The Last Watchdog

APRIL 24, 2019

Accounting for third-party risks is now mandated by regulations — with teeth. Related: Free ‘VRMM’ tool measures third-party exposure Just take a look at Europe’s GDPR , NYDFS’s cybersecurity requirement s or even California’s newly minted Consumer Privacy Act. What does this mean for company decision makers, going forward, especially as digital transformation and expansion of the gig economy deepens their reliance on subcontractors?

Risk 164

Risk IoT Digital transformation Retail 164

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your device and the internet through encrypted tunnels.

Encryption 111

Encryption Authentication Privacy Communications 111

Schneier on Security

APRIL 26, 2019

Cyberattacks don't magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing has led to something called the " cybersecurity kill chain ": a way of thinking about cyber defense in terms of disrupting the attacker's process. On a similar note, it's time to conceptualize the "information operations kill chain.

Cybersecurity 111

Cybersecurity Government IT Security 111

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research.

IoT 275

IoT Manufacturing Passwords Computer and Electronics 275

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

APRIL 23, 2019

Privacy Peril: Thieves Use Location Data to 'Shop' for High-Value Items Facebook has fixed a security vulnerability in its digital marketplace that could have been abused to identify the precise location of a seller, and by extension, their goods. Police warn that thieves regularly trawl location data to find the owners and locations of high-value items.

Privacy 268

Privacy Security IT 268

WIRED Threat Level

APRIL 26, 2019

While foreign phone carriers are sharing data to stop SIM swap fraud, US carriers are dragging feet.

Security 111

Security 111

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned. An advertisement for RevCode WebMonitor.

Archiving 225

Archiving Sales Encryption Passwords 225

Data Breach Today

APRIL 22, 2019

Marcus Hutchins, aka MalwareTech, Says He Regrets Coding, Distributing 'Kronos' Marcus Hutchins, the British security researcher who helped stop the massive WannaCry ransomware outbreak in mid-2017, has pleaded guilty to developing and distributing "Kronos" banking malware when he was younger.

Ransomware 250

Ransomware Security 250

The Last Watchdog

APRIL 22, 2019

It’s clear that closing the cybersecurity skills gap has to happen in order to make our internet-centric world as private and secure as it ought to be. Related: The need for diversity in cybersecurity personnel One of the top innovators in the training space is Circadence ®. The Boulder, CO-based company got its start in the mid-1990s as a pioneer of massive multi-player video games.

Cybersecurity 190

Cybersecurity Artificial Intelligence Military Security 190

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

APRIL 25, 2019

In a small Minnesota town, an IT technician found his way to the darkest corner of the web. Then he made a deadly plan.

IT 111

IT Security 111

Security Affairs

APRIL 24, 2019

Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. New Oracle #WebLogic #RCE #Deserialization 0-day Vulnerability. No vendor fix yet! Speak to @waratek for guaranteed active protection against 0-day RCE attacks with no blacklists, signatures, or profiling #NoSourceCodeChanges [link]

Access 111

Access Security IT 111

Data Breach Today

APRIL 22, 2019

FTC Reportedly Eyes Holding Mark Zuckberberg Personally Accountable for Privacy "Move fast and break things," Facebook CEO Mark Zuckerberg once said of his company's internal motto. But regulators have been increasingly signaling to Facebook that when it comes to users' privacy and data security, too much remains broken.

Privacy 242

Privacy Security IT 242

Schneier on Security

APRIL 22, 2019

This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker. But the fields are closely related and there are a lot of lessons for IoT security -- and the security of complex socio-technical systems in general -- in here.

IoT 110

IoT Security 110

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

APRIL 23, 2019

The larger lesson of an ongoing Ethereum crime spree: Be careful with who's generating your cryptocurrency keys.

Blockchain 111

Blockchain Security 111

Security Affairs

APRIL 23, 2019

CheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe.

Military 111

Military Government Phishing Security 111

Data Breach Today

APRIL 25, 2019

Questions Loom About Whether Big Fines Will Prompt Privacy Reform Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission. But will mega-fines lead to the reform of tech giants' questionable privacy and security practices?

Privacy 237

Privacy Security IT 237

Dark Reading

APRIL 23, 2019

1 in 4 Workers Are Aware Of Company IT Security Guidelines but Don't Follow Them

Security 109

Security IT 109

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

APRIL 21, 2019

Researchers have shown that even though Netflix encrypts its traffic, hackers can figure out your interactive movie choices.

Encryption 109

Encryption IT Security 109

Security Affairs

APRIL 22, 2019

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x and 2.x versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

Libraries 111

Libraries Security IT 111

Data Breach Today

APRIL 26, 2019

Attackers' Small Malicious Code Tweaks Keep Faking Out Defenders, Researchers Warn Check Point Research has spotlighted attacks against several embassies that show how subtle changes in source code can alter how security professionals can detect and stop different types of malware.

Security 235

Security 235

AIIM

APRIL 22, 2019

Recently, AIIM released an eBook titled, State of the Industry – Content Services that examines the current state of Content Services technologies and how user perceptions about them are changing. For this research study, we surveyed over 300 decision-makers from around the world about their focus on Content Services to answer these three core questions: What critical information management problems are users trying to solve with Content Services?

Content services 109

Content services Records Management Information governance Government 109

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

APRIL 23, 2019

From a G7 meeting of interior ministers in Paris this month, an " outcome document ": Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, without imposing any particular technology and while ensuring that assistance requested from internet companies is underpinned by the r

Encryption 108

Encryption Access IT 108

Security Affairs

APRIL 21, 2019

Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Researcher Sanyam Jain at GDI foundation discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Most of the data are publicly available, the databases also include the email addresses of the users.

Data breaches 112

Data breaches Archiving Privacy Education 112

Data Breach Today

APRIL 25, 2019

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.

Security 234

Security 234

WIRED Threat Level

APRIL 23, 2019

An aggressive group of supply chain hackers strikes again, this time further upstream.

Security 106

Security 106

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Dark Reading

APRIL 23, 2019

What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.

105

105

Security Affairs

APRIL 20, 2019

A white hat hacker discovered how to break Tchap, a new secure messaging app launched by the French government for officials and politicians. The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to break into Tchap , a new secure messaging app launched by the French government for encrypted communications between officials and politicians.

Security 111

Security Encryption Communications Government 111

Data Breach Today

APRIL 26, 2019

Privacy Commissioner Will Go to Court to Enforce Recommendations Canada's privacy commissioner says Facebook violated its privacy laws by failing to protect users' personal data. The commissioner plans to take Facebook to federal court for allegedly refusing to implement recommendations to strengthen its privacy framework.

Privacy 212

Privacy Personal data IT 212