Data Breach Today
APRIL 15, 2020
Video-Sharing Service Does Not Always Use TLS/SSL Encryption TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say. That could be especially damaging in the current pandemic environment, where misinformation and confusion abounds.
Security Affairs
APRIL 9, 2020
Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
APRIL 2, 2020
A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR. SonicWall’s security researchers have discovered a new piece of malware that exploits the current COVID19 outbreak to render computers unusable by overwriting the master boot record (MBR). Unfortunately, this is one of the numerous attacks conducted by cyber criminals and nation-state actors in an attempt to take advantage of the COVID19 epidemic.
Krebs on Security
APRIL 7, 2020
In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million. Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
APRIL 16, 2020
Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber crimes ever get reported to law enforcement.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
APRIL 8, 2020
APT Groups Are Buying Exploits Rather Than Developing Them, FireEye Says Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
The Guardian Data Protection
APRIL 13, 2020
Exclusive: draft plans for contact-tracing app said device IDs could be used to identify users Coronavirus – latest updates See all our coronavirus coverage A draft government memo explaining how the NHS contact-tracing app could stem the spread of the coronavirus said ministers might be given the ability to order “de-anonymisation” to identify people from their smartphones, the Guardian can reveal.
Security Affairs
APRIL 26, 2020
Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild. Sophos was informed of the attacks exploiting the zero-day issue by one of its customers on April 22.
Krebs on Security
APRIL 23, 2020
Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
The Last Watchdog
APRIL 7, 2020
Application programming interface. API. It’s the glue holding digital transformation together. Related: A primer on ‘credential stuffing’ APIs are the conduits for moving data to-and-fro in our digitally transformed world. APIs are literally everywhere in the digital landscape, and more are being created every minute. APIs connect the coding that enables the creation and implementation of new applications.
IT Governance
APRIL 2, 2020
With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. And the bad news is that unsettled employees, many of whom are being asked to work from home, and depleted workforces mean there is an increased chance of an incident occurring. Thankfully, we’ve only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures.
Data Breach Today
APRIL 11, 2020
Ukrainian Man Behind the Actual Hacking Remains at Large The U.S. SEC has settled charges against two traders who were accused of profiting from the hacking of an EDGAR server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.
PerezBox
APRIL 6, 2020
April 5th, 2020 marked the end of my three year journey with GoDaddy, and 9+ years with Sucuri. The time has come to say goodbye and venture off on a. Read More. The post Thank You GoDaddy / Sucuri. A New Chapter Begins. appeared first on PerezBox.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
APRIL 20, 2020
Over 267 million Facebook profiles are offered for sale on dark web sites and hacker forums, the dump is offered for £500 ($623) and doesn’t include passwords. Hackers are offering for sale over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums, the archive doesn’t include passwords. Early March, the security expert Bob Diachenko uncovered an Elasticsearch cluster containing more than 267 million Facebook user IDs, phone numbers, and names.
Krebs on Security
APRIL 2, 2020
As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong.
Dark Reading
APRIL 23, 2020
A grassroots effort provides scientists with computing power to help simulate the novel coronavirus' proteins and come up with therapeutic solutions for the disease.
erwin
APRIL 3, 2020
Many organizations start an enterprise architecture practice without a specialized enterprise architecture tool. Instead, they rely on a blend of spreadsheets, Visio diagrams, PowerPoint files and the like. Under normal circumstances, this approach is difficult. In times of rapid change or crisis, it isn’t viable. Four Compelling Reasons for An Enterprise Architecture Tool.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
APRIL 10, 2020
Attack Crippled Currency Exchange's Services for Weeks Travelex, a London-based foreign currency exchange that does business in 26 countries, including the U.S., paid a ransomware gang $2.3 million to regain access to its data following an attack, the Wall Street Journal reports. The incident crippled the company's customer services for weeks.
IT Governance
APRIL 6, 2020
The days of 9–5 office hours were over long before coronavirus forced the majority of us to work from home. Organisations have increasingly offered employees the opportunity to work from home on an occasional or full-time basis, and many of us feel obliged to check work emails on personal devices outside of business hours. Most companies will therefore already have some experience of the processes involved in home working and the security vulnerabilities that come with it.
Security Affairs
APRIL 13, 2020
Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Sellers are advertising them for.0020 cents each, in some cases they are offered for free. The huge trove of account credentials was not stolen by Zoom, instead, it appears the result of credential stuffing attacks that leverage records from third-party data breaches.
Krebs on Security
APRIL 28, 2020
You may have heard that today’s phone fraudsters like to use use caller ID spoofing services to make their scam calls seem more believable. But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
HL Chronicle of Data Protection
APRIL 21, 2020
The French Data Protection Authority (CNIL) has recently released new guidelines (French only) regarding human resources processing operations. When the GDPR became effective, the CNIL’s previous set of HR Data guidelines became out of date as they did not incorporate the new law’s requirements ( e.g. obligations relating to records of processing activities and Data Protection Impact Assessments).
erwin
APRIL 15, 2020
Hello from my home office! I hope you and your family are staying safe, practicing social distancing, and of course, washing your hands. These are indeed strange days. During this coronavirus emergency, we are all being deluged by data from politicians, government agencies, news outlets, social media and websites, including valid facts but also opinions and rumors.
Data Breach Today
APRIL 24, 2020
Second Largest Health Data Breach So Far This Year A California-based genetic testing laboratory has reported an email hacking incident that may have exposed medical information on nearly 233,000 individuals. It's the second-largest health data breach posted to the federal health data breach tally so far in 2020.
IT Governance
APRIL 9, 2020
Until three weeks ago, you had probably never heard of the video conferencing software Zoom. But now, as we remain in lockdown and are forced to communicate with colleagues and friends remotely, it’s one of the world’s most talked-about technologies – whether that’s because of its easy-to-use and free set-up or because of accusations that it steals your data and infects you with malware.
Advertisement
Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.
Security Affairs
APRIL 12, 2020
Security researchers discovered an archive available on a dark web forum that includes thousands of compromised Zoom credentials. Researchers discovered a database available on an underground forum in the dark web that contained more than 2,300 compromised Zoom credentials. Some of the records also included meeting IDs, names and host keys. The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software comp
Krebs on Security
APRIL 10, 2020
The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return.
John Battelle's Searchblog
APRIL 29, 2020
If you’ve read Shoshana Zuboff’s Surveillance Capitalism , you likely agree that the most important asset for a data-driven advertising platform is consumer engagement. That engagement throws off data, that data drives prediction models, those models inform algorithms, those algorithms drive advertising engines, and those engines drive revenue, which drives profit.
Expert insights. Personalized for you.
334 
Let's personalize your content