Krebs on Security

JULY 23, 2018

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A YubiKey Security Key made by Yubico. The basic model featured here retails for $20. Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in

Phishing 238

Phishing Security Authentication Passwords 238

Dark Reading

JULY 5, 2018

The most effective hackers keep things simple, something organizations must take into account.

65

65

Data Breach Today

JULY 5, 2018

Criminals' Quest for Cryptocurrency Continues If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. Numerous studies have found that the most seen malware attacks today are designed for cryptojacking. But while ransomware campaigns may be down, they're far from out.

Ransomware 194

Ransomware Mining IT 194

Thales Cloud Protection & Licensing

JULY 9, 2018

The digital transformation has changed how the world does business. It has created whole new enterprises and industries, but it has also left many organizations vulnerable to new and destructive threats. Digital transformation can and does deliver increased efficiencies, improved decision-making, lower costs, improved reach, and higher profits. But it also frequently relies on increasing amounts of personal and other sensitive data.

Digital transformation 75

Digital transformation Financial Services Encryption Insurance 75

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

IT Governance

JULY 4, 2018

To improve cyber risk governance among public-sector departments and their suppliers, the UK government has issued a series of minimum cyber security standards that will be incorporated into the Government Functional Standard for Security. The first standard to be incorporated, the Minimum Cyber Security Standard (MCSS), comprises ten sections across five broad categories: Identify, Protect, Detect, Respond and Recover.

Government 57

Government Security Information Security Risk 57

Krebs on Security

JULY 25, 2018

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.

Phishing 197

Phishing Marketing Authentication Communications 197

Weissman's World

JULY 11, 2018

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. Officially, it “protects fundamental rights and freedoms of natural persons, and in particular, their right to the protection of personal data.” Note the […]. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group.

GDPR 159

GDPR Personal data Privacy IT 159

Data Breach Today

JULY 11, 2018

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene.

IoT 190

IoT Security 190

AIIM

JULY 3, 2018

Digital disruption calls for digital leaders with the skills and experience to optimize information assets and transform business. The AIIM Certified Information Professional (CIP) designation has come to represent a badge of competency and knowledge for those entrusted with the task of building an information strategy. But, what do our CIPs say about the certification?

Libraries 136

Libraries Access IT 136

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

The Guardian Data Protection

JULY 10, 2018

Firm fined £500k for lack of transparency and failing to protect users’ information Facebook is to be fined £500,000, the maximum amount possible, for its part in the Cambridge Analytica scandal , the information commissioner has announced. The fine is for two breaches of the Data Protection Act. The Information Commissioner’s Office (ICO) concluded that Facebook failed to safeguard its users’ information and that it failed to be transparent about how that data was harvested by others.

Data breaches 111

Data breaches Analytics IT Privacy 111

The Last Watchdog

JULY 13, 2018

There’s a new breed of identity thief at work plundering consumers and companies. However, these fraudsters don’t really care about snatching up your credentials or mine. By now, your personal information and mine has been hacked multiple times and is readily on sale in the Dark Web. This has long been true of the vast majority of Americans. Related article: 7 hacks signaling a coming global cyber war.

Digital transformation 181

Digital transformation Mining Communications Cloud 181

Krebs on Security

JULY 24, 2018

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses. According to a lawsuit filed last month in the Western District of Virginia, the first heist took place in late May 2016, after an employee at The National Bank of Blacksburg fell victim to a targeted phishing email.

Insurance 194

Insurance Computer and Electronics Phishing Access 194

John Battelle's Searchblog

JULY 30, 2018

I first moved to the Bay area in 1983. I graduated from high school, spent my summer as an exchange student/day laborer in England (long story), then began studies at Berkeley, where I had a Navy scholarship (another long story). 1983. 35 years ago. 1983 was one year before the introduction of the Macintosh (my first job was covering Apple and the Mac).

IT 110

IT 110

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

JULY 2, 2018

But Tech Giants are Taking Aim at the Law, Which Can Be Amended Until 2020 California's legislature has quickly introduced and passed new privacy legislation, making the state's laws the strongest in the U.S. The new law gives consumers a raft of new rights, and aims to bring more transparency to the murky trade in people's personal information.

Privacy 196

Privacy GDPR IT 196

Troy Hunt

JULY 12, 2018

It was Jan last year that I suggested HTTPS adoption had passed the "tipping point" , that is it had passed the moment of critical mass and as I said at the time, "will very shortly become the norm" Since that time, the percentage of web pages loaded over a secure connection has rocketed from 52% to 71% whilst the proportion of the world's top 1 million websites redirecting people to HTTPS has gone from 20% to about half (projected).

Risk 110

Risk Phishing Encryption IT 110

The Guardian Data Protection

JULY 11, 2018

ICO to fine baby club Emma’s Diary £140,000 for infraction before 2017 general election The Labour party bought data on more than 1 million new and expectant mothers and their children from a leading baby club ahead of the 2017 general election. The Information Commissioner’s Office (ICO) has issued a notice of intent to fine Emma’s Diary £140,000 for the infraction.

IT 105

IT Privacy 105

The Last Watchdog

JULY 25, 2018

Was it really that long ago that company networks were comprised of a straightforward cluster of servers, data bases, applications and user devices corralled largely on premises? Related article: Taking a ‘zero-trust’ approach to authentication. In today’s digitally transformed environment, companies must monitor and defend systems housed on-premises and in overlapping public and private clouds.

Digital transformation 165

Digital transformation Authentication Analytics Access 165

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Krebs on Security

JULY 27, 2018

Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer.

Phishing 188

Phishing Government Archiving IT 188

Schneier on Security

JULY 30, 2018

Interesting research: " You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information ," by Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini. Abstract: Metadata are associated to most of the information we produce in our daily interactions and communication in the digital world. Yet, surprisingly, metadata are often still categorized as non-sensitive.

Metadata 103

Metadata Paper Communications IT 103

Data Breach Today

JULY 20, 2018

PIR Bank Robbed by Russia's MoneyTaker Gang, Investigators Say Hackers stole at least $920,000 from Russia's PIR Bank after they successfully compromised an outdated, unsupported Cisco router at a bank branch office and used it to tunnel into the bank's local network, reports incident response firm Group-IB.

IT 191

IT 191

WIRED Threat Level

JULY 2, 2018

For years the Army has tried to recruit talent from Silicon Valley. A new initiative aims to nurture the rising technologists within its own ranks, too.

IT 110

IT Security 110

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

IT Governance

JULY 30, 2018

Another month passes where I’m left thinking ‘I should really create a Healthcare category’. So, from next month – I’ll be doing exactly that. There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans.

Data breaches 101

Data breaches Ransomware Personal data Phishing 101

The Last Watchdog

JULY 12, 2018

The discovery of sensitive U.S. military information for sale on the Dark Web for a nominal sum, in and of itself, is unfortunate and unremarkable. However, details of the underlying hack , ferreted out and shared by researchers of the Insikt Group, an arm of the security research firm Recorded Future, are most welcomed. They help frame wider questions, and pave the way for improved best practices.

Military 145

Military Sales Access Government 145

Krebs on Security

JULY 16, 2018

A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called “ LuminosityLink ,” a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide. The LuminosityLink Remote Access Tool (RAT) was sold for $40 to thousands of customers, who used the tool to gain unauthorized access to tens of thousands of computers worldwide.

Marketing 156

Marketing Access Sales Security 156

Dark Reading

JULY 31, 2018

The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar - yet.

Cybersecurity 111

Cybersecurity Security 111

Advertisement

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

Education

Data Breach Today

JULY 3, 2018

Kaspersky's Bhayani on Evolving to Predictive Analytics and Response With endpoint security, the fundamental concept was always to detect and prevent. Mature security strategies today are increasingly looking at response and remediation as well to complete the cycle, says Shrenik Bhayani of Kaspersky Lab.

Security 191

Security Analytics 191

WIRED Threat Level

JULY 10, 2018

Mail.ru also ran hundreds of apps on Facebook at a time when the platform’s policies allowed app developers to collect their users' friends' data.

Security 111

Security 111

TAB OnRecord

JULY 25, 2018

A move is a great time to make changes to your records management program and a chance to improve the way your records are stored and handled. If you have had a big project in mind, now is the time, just follow these simple steps! Read More. The post Tips for your corporate file move: Seize the opportunity to improve appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 84

Records Management 84