Analysis of More than 60,000 Breach Reports Over Three Years

UScellular Breach Allowed Hackers to Port Phone Numbers | Security Resolutions for 2021

Visit SecurityWeek.Com | Advertise | Contact   Webcasts RSS Feed 01.29.21 Friday, January 29, 2021 Virtual Event - February 3rd IoT Lockdown IoT Lockdown is a fully immersive virtual event that will present innovative strategies and tools that security teams can use to mitigate the risk of IoT devices. Register Today! Unemployment Fraud - Preying on Those Most in Need By implementing controls to prevent fraud and implementing fraud monitoring capabilities, state agencies can greatly reduce the amount of unemployment fraud that happens under their auspices. Read the Full Column by Joshua Goldfarb Security Resolutions to Make in 2021 In 2021 we will see challenges and changes, but the moves forward will be positive and empower both users and the business to succeed securely. Read the Full Column by Laurence Pitt In the Hacker's Crosshairs: Active Directory Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access. Read the Full Column by Torsten George In a Remote Work Era, a People-First Approach Keeps Threat Intelligence Teams on Track For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager Read the Full Column by AJ Nash Beyond the Pandemic: Far-ranging and Lasting Change Ahead for Industrial Networks The change we encountered in 2020 was unprecedented and had a dramatic impact on our operational technology (OT) environments – accelerating and sometimes recasting how we address the following four key areas. Read the Full Column by Yaniv Vardi Perseverance. Pushing Security Operations Forward in 2021 To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts. Read the Full Column by Marc Solomon Integrating Fraud Data Into Your Workflow For any fraud detection solution to be practical, it must be easily integrated into security and fraud operations. Read the Full Column by Joshua Goldfarb Getting SASE, Without the Hyperbole In the world of information security, it's hard to flip between internet browser tabs without hearing a new term, and one of the biggest in 2020 was Secure Access Service Edge (SASE). Read the Full Column by Laurence Pitt New Report: Cybersecurity Is a Boardroom Issue Cybersecurity is now a business decision requiring informed decision making from the executive team and the board. ESG and BitSight surveyed organizations across the globe to learn more about this change and the questions being asked at a board-level. [Read Report] See All Recent Articles at SecurityWeek.Com In Focus: Analysis of More than 60,000 Breach Reports Over Three Years: Analysis of 60,000 breaches over the last three years provides extensive data on where things are going wrong, and highlights trends on what is likely in the future. Read More UScellular Breach Allowed Hackers to Port Customer Phone Numbers: Hackers tricked employees of UScellular into installing malware, used it to access CRM software, and accessed customer accounts. Read More Tanium Announces $150 Million Funding Investment From Ontario Teachers': The security firm wants to scale operations to better serve the middle market. Read More Elusive Lebanese Threat Actor Compromised Hundreds of Servers: Updated versions of Lebanese Cedar's Explosive RAT and Caterpillar web shell found on victim networks. Read More Attacks on Individuals Fall as Cybercrime Shifts Tactics: Cybercriminals shifted away from stealing individual consumers' information in 2020 to focus on bigger, more profitable attacks on businesses. Read More Encrypted Services Providers Concerned About EU Proposal for Encryption Backdoors: European encrypted services providers ProtonMail, Threema, Tresorit and Tutanota have urged the EU to rethink a resolution that would require the implementation of encryption backdoors. Read More TPG Capital Acquires Majority Stake in PAM Solutions Provider Centrify: TPG will acquire a majority stake in Centrify from Thoma Bravo. Terms of the deal were not disclosed. Read More Many WordPress Sites Affected by Vulnerabilities in 'Popup Builder' Plugin: Impacting most AJAX methods, the Popup Builder plugin flaws can be abused to send newsletters, delete subscribers, and perform other site actions. Read More Apple CEO Escalates Battle With Facebook Over Online Privacy: Apple CEO Tim Cook fired off a series of thinly veiled shots at Facebook and other social media companies, escalating an online privacy battle pitting the iPhone maker against digital services that depend on tracking people to help sell ads. Read More Apple Adds 'BlastDoor' to Secure iPhones From Zero-Click Attacks: Apple has quietly fitted several anti-exploit mitigations into its flagship mobile operating system in what appears to be a specific response to zero-click iMessage attacks observed in the wild. Read More For Microsoft, Security is a $10 Billion Business: NEWS ANALYSIS: Microsoft generated a whopping $10 billion in security-related revenues in just the last 12 months and is now positioned as an enterprise cybersecurity powerhouse. Read More Many European CISOs Shift Focus to Mobile Security: Survey: A survey commissioned by Ivanti shows that a majority of CISOs in Europe have shifted the focus of their cybersecurity strategy to mobile devices due to increasing remote work. Read More Law Enforcement Planning Emotet Cleanup Operation Following Botnet Takedown: An update served by law enforcement will trigger the cleanup operation. Read More Apple to Crack Down on Tracking iPhone Users in Early Spring: Apple says it will roll out a new privacy control in the spring to prevent iPhone apps from secretly shadowing people. Read More Stack Overflow Shares Technical Details on 2019 Hack: Stack Overflow has shared technical details on how its systems were hacked in 2019, and it turns out that the attacker often viewed questions posted on Stack Overflow. Read More NetWalker Ransomware's Sites Seized by Law Enforcement: Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. Read More Ten-Year-Old Sudo Vulnerability Gives Root Privileges on Host: Qualys researchers discover a major security hole in the well-known Sudo utility. Read More To help make sure the SecurityWeek Briefing reaches you, please add news@securityweek.com to your address book. © 2020 Wired Business Media Visit SecurityWeek.Com | Twitter | Advertise | Contact

SecurityWeek | 40 Warren Street, Charlestown, MA 02129 Unsubscribe cyberdefense974.77330@blogger.com Update Profile | About our service provider Sent by news@securityweek.com