Sat.Aug 04, 2018 - Fri.Aug 10, 2018

article thumbnail

Machine Learning Can Identify the Authors of Anonymous Code

WIRED Threat Level

Researchers have repeatedly shown that writing samples, even those in artificial languages, contain a unique fingerprint that's hard to hide.

article thumbnail

DevSecOps: The Keys to Success

Data Breach Today

Experts Offer Insights on Addressing the Challenges Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.

Security 100
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

DeepLocker – AI-powered malware are already among us

Security Affairs

Security researchers at IBM Research developed a “highly targeted and evasive” AI-powered malware dubbed DeepLocker and will present today. What about Artificial Intelligence (AI) applied in malware development? Threat actors can use AI-powered malware to create powerful malicious codes that can evade sophisticated defenses. Security researchers at IBM Research developed a “highly targeted and evasive” attack tool powered by AI,” dubbed DeepLocker that is able to co

article thumbnail

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher , an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Q&A: How your typing and screen swiping nuances can verify your identity

The Last Watchdog

The recent data breaches at Timehop and Macy’s are the latest harbingers of what’s in store for companies that fail to vigorously guard access to all of their mission-critical systems. Related podcast: Why identities are the new firewall. A common thread to just about every deep network breach these days is the failure of the victimized entity to effectively deploy multi-factor authentication (MFA) to at least make it harder for threat actors to access their sensitive systems.

More Trending

article thumbnail

Do you have a data breach response plan?

IT Governance

The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on organisations: taking the appropriate measures to comply with the law while simultaneously dealing with the collateral impact of a breach is not a picnic! The Ponemon Institute Cost of a Data Breach Study 2018 indicates that one in four organisations will suffer a data breach in the next two years.

article thumbnail

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks. This is the first time the Department of Energy will test the electrical grid’s ability to recover from a blackout caused by cyberattacks. We have discussed many times the effects of a cyber attack against an electrical grid, the most scaring scenario sees wide power outage bringing population in the dark.

article thumbnail

How to Stay Safe on Public Wi-Fi

WIRED Threat Level

Connecting to a public Wi-Fi network can put you at risk. Here's how to minimize the damage.

Risk 89
article thumbnail

Atlanta's Reported Ransomware Bill: Up to $17 Million

Data Breach Today

City Didn't Pay Ransom, But Spends for Cleanup, New Devices, Better Security The cost of the city of Atlanta's mitigation and subsequent IT overhaul following a massive SamSam ransomware infection in March could reach $17 million, of which $6 million has already been budgeted for new devices, security enhancements as well as upgrades, according to news reports.

Cleanup 182
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Measuring the Rationality of Security Decisions

Schneier on Security

Interesting research: " Dancing Pigs or Externalities? Measuring the Rationality of. Security Decisions ": Abstract: Accurately modeling human decision-making in security is critical to thinking about when, why, and how to recommend that users adopt certain secure behaviors. In this work, we conduct behavioral economics experiments to model the rationality of end-user security decision-making in a realistic online experimental system simulating a bank account.

article thumbnail

3 ways prescriptive analytics helps deliver better financial services

IBM Big Data Hub

As any financial services executive knows, improving business results with precise, timely decisions is much harder than it looks.

article thumbnail

Preview - 5 Things You Need to Know About Information Overload and Automating Governance

AIIM

As a preview to our upcoming multi-client market research report on the emerging intersection between information governance & security and analytics & machine learning, we asked 50 senior executives and decision-makers for their perspectives on five of the questions we’ll be asking in our research (just a snapshot of the 20+ questions we’ll be asking in the actual survey).

article thumbnail

The Art of the Steal: FIN7's Highly Effective Phishing

Data Breach Today

Cybercrime Gang Phoned Victims to Increase Phishing Attack Success Rates The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege. The group's success - 15 million stolen payment cards and counting - is one measure of how difficult these types of attacks are to block.

Phishing 172
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Salesforce warns of API error that exposed Marketing data

Security Affairs

The US Cloud-based customer relationship management software giant Salesforce is warning marketing customers of a data leakage caused by an API error. The US cloud computing company Salesforce is warning marketing customers of a data leakage caused by an API error. The incident could potentially affect a large number of companies, including Aldo, Dunkin Donuts, GE, HauteLook, Nestle Waters, and Sony.

article thumbnail

A New Pacemaker Hack Puts Malware Directly On the Device

WIRED Threat Level

Researchers at the Black Hat security conference will demonstrate a new pacemaker-hacking technique that can add or withhold shocks at will.

article thumbnail

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

AIIM

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 84
article thumbnail

WhatsApp: Check Point's Flaw Findings Don't Merit Patches

Data Breach Today

Messages Can Be Manipulated, But Fixes Would Pose Privacy Risks, WhatsApp Says Check Point says it has found three ways to falsify messages in WhatsApp, which it claims could be employed by scammers and used to spread fake news. WhatsApp acknowledges the findings, but it will not engineer patches.

Privacy 157
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Spot the Bot: Researchers Open-Source Tools to Hunt Twitter Bots

Dark Reading

Duo security researchers compiled a massive dataset of public Twitter profiles and built a tool to scour profiles and detect the fakes.

article thumbnail

The Explosive-Carrying Drones in Venezuela Won’t Be the Last

WIRED Threat Level

There's still no good defense against drones attacks like the one that targeted Venezuelan president Nicolas Maduro Saturday.

article thumbnail

Preview - 5 Things You Need to Know About Information Overload and Automating Governance

AIIM

As a preview to our upcoming multi-client market research report on the emerging intersection between information governance & security and analytics & machine learning, we asked 50 senior executives and decision-makers for their perspectives on five of the questions we’ll be asking in our research (just a snapshot of the 20+ questions we’ll be asking in the actual survey).

article thumbnail

WannaCry Outbreak Hits Chipmaker, Could Cost $170 Million

Data Breach Today

Factories Crippled After WannaCry Variant Infects Unpatched Windows 7 Machines A WannaCry outbreak has hit unpatched Windows 7 systems at Taiwan Semiconductor Manufacturing Co., crippling its factories. The world's largest chipmaker, which traced the infection to a new software tool that it failed to scan for malware before installation, says the outbreak could cost it $170 million.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Do you know the difference between cyber security and information security?

IT Governance

You often see people use the terms ‘ cyber security ’ and ‘ information security ’ interchangeably. That’s because, in their most basic forms, they refer to the same thing: the integrity and confidentiality of information. But there’s a crucial difference, which can be explained simply. Information security. Information is at the heart of any organisation, whether it’s business records, personal data or intellectual property.

article thumbnail

Smartphone Voting Is Happening, but No One Knows if It's Safe

WIRED Threat Level

Online voting has major security flaws, and experts are concerned that Voatz, the platform West Virginia will use this midterm election, doesn't solve them.

IT 78
article thumbnail

GDPR After the Deadline — Part 3 of 3 — How do IIM technologies fit into the GDPR puzzle?

AIIM

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 80
article thumbnail

Big Data Analytics: Taking a Predictive Security Stance

Data Breach Today

Carbon Black's Matt Bennet Shares Insights on Making Big Data Meaningful Big data holds the key to moving from a preventive security stance to a more predictive stance, says Matthew Bennett of Carbon Black.

Big data 124
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Hacking WiFi Password in a few steps using a new attack on WPA/WPA2

Security Affairs

A security researcher has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers. The security researcher Jens ‘Atom’ Steube, lead developer of the popular password-cracking tool Hashcat , has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers.

article thumbnail

Electronic Monitoring Isn’t a More Humane Form of Prison. Here’s Why.

WIRED Threat Level

Opinion: Electronic monitors violate people’s civil rights and carry unfair financial penalties.

article thumbnail

Making Sense of Microsoft’s Endpoint Security Strategy

Lenny Zeltser

Microsoft is no longer content to simply delegate endpoint security on Windows to other software vendors. The company has released, fine-tuned or rebranded multiple security technologies in a way that will have lasting effects on the industry and Windows users. What is Microsoft’s endpoint security strategy and how is it evolving? As of this writing, Microsoft offers numerous endpoint security technologies, most of which include “Windows Defender” in their name.