
Insight Partners Acquires Armis at $1.1B Valuation
This deal marks the largest-ever acquisition of a private Israeli cybersecurity company, Armis’ co-founders report. Advertise on IT Security News. Read the complete article: Insight Partners Acquires Armis at $1.1B Valuation
New Standards Set to Reshape Future of Email Security
Emerging specs and protocols expected to make the simple act of opening an email a less risky proposition Advertise on IT Security News. Read the complete article: New Standards Set to Reshape Future of Email Security
Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks
New Year’s Eve attack on currency exchange service Travelex may have involved use of the flaw. Advertise on IT Security News. Read the complete article: Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks
Malicious Google Play Apps Linked to SideWinder APT
The active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report. Advertise on IT Security News. Read the complete article: Malicious Google Play Apps Linked to SideWinder APT
US Government Publishing Office Website Defaced
The Federal Depository Library Program (FDLP) website was attacked by a group of hackers claiming to represent the government of Iran. Advertise on IT Security News. Read the complete article: US Government Publishing Office Website Defaced
Mimecast Acquires Segasec to Boost Phishing Defense
Segasec’s technology will be integrated into Mimecast’s email and Web security services to identify malicious domains. Advertise on IT Security News. Read the complete article: Mimecast Acquires Segasec to Boost Phishing Defense
Client-Side JavaScript Risks & the CCPA
How California’s new privacy law increases the liability for securing Web-facing user data, and what enterprises can do to mitigate their risk. Advertise on IT Security News. Read the complete article: Client-Side JavaScript Risks & the CCPA
What Tools Will Find Misconfigurations in My AWS S3 Cloud Buckets?
Misconfigured cloud buckets leak sensitive data. Here’s how to keep your Amazon Web Services (AWS) Simple Server Storage (S3) buckets secured. Advertise on IT Security News. Read the complete article: What Tools Will Find Misconfigurations in My AWS S3…
Ransomware Victim Southwire Sues Maze Operators
Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign. Advertise on IT Security News. Read the complete article: Ransomware Victim Southwire Sues Maze Operators
Cisco Drops a Dozen Vulnerability Patches
Among them are three for critical authentication bypass flaws. Advertise on IT Security News. Read the complete article: Cisco Drops a Dozen Vulnerability Patches
Edge Feature Section
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a…
Continental Drift: Is Digital Sovereignty Splitting Global Data Centers?
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe’s cloud providers could challenge every data center storing a European’s data. Advertise on IT Security News. Read the complete article: Continental Drift: Is Digital Sovereignty…
The Edge Cartoon Caption Contest: Latest Winners, New Toon ‘Like a Boss’
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card. Advertise on IT Security News. Read the complete article: The Edge Cartoon Caption Contest: Latest Winners,…
Malware Hits Travelex Currency Exchange Service
The New Year’s Eve malware attack forced Travelex employees to resort to manual operations. Advertise on IT Security News. Read the complete article: Malware Hits Travelex Currency Exchange Service
Organizations May ‘Uncloud’ Over Security, Budgetary Concerns
While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they’re using Advertise on IT Security News. Read the complete article: Organizations May ‘Uncloud’ Over Security, Budgetary Concerns
CCPA Kickoff: What Businesses Need to Know
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they’ll remain compliant. Advertise on IT Security News. Read the complete article: CCPA Kickoff: What Businesses Need to Know
Time for Insider-Threat Programs to Grow Up
Immature programs attempting to protect against damaging attacks by insiders run the risk of alienating employees. Advertise on IT Security News. Read the complete article: Time for Insider-Threat Programs to Grow Up
Ransomware Scuttles Coast Guard Facility for 30+ Hours
The attack on the unnamed facility began with a malicious email link. Advertise on IT Security News. Read the complete article: Ransomware Scuttles Coast Guard Facility for 30+ Hours
How Cybersecurity’s Metrics of Misery Fail to Describe Cybercrime Pain
Dollars lost and data records exposed are valuable measurements, but the true pain of a cybersecurity incident goes far beyond that. We asked infosec pros how they put words to the pain they feel when their defenses fall apart. …
Landry’s Restaurant Chain Discloses Payment Security Incident
Some payment cards were mistakenly swiped on order-entry systems that lacked the security of its point-of-sale terminals. Advertise on IT Security News. Read the complete article: Landry’s Restaurant Chain Discloses Payment Security Incident
Mechanics of a Crypto Heist: How SIM Swappers Can Steal Cryptocurrency
The true vulnerability at the heart of SIM-swap attacks on crypto accounts lies in crypto exchanges’ and email providers’ variable implementation of 2FA. Advertise on IT Security News. Read the complete article: Mechanics of a Crypto Heist: How SIM…
6 Security Team Goals for DevSecOps in 2020
Huge opportunities await security teams that are finally ready move the needle on security problems that have plagued organizations for years. Advertise on IT Security News. Read the complete article: 6 Security Team Goals for DevSecOps in 2020