Data Breach Today
SEPTEMBER 9, 2019
Beyond 'Patch or Perish' - CISOs' Risk-Based Approach to Fixing Vulnerabilities Every week seems to bring a fresh installment of "patch or perish." But security experts warn that patch management, or the larger question of vulnerability management, must be part of a much bigger-picture approach to managing risk. And the challenge continues to get more complex.
Threatpost
SEPTEMBER 12, 2019
The historic measure, which still needs to be signed into law, would prohibit biometric surveillance, including in bodycams.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Levin
SEPTEMBER 9, 2019
Insider risk, supply chain vulnerability and vendor risk all boil down to the same thing: the more people have access to your data, the more vulnerable it is to being leaked or breached. This summer brought an interesting twist to that straight-forward situation: Can data leaked by an employee or a contractor be a good thing? In July, a Belgian contractor who had been hired to transcribe Google Home recordings shared several of them with news outlet VRT.
Krebs on Security
SEPTEMBER 11, 2019
MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
SEPTEMBER 11, 2019
September's Patch Tuesday Addresses Elevation of Privileges Flaws As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild. Security experts are urging IT teams to quickly patch these flaws.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
SEPTEMBER 10, 2019
There is a lot of interest and discussion about the cloud these days— and for good reason. As business leaders and department heads identify impediments to their teams’ effectiveness, they are beginning to recognize that the cloud is not just about storage; it’s about flexibility, process improvement, and savings. But it will take a balanced perspective to cash in.
Krebs on Security
SEPTEMBER 9, 2019
The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.
Data Breach Today
SEPTEMBER 12, 2019
Researchers Say Mirai Derivatives and EternalBlue Exploits Pummel Internet-Connected Devices Two years after WannaCry wrecked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
The Last Watchdog
SEPTEMBER 11, 2019
One of the promising cybersecurity trends that I’ve been keeping an eye on is this: SOAR continues to steadily mature. Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Related: Here’s how Capital One lost 100 million customer records SOAR holds the potential to slow – and, ultimately, to help reverse – the acute and worsening cybersecurity skills shortage.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Thales Cloud Protection & Licensing
SEPTEMBER 10, 2019
Access management is increasingly the answer to #TrustedAccess. With two decades of cloud computing now under the belt, this question is increasingly more relevant in our hyper-connected world. Massive amounts of data are constantly produced globally, shared and stored by a rapidly growing number of devices in an expanding cloud environment. But the tremendous capabilities and convenience we’ve come to depend on via the cloud often leaves the door open to increasing vulnerabilities.
Krebs on Security
SEPTEMBER 10, 2019
Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user.
Data Breach Today
SEPTEMBER 10, 2019
Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services. A recent look at black market offerings by security firm Armor finds that the sale of stolen payment card data, RDP credentials, ransomware and DDoS services remains alive and well.
Data Matters
SEPTEMBER 10, 2019
Creating a circuit split, the U.S. Court of Appeals for the Eleventh Circuit has held that receiving a single unwanted text message is not enough to confer standing, even if the text violated the federal Telephone Consumer Protection Act (TCPA). The court disagreed with a Ninth Circuit ruling that reached the opposite conclusion in 2017. In so doing, it gave new life to an argument defendants may use to fend off class actions under the TCPA.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
SEPTEMBER 12, 2019
SimJacker is a critical vulnerability in SIM cards that could be exploited by remote attackers to compromise any phones just by sending an SMS. Cybersecurity researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS.
Thales Cloud Protection & Licensing
SEPTEMBER 12, 2019
Now that it’s September, the excitement is beginning to build in earnest for the 2019 Rugby World Cup. Sports fans aren’t the only ones who are looking forward to this event. Unfortunately, digital criminals are also closely following the buzz surrounding this tournament. It’s not like bad actors haven’t taken an interest in major sporting events before.
Data Breach Today
SEPTEMBER 12, 2019
Government Invites Feedback on Addressing Cyber Challenges The Australian government is looking to update its national cybersecurity strategy by 2020. In preparation, it's released a discussion paper that seeks input from citizens, the business community, academics and other stakeholders.
erwin
SEPTEMBER 12, 2019
Strong internal business process modeling and management helps data-driven organizations compete and lead. In short, an internal business process is a documented account of how things should be done to maximize efficiency and achieve a particular goal. In the book “Exponential Organizations” by Salim Ismail, Michael S. Malone and Yuri van Geest , the authors, examine how every company is or will evolve into an information-based entity in which costs fall to nearly zero, abundance replaces scarci
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
eSecurity Planet
SEPTEMBER 12, 2019
These IT security vendors lead the market through their innovative offerings, range of products and services, customer satisfaction and annual revenue
Security Affairs
SEPTEMBER 9, 2019
Security expert discovered that busing a well-known feature of deleting messages it is possible to threate the users’ privacy. This is not a security vulnerability its a privacy issue. As I understand Telegram a messaging app focuses on privacy which has over 10,00,00,000+ downloads in Playstore. In this case, we are abusing a well-known feature of deleting messages, which allows users to delete messages sent by mistake or genuinely to any recipient.
Data Breach Today
SEPTEMBER 10, 2019
Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products.
WIRED Threat Level
SEPTEMBER 12, 2019
A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
SEPTEMBER 13, 2019
All of life is based on the coordinated action of genetic parts (genes and their controlling sequences) found in the genomes (the complete DNA sequence) of organisms. Genes and genomes are based on code-- just like the digital language of computers. But instead of zeros and ones, four DNA letters A, C, T, G -- encode all of life. (Life is messy, and there are actually all sorts of edge cases, but ignore that for now.
Security Affairs
SEPTEMBER 8, 2019
Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. “Over the past couple of weeks, we have been observing a new Trojan on Googl
Data Breach Today
SEPTEMBER 13, 2019
Fin7 Gang Tied to Theft of 15 Million Payment Cards From Restaurant Chains and Others One of the three Ukrainian men charged with leading the notorious Fin7 hacking group, which prosecutors say stole 15 million payment cards, has pleaded guilty to two federal charges.
Dark Reading
SEPTEMBER 13, 2019
With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
Schneier on Security
SEPTEMBER 12, 2019
This seems to be an identity theft first : Criminals used artificial intelligence-based software to impersonate a chief executive's voice and demand a fraudulent transfer of €220,000 ($243,000) in March in what cybercrime experts described as an unusual case of artificial intelligence being used in hacking. Another news article.
Security Affairs
SEPTEMBER 12, 2019
Poland announced it will launch a cyberspace defense force by 2024 composed of around 2,000 soldiers with a deep knowledge in cybersecurity. The Polish Defence Ministry Mariusz Blaszczak has approved the creation of a cyberspace defence force by 2024, it will be composed of around 2,000 soldiers with deep expertise in cybersecurity. The news was reported by AFP, Blaszczak announced that the cyber command unit would start its operations in 2022. “We’re well aware that in today’s
Data Breach Today
SEPTEMBER 10, 2019
Analysis: Attackers Probed Weaknesses in Network Firewalls for 10 Hours Earlier this year, intruders probed weaknesses in the network firewalls of a U.S. power utility to attempt a distributed denial-of-service attack, but there was no disruption in electricity service, according a recently released report. The incident illustrates potential weaknesses in the power grid.
Expert insights. Personalized for you.
194 
Let's personalize your content