The Last Watchdog

MARCH 21, 2019

Unless you decide to go Henry David Thoreau and shun civilization altogether, you can’t — and won’t — stop generating data , which sooner or later can be traced back to you. Related: The Facebook factor. A few weeks back I interviewed a white hat hacker. After the interview, I told him that his examples gave me paranoia. He laughed and responded, “There’s no such thing as anonymous data; it all depends on how determined the other party is.”.

Metadata 230

Metadata IT Privacy Education 230

Krebs on Security

MARCH 17, 2019

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.

Passwords 264

Passwords Access Authentication IT 264

Data Breach Today

MARCH 26, 2019

Report: Poor Asus Security Allowed Its PCs to be Infected with Backdoors A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.

Security 232

Security IT 232

AIIM

MARCH 18, 2019

Seven (yes, seven!) years ago, AIIM published “The Big Data Balancing Act - Too much yin and not enough yang?” The author of the report was none other than Nuxeo’s David Jones, who worked as a business analyst for AIIM at the time. The premise of the report -- published at the height of the Big Data hype cycle -- was that only part of the Big Data story was being told.

Artificial Intelligence 138

Artificial Intelligence Big data Content services IT 138

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Weissman's World

MARCH 8, 2019

This 3-Minute Drill troubleshoots a typical municipality’s information challenges as it strives to meet its Open Government commitment. TL:DR Chances are the documents you need are hard to find and are hard to validate because: They’re in different departments, scattered all across the city; They’re in different computer systems; and As often as not, they’re […].

Government 120

Government IT Information governance 120

The Last Watchdog

MARCH 28, 2019

A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts. In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods.

IoT 263

IoT Mining Manufacturing Security 263

Krebs on Security

MARCH 21, 2019

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Facebook is probing the causes of a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it

Passwords 56

Passwords Access Archiving Authentication 56

Data Breach Today

MARCH 15, 2019

Crypto-Locking Extortion Targets Internet-Exposed D-Link Devices Criminals wielding a new strain of ransomware called Cr1ptT0r are targeting network-attached storage users. The campaign was first discovered in February after owners of D-Link network storage enclosures reported that their devices were being crypto-locked.

Ransomware 268

Ransomware 268

AIIM

MARCH 11, 2019

Recently AIIM released an industry watch report titled, The State of Information Management, Getting Ahead of the Digital Information Curve. In it, AIIM makes the case that every organization is on — or should be on — a Digital Transformation journey. At the heart of this transformation journey is the need to understand, anticipate and redefine internal and external customer experiences.

Digital transformation 123

Digital transformation ECM Customer Experience Content services 123

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Lenny Zeltser

MARCH 2, 2019

If you’d like to start experimenting with malware analysis in your own lab, here’s how to download and set up a free Windows virtual machine: Step 1: Install Virtualization Software Step 2: Get a Windows Virtual Machine Step 3: Update the VM and Install Malware Analysis Tools Step 4: Isolate the Analysis VM and Disable Windows Defender AV Step 5: Analyze Some Malware.

File names 112

File names Access Archiving Passwords 112

Security Affairs

MARCH 27, 2019

A team of researchers from the Korea Advanced Institute of Science and Technology Constitution (KAIST ) discovered 36 vulnerabilities in the LTE protocol. Security experts from the Korea Advanced Institute of Science and Technology Constitution (KAIST) have discovered 36 vulnerabilities in the LTE protocol used by most mobile carriers. The researchers used a fuzzing technique to discover the vulnerabilities, they developed a semi-automated testing tool named LTEFuzz based on open-source LTE soft

Manufacturing 111

Manufacturing Paper Phishing Encryption 111

The Last Watchdog

MARCH 4, 2019

A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT s

Energy and Utilities 212

Energy and Utilities Systems administration Access Cybersecurity 212

Krebs on Security

MARCH 8, 2019

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal , it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.

Passwords 276

Passwords Authentication Security Access 276

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

MARCH 11, 2019

Cyber-Espionage Campaign Appears Separate to Recent Credential-Stuffing Breach Citrix Systems is investigating a suspected hack attack, resulting in the theft of business documents, after being tipped off by the FBI. The breach alert follows Citrix recently disclosing that in late 2018, hackers breached some of its customers' accounts via credential-stuffing attacks.

Passwords 265

Passwords IT 265

AIIM

MARCH 27, 2019

For many years, “capture” was somewhat of an afterthought.It was something focused primarily on paper documents.It was something focused on archiving the document rather than on the extraction of data from the document.It was something you did at some point after information entered the organization.It was usually done in the context of one particular business process and needed to be customized to that process.

Information capture 116

Information capture Digital transformation Compliance Paper 116

Schneier on Security

MARCH 27, 2019

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good job at it. In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

Security 111

Security Passwords IT 111

Security Affairs

MARCH 23, 2019

Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. The security experts Amat Cama and Richard Zhu of team Fluoroacetate, earned $35,000 for their exploit, along with the Tesla they hacked.

Security 112

Security 112

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

The Last Watchdog

MARCH 1, 2019

There’s a frantic scramble going on among those responsible for network security at organizations across all sectors. Related: Why we’re in the Golden Age of cyber espionage. Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy.

Digital transformation 193

Digital transformation Marketing Analytics Risk 193

Krebs on Security

MARCH 29, 2019

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems at dozens of restaurants, including some locations of its other brands such as Earl of Sandwich and Planet Hollywood.

Sales 271

Sales Data breaches Retail IT 271

Data Breach Today

MARCH 27, 2019

Norwegian Aluminum Maker Still Fighting LockerGoga Ransomware Attack Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online.

Ransomware 262

Ransomware Manufacturing IT 262

AIIM

MARCH 19, 2019

In today's world, where the consumer is king, excellent customer experience is imperative for the success of your business. To achieve this, your data cannot be fragmented, redundant, obsolete, or inaccessible. Most organizations are currently dealing with more information than they can handle. This can be expensive as resources on storing, protecting, and securing information are costly.

Customer Experience 112

Customer Experience Metadata Financial Services IT 112

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

MARCH 29, 2019

This is an interesting story of a serious vulnerability in a Huawei driver that Microsoft found. The vulnerability is similar in style to the NSA's DOUBLEPULSAR that was leaked by the Shadow Brokers -- believed to be the Russian government -- and it's obvious that this attack copied that technique. What is less clear is whether the vulnerability -- which has been fixed -- was put into the Huwei driver accidentally or on purpose.

Government 110

Government IT 110

Security Affairs

MARCH 21, 2019

News problems for Facebook that admitted to have stored the passwords of hundreds of millions of users in plain text. Facebook revealed to have stored the passwords of hundreds of millions of users in plain text, including passwords of Facebook Lite, Facebook, and Instagram users. “As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems.” reads the announcement published by Face

Passwords 22

Passwords Authentication Access Security 22

The Last Watchdog

MARCH 13, 2019

There are certain things we as consumers have come to do intuitively: brushing our teeth in the morning; looking both ways before crossing a city street; buckling up when we get into a car. Related: What needs to happen to enable driverless transportation — safely. In the not too distant future, each one of us will need to give pause, on a daily basis, to duly consider how we purchase and use Internet of Things devices and services.

IoT 189

IoT Energy and Utilities Security Privacy 189

Krebs on Security

MARCH 10, 2019

Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs. These little video bandits can be hidden 100 different ways, but they’re frequently disguised as ATM security features — such as an extra PIN pad privacy cover, or an all-in-one skimmer over the green flashing card acceptance slot at the ATM.

Privacy 231

Privacy Security IT 231

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Breach Today

MARCH 21, 2019

Facebook Under Fresh Scrutiny Over How It Stored User Passwords Facebook has corrected an internal security issue that allowed the company to store millions of user passwords in plaintext that were then available to employees through an internal search tool.

Passwords 262

Passwords Security IT 262

Dark Reading

MARCH 26, 2019

Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.

Security 109

Security 109

Schneier on Security

MARCH 20, 2019

This isn't a security story, but it easily could have been. Last Saturday, Zipcar had a system outage : "an outage experienced by a third party telecommunications vendor disrupted connections between the company's vehicles and its reservation software.". That didn't just mean people couldn't get cars they reserved. Sometimes is meant they couldn't get the cars they were already driving to work: Andrew Jones of Roxbury was stuck on hold with customer service for at least a half-hour while he and

IT 109

IT Security 109