Krebs on Security

AUGUST 2, 2018

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack ). But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and

Phishing 148

Phishing Passwords Data breaches Personal data 148

Thales Cloud Protection & Licensing

JULY 31, 2018

The newest CipherTrust Cloud Key Manager capability. CipherTrust Cloud Key Manager is a multi-cloud encryption key management solution ideal for customers using Microsoft Azure Key Vault , Amazon Web Services Key Management Service , Microsoft Office365 or Salesforce Shield Platform Encryption. Before I talk about the importance of the newest feature of Cipher Trust Key Manager let’s define some terms to get everyone thinking similarly about keys and key management.

Encryption 54

Encryption Cloud Compliance Security 54

WIRED Threat Level

AUGUST 1, 2018

The tech community has known about the risk of using SMS in two-factor authentication for years. Reddit appears to have missed the memo.

Authentication 61

Authentication Risk Security 61

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It was easy to see this coming. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Cryptojacking was born. And now, the next-level shift is underway. Related article: Illicit crypto mining hits cloud services. Cybercriminals have shifted their focus to burrowing onto company servers and then redirecting those corporate computing resources to crypto mining chores.

Mining 213

Mining Data breaches Ransomware Cloud 213

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

AUGUST 1, 2018

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

Authentication 210

Authentication Passwords Phishing Data breaches 210

John Battelle's Searchblog

JULY 30, 2018

I first moved to the Bay area in 1983. I graduated from high school, spent my summer as an exchange student/day laborer in England (long story), then began studies at Berkeley, where I had a Navy scholarship (another long story). 1983. 35 years ago. 1983 was one year before the introduction of the Macintosh (my first job was covering Apple and the Mac).

IT 110

IT 110

The Last Watchdog

JULY 30, 2018

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. One of more fascinating innovators in this space is 11-year-old DataLocker, based in Overland Park, Kansas. Related: How DataLocker got its start h. Co-founder Jay took a business trip to South Korea in the fall of 2007.

Encryption 203

Encryption Military Passwords Authentication 203

Krebs on Security

AUGUST 3, 2018

TCM Bank , a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018. TCM is a subsidiary of Washington, D.C.

Data breaches 167

Data breaches Retail Risk Marketing 167

Data Breach Today

AUGUST 3, 2018

Marketing Cloud Data Potentially Accessed or Corrupted Over 6-Week Period Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.

Marketing 142

Marketing Cloud Security Access 142

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 84

GDPR Compliance Privacy Marketing 84

The Last Watchdog

AUGUST 2, 2018

The targeting of Sen. Claire McCaskill by Russian intelligency agency hackers, as she runs for re-election, underscores the need for each individual and organization to take online privacy and security as a core part of our everyday lives. Related: Using ‘gamification’ for security training. The National Cyber Security Alliance is a non-profit group, underwritten by the top tech companies and biggest banks, that has been out there since 2001 promoting best practices and supplying pr

Cybersecurity 160

Cybersecurity Security Cleanup Education 160

Schneier on Security

JULY 30, 2018

Interesting research: " You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information ," by Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini. Abstract: Metadata are associated to most of the information we produce in our daily interactions and communication in the digital world. Yet, surprisingly, metadata are often still categorized as non-sensitive.

Metadata 103

Metadata Paper Communications IT 103

Data Breach Today

AUGUST 2, 2018

86 Percent of Bugs Patchable Within 24 Hours, Says Flexera's Alejandro Lavie One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.

Security 129

Security IT 129

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

AIIM

AUGUST 2, 2018

Consider the following stats about women in the workplace: When women are in senior executive positions, companies achieve 70% stronger stock price growth. Companies with the highest gender diversity see a 10% greater return on equity and 48% higher operating result. Having at least 1 woman on a board decreases bankruptcy by 20%. Gender diversity is so important in business, especially in fields such as IT that tend to be historically male-dominant.

Libraries 83

Libraries Education Access IT 83

The Last Watchdog

JULY 30, 2018

Understanding today’s cybersecurity landscape is complex. The amount of threats aimed at enterprises is staggering. More than 230,000 new malware samples are launched every day. The average small and medium-size business experiences a cyber attack 44 times every day. And the cost of damage directly related to cybercrime is adding up, expected to reach $6 trillion by 2021.

Analytics 140

Analytics Cybersecurity Data collection Security 140

Schneier on Security

AUGUST 3, 2018

Humble Bundle sells groups of e-books at ridiculously low prices, DRM free. This month , the bundles are all Wiley titles, including three of my books: Applied Cryptography , Secrets and Lies , and Cryptography Engineering. $15 gets you everything, and they're all DRM-free. Even better, a portion of the proceeds goes to the EFF. As a board member, I've seen the other side of this.

IT 102

IT 102

Data Breach Today

AUGUST 1, 2018

Propaganda Efforts - and Adversary OPSEC - Continue to Improve, Experts Warn Facebook has suspended eight pages and 24 accounts for "coordinated inauthentic behavior" tied to apparent political influence campaigns ahead of an event in Washington. While Facebook declined to attribute the activities to specific individuals or groups, U.S. lawmakers are blaming the Kremlin.

125

125

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

IT Governance

JULY 30, 2018

Another month passes where I’m left thinking ‘I should really create a Healthcare category’. So, from next month – I’ll be doing exactly that. There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans.

Data breaches 101

Data breaches Ransomware Personal data Phishing 101

AIIM

AUGUST 2, 2018

Consider the following stats about women in the workplace: When women are in senior executive positions, companies achieve 70% stronger stock price growth. Companies with the highest gender diversity see a 10% greater return on equity and 48% higher operating result. Having at least 1 woman on a board decreases bankruptcy by 20%. Gender diversity is so important in business, especially in fields such as IT that tend to be historically male-dominant.

Libraries 80

Libraries Education Access IT 80

Dark Reading

JULY 31, 2018

The second installment in a series highlighting women who are driving change in cybersecurity but may not be on your radar - yet.

Cybersecurity 111

Cybersecurity Security 111

Data Breach Today

AUGUST 1, 2018

Mikhail Malykhin's Schemes Drove Healthcare Benefits Firm Out of Business Russian national Mikhail Malykhin, who was illegally residing in the U.S., has received a 70-month prison sentence after admitting to hack attacks and conspiring to use fraudulent debit cards issued via a hacked healthcare benefits administrator.

122

122

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

WIRED Threat Level

JULY 29, 2018

Inside Cloudflare's San Francisco office, 100 units of Edward Craven Walker’s groovy hardware help guard the internet.

Security 112

Security 112

AIIM

AUGUST 1, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. The purpose of this survey of 262 executives was to quantify – as close to the May 25th deadline as possible – the following three key issues related to GDPR: How do organizations view the emerging challenges tied to information privacy and securi

GDPR 80

GDPR Compliance Privacy Marketing 80

TAB OnRecord

AUGUST 1, 2018

Physical records are necessary for day-to-day business operations, risk management and as evidence of regulatory compliance. With paper production up 180% in the past five years, and collections growing, it’s more important than ever to organize, manage and access files as efficiently as possible. Read More. The post Six ways to optimize your physical records appeared first on TAB Records Management Blog | TAB OnRecord.

Records Management 79

Records Management Paper Compliance Risk 79

Data Breach Today

JULY 31, 2018

Social Media Company Stops Short of Blaming Russians Facebook said Tuesday that it had shut down 32 pages and accounts that it says were "engaged in coordinated inauthentic behavior" apparently designed to influence U.S. politics, but it stopped short of attributing the "bad actors" to Russia.

IT 118

IT 118

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Schneier on Security

AUGUST 1, 2018

The UK's GCHQ delivers a brutally blunt assessment of quantum key distribution: QKD protocols address only the problem of agreeing keys for encrypting data. Ubiquitous on-demand modern services (such as verifying identities and data integrity, establishing network sessions, providing access control, and automatic software updates) rely more on authentication and integrity mechanisms -- such as digital signatures -- than on encryption.

Authentication 90

Authentication Encryption Big data IoT 90

Information Governance Perspectives

AUGUST 1, 2018

We realized that current models for getting people out of poverty have failed. Those models have failed because they look at the ability to help people out of poverty separate from enabling people in poverty to participate in the supply chain.

Blockchain 80

Blockchain Information governance GDPR Government 80

The Guardian Data Protection

AUGUST 2, 2018

Of officers charged, one accessed ex-girlfriends’ data and one gave woman’s details to abusive partner Queensland police took no disciplinary action against 52 of the 59 officers investigated internally for computer hacking during a 13-month period, amid concern police do not have adequate measures in place to prevent the wrongful access of private personal data.

Data breaches 75

Data breaches Personal data Privacy Cybersecurity 75