Quest Software

AUGUST 4, 2019

Learn about the common misconceptions surrounding Office 365 data protection and the truth behind the myths.( read more ).

80

80

Data Breach Today

AUGUST 5, 2019

SSRF Appears to Fit Scenario, But Details Are Slim Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it.

Data breaches 232

Data breaches Security IT 232

Dark Reading

AUGUST 6, 2019

Teams need to manage perceived risks so they can focus on fighting the real fires.

Risk 81

Risk Cybersecurity 81

Krebs on Security

AUGUST 7, 2019

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists.

Privacy 266

Privacy Communications Authentication Access 266

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Imperial Violet

AUGUST 9, 2019

Most readers of this blog will be familiar with the traditional security key user experience: you register a token with a site then, when logging in, you enter a username and password as normal but are also required to press a security key in order for it to sign a challenge from the website. This is an effective defense against phishing, phone number takeover, etc.

Passwords 114

Passwords Security Encryption Authentication 114

Elie

AUGUST 7, 2019

In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets.

Phishing 114

Phishing 114

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint , Plaid , Yodlee , YNAB and others to surveil and drain consumer accounts online.

Passwords 258

Passwords Risk Authentication Access 258

Security Affairs

AUGUST 8, 2019

Security experts at CheckPoint discovered a series of vulnerabilities in WhatsApp that could be exploited by attackers to tamper with conversations. A team of Check Point security researchers composed of Dikla Barda, Roman Zaikin, and Oded Vanunu devised three attacks that leverage the vulnerabilities in WhatsApp to tamper with conversations. The flaws could allow attackers to intercept and manipulate messages by WhatApp users sent in both private and group conversations.

Encryption 112

Encryption Security IT Information Security 112

Data Breach Today

AUGUST 6, 2019

Points to the Need to Make IoT Devices More Secure Microsoft warned on Monday that Russia-linked attackers are gaining access to corporate networks through poorly configured devices, such as office printers and VOIP phones. The remedy is paying more attention to deployed IoT devices, including establishing security policies and regular testing.

IoT 228

IoT Access Security 228

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

AUGUST 7, 2019

You don't even have to click anything.

Security 111

Security 111

Krebs on Security

AUGUST 9, 2019

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQ’s internal network to properly stage things before unleashing the ransomware. iNSYNQ ultimately declined to pay the ransom demand, and it is still working to completely restore customer access

Phishing 212

Phishing Ransomware Sales Encryption 212

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme. The man charged of one count of conspiracy to commit wire fraud risks a maximum of 20 years jail sentence. “Amil Hassan Raage pleaded guilty to fraudulently receiv

Phishing 111

Phishing Risk Government Security 111

Data Breach Today

AUGUST 6, 2019

Software Bug Meant Some Numbers Were Stored Unencrypted Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.

Security 221

Security 221

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

AUGUST 7, 2019

One researcher's discovery suggests troubling oversights in Boeing's cybersecurity.

Cybersecurity 111

Cybersecurity Security 111

Dark Reading

AUGUST 8, 2019

FaceApp has an unprecedented level of access to data from 150 million users. What could its endgame be? We unpack three potential risks.

Risk 96

Risk Access IT 96

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws. We first met this team of experts in April when they discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-ba

Passwords 111

Passwords Authentication Encryption Paper 111

Data Breach Today

AUGUST 8, 2019

Former Secret Service agent Jeff Dant now heads fraud operations and intelligence for the financial crimes unit at BMO Financial Group. Which threats and threat actors does he focus on, and how does his law enforcement experience help? Dant previews a session at the upcoming Cybersecurity Summit in New York.

Cybersecurity 220

Cybersecurity 220

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

AUGUST 9, 2019

Some kids play in a band after school. Bill Demirkapi hacked two education software giants.

Education 111

Education Security 111

Micro Focus

AUGUST 6, 2019

90% of the data on the internet has been created since 2016, according to an IBM Marketing Cloud study. People, businesses, and devices have all become data factories that are pumping out incredible amounts of information to the web each day. This post has been tracking the growth of data created on the internet for. View Article.

Marketing 95

Marketing Cloud Archiving 95

Security Affairs

AUGUST 7, 2019

Experts discovered a new variant of the Spectre vulnerability (SWAPGS Attack) that affects modern Intel CPUs which leverage speculative-execution , and also some AMD processors. Experts discovered a new Spectre speculative execution flaw (SWAPGS attack), tracked as CVE-2019-1125, that affects all Modern Intel CPUs and some AMD processors. The flaw could be exploited by unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory ( i.e. pass

Encryption 111

Encryption Access Passwords Security 111

Data Breach Today

AUGUST 9, 2019

RSA's Holly Rollo on the Importance of Third-Party Risk Management Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices.

Digital transformation 219

Digital transformation Security Risk 219

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

WIRED Threat Level

AUGUST 6, 2019

Fredrick Brennan is appalled by the notorious chat site’s links to right-wing extremism and mass shootings. Inside his tortured journey through the web’s cesspool and his attempt at redemption.

IT 111

IT Security 111

Threatpost

AUGUST 9, 2019

Researchers show how they hacked Google Home smart speakers using the Megellan vulnerability.

94

94

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. . Avast recently discovered a new strain of Clipsa malware that is able to scan the Internet and launches brute-force attacks on WordPress sites. “ Avast researcher

Mining 111

Mining Passwords IT Security 111

Data Breach Today

AUGUST 7, 2019

Scheme Involved Unlocking 2 Million Smartphones to Enable Fraud The Justice Department has indicted two men on charges of paying more than $1 million in bribes to AT&T employees who helped plant malware on the carrier's network and access the company's internal systems. The complicated scheme involved unlocking 2 million smartphones from AT&T's network, prosecutors say.

Access 211

Access 211

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

WIRED Threat Level

AUGUST 9, 2019

The Surveillance Detection Scout can track license plates and faces near your Tesla—with all the privacy concerns that implies.

Privacy 109

Privacy Security 109

Dark Reading

AUGUST 6, 2019

Preconceived notions and divisions make building security into the software development life cycle an uphill battle for many organizations.

Security 94

Security 94

Security Affairs

AUGUST 9, 2019

Two researchers publicly disclosed a zero-day vulnerability that affects the popular Steam game client for Windows, 0ver 100 million users at risk. Two security experts disclosed a privilege escalation vulnerability in the Stream client for Windows that can be exploited by an attacker with limited permissions to run code administrative privileges. The issue could be exploited by vxers to develop malware that is able to perform multiple malicious activities.

Access 111

Access Security Risk IT 111