The Last Watchdog

SEPTEMBER 18, 2018

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s high time to protect unstructured data. Ironically, many victimized companies are paying hefty ransoms to decrypt unstructured data that may not be all that sensitive or mission critical.

Unstructured data 194

Unstructured data Ransomware Mining Encryption 194

Security Affairs

SEPTEMBER 28, 2018

Facebook hacked – Attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users. Facebook hacked, this is news that is rapidly spreading across the Internet. A few hours ago, Facebook announced that an attack on its computer network exposed the personal information of roughly 50 million users.

Security 111

Security Access Data breaches IT 111

Krebs on Security

SEPTEMBER 21, 2018

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable reven

Insurance 279

Insurance Marketing Security Military 279

Data Breach Today

SEPTEMBER 20, 2018

'Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.

Privacy 242

Privacy Data breaches GDPR Security 242

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Guardian Data Protection

SEPTEMBER 29, 2018

Images posted to social media show people accessing data of senior Tories such as Boris Johnson and Michael Gove A major flaw in the Conservative ’s official conference mobile phone application has made the private data of senior party members – including cabinet members – accessible to anyone that logged in as a conference attendee. The data of every person who registered to attend the Tory conference could be viewed, with Boris Johnson, Michael Gove and others among hundreds of diplomats, dign

Data breaches 111

Data breaches Access IT Privacy 111

The Last Watchdog

SEPTEMBER 21, 2018

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies. Related: How DevOps enabled the hacking of Uber. DevOps is a process designed to foster intensive collaboration between software developers and the IT operations team, two disciplines that traditionally have functioned as isolated silos with the technology department.

Cloud 203

Cloud Security Mining Financial Services 203

Troy Hunt

SEPTEMBER 17, 2018

That's it - I'm calling it - extended validation certificates are dead. Sure, you can still buy them (and there are companies out there that would just love to sell them to you!), but their usefulness has now descended from "barely there" to "as good as non-existent" This change has come via a combination of factors including increasing use of mobile devices, removal of the EV visual indicator by browser vendors and as of today, removal from Safari on iOS (it'll also be gone in M

Marketing 109

Marketing Phishing Encryption IT 109

Krebs on Security

SEPTEMBER 28, 2018

Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. In a short blog post published this afternoon, Facebook said hackers have been exploiting a vulnerability in Facebook’s site code that impacted a feature called “View As,” which lets users see how their profile appears to other people. “This allowed t

Security 259

Security Passwords Access IT 259

Data Breach Today

SEPTEMBER 25, 2018

Fraudsters Hijack Mobile Numbers to Crack Open Bank Accounts In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.

Authentication 241

Authentication IT 241

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

John Battelle's Searchblog

SEPTEMBER 9, 2018

At dinner last night with my wife and our 14 year-old daughter, I noticed a circular table of four teenage girls eating alone. They were about the same age as my daughter, who wasn’t exactly thrilled to be stuck with her parents as company on her first weekend of the school year. As we ate, I paid attention to the group’s dynamics, imagining them to be a possible reflection of what my daughter would be doing once she started going out alone with friends in New York City.

IT 106

IT 106

Security Affairs

SEPTEMBER 18, 2018

According to Avira, hundreds of thousands of unpatched Windows systems are serially infected with EternalBlue exploit code. The EternalBlue , is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. The malicious code was leaked online by the Shadow Brokers hacking group that stole it from the arsenal of the NSA-linked Equation Group.

Ransomware 111

Ransomware Security IT 111

The Last Watchdog

SEPTEMBER 13, 2018

Of the many cybersecurity executives I’ve interviewed, Keenan Skelly’s career path may be the most distinctive. Skelly started out as a U.S. Army Explosive Ordnance Disposal (EOD) Technician. “I was on the EOD team that was actually assigned to the White House during 9/11, so I got to see our national response framework from a very high level,” she says.

Cybersecurity 203

Cybersecurity Artificial Intelligence Military Security 203

Troy Hunt

SEPTEMBER 26, 2018

I have a love-hate relationship with ad blockers. On the one hand, I despise the obnoxious ads that are forced down our throats at what seems like every turn. On the other hand, I appreciate the need for publishers to earn a living so that I can consume their hard-earned work for free. Somewhere in the middle is a responsible approach, for example the sponsorship banner you see at the top of this blog.

Analytics 108

Analytics Risk IT Security 108

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Krebs on Security

SEPTEMBER 27, 2018

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM. According to a non-public alert distributed to banks this week and shared with KrebsOnSecurity by a financial industry source, the Secret Service has received multiple reports about a complex form

Communications 252

Communications Security IT 252

Data Breach Today

SEPTEMBER 28, 2018

Port Remains Open and Accessible to Ships, Officials Say Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline. Port officials say the attacker has demanded a ransom, payable in bitcoin, for the promise of a decryption key.

Ransomware 240

Ransomware IT Access 240

Schneier on Security

SEPTEMBER 14, 2018

Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.

Encryption 106

Encryption Communications Authentication Security 106

Security Affairs

SEPTEMBER 29, 2018

The FBI Internet Crime Complaint Center (IC3) warns of cyber attacks exploiting Remote Desktop Protocol (RDP) vulnerabilities. Remote Desktop Protocol (RDP) is a widely adopted protocol for remote administration, but it could dramatically enlarge the attack surface if it isn’t properly managed. The FBI Internet Crime Complaint Center (IC3) and the DHS issued a joint alert to highlight the rise of RDP as an attack vector.

Passwords 111

Passwords Authentication Communications Access 111

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

WIRED Threat Level

SEPTEMBER 28, 2018

The social networking giant confirmed Friday that sites you use Facebook to login to could have been accessed as a result of its massive breach.

Security 111

Security Access IT 111

Troy Hunt

SEPTEMBER 11, 2018

Here's how it normally plays out: It all begins when a company pops up online and makes some sort of ludicrous statement related to their security posture, often as part of a discussion on a public social media platform such as Twitter. Shortly thereafter, the masses descend on said organisation and express their outrage at the stated position. Where it gets interesting (and this is the whole point of the post), is when another group of folks pop up and accuse the outraged group of doing a bit o

Security 102

Security Passwords IT Communications 102

Krebs on Security

SEPTEMBER 17, 2018

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Government 248

Government Access Encryption Passwords 248

Data Breach Today

SEPTEMBER 14, 2018

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era. Reports of data breaches continue to increase and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.

GDPR 208

GDPR Data breaches Privacy 208

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Hunton Privacy

SEPTEMBER 25, 2018

The Information Commissioner’s Office (“ICO”) in the UK has issued the first formal enforcement action under the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (the “DPA”) on Canadian data analytics firm AggregateIQ Data Services Ltd. (“AIQ”). The enforcement action, in the form of an Enforcement Notice served under section 149 of the DPA, requires AIQ to “cease processing any personal data of UK or EU citizens obtained from UK political organizations or otherwi

GDPR 99

GDPR Personal data Analytics IT 99

Security Affairs

SEPTEMBER 26, 2018

The latest samples of the HNS bot were designed to target Android devices having the wireless debugging feature ADB enabled. The Hide and Seek (HNS) IoT botnet was first spotted early this year, since its discovery the authors continuously evolved its code. The IoT botnet appeared in the threat landscape in January, when it was first discovered on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and appeared again a few weeks later infecting in a few

IoT 111

IoT Mining Access Security 111

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2018

The Internet of Things (IoT) is rapidly growing and expected to affect all industry verticals as well as our private lives. It is no secret that security plays a very important part in the successful deployment and management of this technology, and its applications are set to transform the way we live and do business. In this blog, we reached out to our technology partner Nexus to better understand the challenges that the industry faces to ensure safe deployment and management of IoT technologi

IoT 92

IoT Security Computer and Electronics Authentication 92

Schneier on Security

SEPTEMBER 21, 2018

NIST has released a new study concluding that the AES encryption standard has resulted in a $250 billion world-wide economic benefit over the past twenty years. I have no idea how to even begin to assess the quality of the study and its conclusions -- it's all in the 150-page report, though -- but I do like the pretty block diagram of AES on the report's cover.

Encryption 96

Encryption IT 96

Advertisement

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

Education

Krebs on Security

SEPTEMBER 10, 2018

Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents. Maybe you’ve been holding off freezing your credit file because your home state currently charges a fee for placing or thawing a credit freeze, or because you believe it’s just not worth the hassle.

Access 242

Access Security Military Retail 242

Troy Hunt

SEPTEMBER 5, 2018

As time has gone by, one of the things I've enjoyed the most in running Have I Been Pwned (HIBP) is seeing how far I could make the dollars stretch. How big can it go whilst at the same time, running it on a shoestring? I keep finding new ways of optimising cost and the two most significant contributions to that since launching almost 5 years ago have come via serverless technology provided by 2 of my favourite tech companies: Cloudflare and Microsoft.

Passwords 94

Passwords IT Data structuring Cloud 94

Hunton Privacy

SEPTEMBER 25, 2018

On September 25, 2018, the French Data Protection Authority (the “CNIL”) published the first results of its factual assessment of the implementation of the EU General Data Protection Regulation (GDPR) in France and in Europe. When making this assessment, the CNIL first recalled the current status of the French legal framework, and provided key figures on the implementation of the GDPR from the perspective of privacy experts, private individuals and EU supervisory authorities.

GDPR 97

GDPR Compliance Data breaches Privacy 97