Here is the weekly roundup :
|
Stolen T-Mobile Customer Data for Sale on the Dark Web
|
|
An Irish security firm has noticed vast amounts of user data sold on the dark web, alleging that is likely the same data breached from Experian’s server belonging to nearly 15 million T-Mobile customers.
|
|
Scottrade Breach Affects 4.6 Million Customers
|
|
Discount brokerage firm Scottrade has revealed a breach from 2013-14 that has potentially compromised personal information including contact details and possibly Social Security numbers of some 4.6 million customers.
|
|
Stagefright Is Back to Render over a Billion Android Devices Vulnerable
|
|
A new batch of Stagefright bugs that grants attackers the means to execute malicious code that leaves over a billion Android devices vulnerable has been discovered in recent versions of the Android operating system by researchers.
|
|
Cloud Security: Mitigating Corporate Transformation
|
|
Today, with cloud services a foundational aspect of business, the firewall perimeter method has become insufficient. As soon as IT teams connect multiple resources, cloud instances and devices, the line between internal networks and the outside world – more specifically, the cloud – will be blurred to the point of obscurity. Let’s explore three major perimeter expanding scenarios and then address some security enhancement and risk mitigation strategies.
|
|
It’s #2FactorTuesday. It’s Time to Embrace Security
|
|
If you haven’t already enabled two-factor or two-step verification on your multitude of social, personal and business accounts in cyberspace, you’re doing it wrong.
|
|
Outlook Web Application Breach Steals 11,000 Corporate Passwords
|
|
Security researchers have discovered an advanced backdoor malware operating in the wild targeting organizations using Microsoft Outlook Web Access (OWA) to steal e-mail passwords and credentials.
|
|
Digital Security Posture – A Competitive Advantage
|
|
Cybersecurity is a strategy of defense. No offense. No victories. No celebration. Progress is measured by reducing or eliminating exploits (to the best of one’s knowledge) and having resiliency over time. However, the battle is becoming more complex on many fronts.
|
Interesting Reading From Around the Web:
|
Meet The Mystery Vigilantes Who Created 'Malware' To Secure 10,000 Routers
|
|
A group of do-gooder hackers calling themselves The White Team have taken responsibility for a large peer-to-peer botnet that compromised more than 10,000 routers to improve the security of the devices, and have explained to FORBES some of their future plans to fix more broken machines.
|
|
What’s in a Boarding Pass Barcode? A Lot
|
|
The next time you’re thinking of throwing away a used boarding pass with a barcode on it, consider tossing the boarding pass into a document shredder instead. Two-dimensional barcodes and QR codes can hold a great deal of information, and the codes printed on airline boarding passes may allow someone to discover more about you, your future travel plans, and your frequent flyer account.
|
|
7 Scary DDoS Attack Trends
|
|
A new report on Distributed Denial of Service attacks revealed some frightening trends, including targeted assaults that distract IT departments while malware opens the door to data breaches and monetary theft.
|
Upcoming Events:
The Next Generation of Incident Response
Join LIFARS and Security Serious for a webinar covering, in detail, the process of data breach response from the perspective of an elite IR team member. It will cover the steps taken to properly respond to a breach caused by a sophisticated hacker and go over some real-world case studies.
FOR 50% DISCOUNT, PLEASE USE THE FOLLOWING CODE: LIFARS50
October 28, 2015, BrightTALK
|
A big thank you to our partners:
|
Featured Webinar:
What’s in Your Incident Response Toolkit?
How do your tools match up to those used by investigators in high-profile breaches? Learn the best incident response tools for finding and sharing data at rest, in transit, and shared outside the organization from Ondrej Krehel of LIFARS, who has worked on the front lines of many headline-making security incidents.
Featured Whitepaper:
Threat Centric Identity and Access Management
Conventional security architecture is not very effective. This whitepaper presents a new concept for Threat Centric IAM to address the need to enhance security measures with a threat intelligence approach.
Featured Article:
Be careful in putting your cybertrust in Google, Microsoft and Apple
Security professionals and consumers often feel that they understand cybersecurity just by using words and technical descriptions of product labels, vendors’ marketing campaigns, and manuals. Especially when knowing that we bet on the “right horse” and entrusted our data to well-known companies, including Google, Apple, Microsoft, and others. Right?
Jeffery Hazell Count Me In Challenge
Jeffery Hazell '83, a member of the UNH Board of Governors, has issued a challenge to each of the University’s five colleges. Whichever college can get the greatest percentage of its alumni, parents and friends to make a contribution by Homecoming (October 24) will receive $50,000 from Hazell.
So Make It Count!
Make a gift—of any amount—to the Tagliatela College of Engineering, and the College could win the $50,000. Regardless of who wins the challenge, your donation will go to the College of your choice.
|
