Lack of email validation and opt-in processes hinder organizations from achieving compliance

From helpnetsecurity.com

email validation

Pathwire released the results of its Data Compliance Survey, a survey of 1,000 IT and marketing decision-makers across the globe on the most common data privacy and compliance trends and challenges.

Comply with privacy laws

The findings reveal 44.7% of organizations have had to add or change technology in the marketing stack to comply with privacy laws, and some are spending upwards of $10,000 every year to remain up to date with requirements.

The majority of survey respondents were based in EMEA (65.4%) and North America (21.7%), which indicates that almost all organizations represented in the study would fall, General Data Protection Regulation (GDPR), CAN-SPAM Act and/or the California Consumer Protection Act (CCPA).

The top industries represented in the study were IT (35.1%), professional services (13.9%) and financial services (4.4%), which introduces other compliance categories such as Consumer Data Protection Act (CDPA) or Health Insurance Portability and Accountability Act (HIPAA).

Read more…

ASEC Weekly Malware Statistics (July 12th, 2021 – July 18th, 2021)

From malware.news

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from July 12th, 2021 (Monday) to July 18th, 2021 (Sunday).

For the main category, info-stealer ranked top with 60.9%, followed by RAT (Remote Administration Tool) malware with 19.4%, downloader with 8.1%, CoinMiner with 7.1%, and Ransomware with 4.4%.

Read more…

Mobile Verification Toolkit: forensic tool to look for signs of infection in smartphone devices

From securityonline.info

Mobile Verification Toolkit

Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices.

It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence.

Warning: this tool has been released as a forensic tool for a technical audience. Using it requires some technical skills such as understanding the basics of forensic analysis and using command-line tools.

Read more…

10 Best Free Password Manager to Secure Your Password For 2021

From gbhackers.com

Free Password Manager

Free Password Manager always helps to make Strong passwords to protect your devices, online banking accounts and other data sources from unauthorized access.

In this article, we highlight the Best open source Password Manager for Android, Mac and iPhone.

Do I really need a password manager?

Manage different password for so many accounts in online is very difficult for everyone passwords in encrypted for is an important concern.

If you have a weak password then it is a cakewalk for hackers, they can easily crack into your accounts by using brute force techniques.

A strong password should contain at least six characters that include combinations of upper and lowercase letters, symbols and numbers. It is recommended to have a unique password for every account, reusing the password is a bad idea.

It is not an easy task to remember all the passwords, here come the Free password manager app to assist you in remembering the passwords.

Read more…

The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions

From tripwire.com

Disruptive,Technologies,Or,Technology,Disruptor,As,A,Concept

Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial control systems (ICS). The impact of such an attack is amplified by the growing reliance on automation and antiquated protocols throughout many OT networks.

In this blog series, I will be discussing three potential types of ICS attackers along with their capabilities and the potential consequences of their actions.

Read more…

BlackMatter ransomware group claims to be Darkside and REvil succesor

From securityaffairs.co

BlackMatter forum-post

BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups.

Lile other ransomware operations, BlackMatter also set up its leak sitewhere it will publish data exfiltrated from the victims before encrypting their system.

The birth of the BlackMatter ransomware was first spotted by researchers at Recorded Future who also reported that the gang is setting up a network of affiliates using ads posted on two cybercrime forums, such as Exploit and XSS.

Read more…

Over 100 active ransomware groups are on FBI Tracking Radar

From cybersecurity-insiders.com

The US Federal Bureau of Investigation (FBI) has made it official that it has been tracking over 100 active ransomware groups that are busy attacking American Businesses, schools, and other organizations.

Bryan Vorndran, the Assistant Director to the cyber division of FBI, disclosed the above stated news through a media statement issued on Tuesday, i.e. July 27th, 2021.

Vorndran added that his federal agency will put in all efforts to try mitigating the effects of the file encrypting malware hitting the networks.

Historically, if analyzed data is taken into consideration, FBI has tracked over 1000 variants of ransomware that hit over 20,000 organizations on a serious note. This includes the recently attacks launched on JBS Meat and Colonial Pipeline by DarkSide ransomware group.

Read more…