Krebs on Security
DECEMBER 12, 2018
Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair or not, a number of nascent efforts are using just such an approach to derive security scores for companies and entire industries.
Security Affairs
DECEMBER 10, 2018
The popular expert Jens ‘Atom’ Steube devised a new WiFi hack that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of the popular password-cracking tool Hashcat, has developed a new WiFi hacking technique that allows cracking WiFi passwords of most modern routers. Jens ‘Atom’ Steube, the lead developer of the popular password-cracking tool Hashcat, has developed a new WiFi hacking technique that allows cracking WiF
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 10, 2018
Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public.
The Last Watchdog
DECEMBER 10, 2018
The holiday season is upon us and the bright lights and greenery aren’t the only indicators that we’ve reached December. Sadly, data breaches often occur at this time of year. Recently we’ve seen major news stories about breaches at Starwood Hotels and Quora. Related podcast: The need to lock down unstructured data. Last year, at this time, it was announced that there was a significant privacy leak at eBay affecting many customers.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Krebs on Security
DECEMBER 13, 2018
A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient’s building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day. Sources at multiple U.S. based financial institutions reported receiving the threats, which included the subject line, “I advise you not to call the police.” The email reads: My man carried a bomb (Hexogen) into the building where your company is located.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 11, 2018
Google Advances Date for Mothballing Google+ Social Network for Consumers Google says a buggy API update it pushed last month for its soon-to-be-mothballed Google+ social network exposed personal information for 52.2 million users. The data-exposure alert arrives just two months after Google admitted that a March problem with the same API exposed data for 500,000 users.
The Last Watchdog
DECEMBER 11, 2018
SAN JOSE, Calif. – Dec. 11, 2018 – NetSecOPEN , the first industry organization focused on the creation of open, transparent network security performance testing standards, today announced that 11 prominent security vendors, test solutions and services vendors, and testing laboratories have joined the organization as founding members. Related podcast: The importance of sharing alliances.
Krebs on Security
DECEMBER 11, 2018
Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft’s December patch batch is relatively light, addressing more than three dozen vulnerabilities in Windows and related applications. Adobe has issued security fixes for its Acrobat and PDF Reader products, and has a patch for yet another zero-day flaw in Flash Player that is already being exploited in the wild.
Security Affairs
DECEMBER 13, 2018
McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors are using malware associated with Lazarus APT group that carried out Sony Pictures attack back in 2014.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
DECEMBER 14, 2018
Firm Says Audit 'Lays to Rest the Unwarranted Accusations' Super Micro says a third-party audit of recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.
The Last Watchdog
DECEMBER 12, 2018
Picture two castles. The first is impeccably built – state of the art, with impenetrable walls, a deep moat, and so many defenses that attacking it is akin to suicide. The second one isn’t quite as well-made. The walls are reasonably strong, but there are clear structural weaknesses. And while it does have a moat, that moat is easily forded. Related podcast: The case for ‘zero-trust’ security.
WIRED Threat Level
DECEMBER 14, 2018
In the latest in its long string of 2018 incidents, Facebook let developers access the private photos of millions of users.
Security Affairs
DECEMBER 12, 2018
Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. The flaw, tracked as CVE-2018-8611, is as a privilege escalation flaw caused by the failure of the Windows kernel to properly handle objects in memory. “An elevation of privilege vulne
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Data Breach Today
DECEMBER 10, 2018
Baylor Scott & White Medical Center - Frisco Notifying Those Affected The hacking of a credit card processing system has prompted a Texas hospital to notify federal regulators and affected individuals of a breach as required by the HIPAA Breach Notification Rule.
IT Governance
DECEMBER 13, 2018
This blog has been updated to reflect industry updates. Originally published 24 October 2018. The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. As you might expect, there are a lot of intricacies involved.
WIRED Threat Level
DECEMBER 10, 2018
A month after Google had already decided to shut down Google+, a new bug made its problems much, much worse.
Security Affairs
DECEMBER 11, 2018
‘ The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas, and telecom businesses. According to a new research conducted from Symantec’s DeepSight Managed Adversary and ThreatIntelligence (MATI) team, the Seedworm APT group, aka MuddyWater , is rapidly evolving and extended its targets to the telecom, IT services, and oil and gas industries.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Data Breach Today
DECEMBER 11, 2018
DHS, Philips Issue Advisories for HealthSuite Android Health App The lack of strong encryption in Philips' HealthSuite Health Android app leaves the mobile health software vulnerable to hacking, according to a new advisory issued by the medical device manufacturer and an alert from the Department of Homeland Security.
Dark Reading
DECEMBER 12, 2018
Constant learning is a requirement for cybersecurity professionals. Here are 15 books recommended by professionals to continue a professional's education.
WIRED Threat Level
DECEMBER 13, 2018
Apparent bitcoin scammers caused chaos across the US Thursday, radically escalating longstanding tactics.
Security Affairs
DECEMBER 10, 2018
The Linux.org website was defaced last week via DNS hijack, attackers breached into associated registrar account and changed the DNS settings. Attackers changed the defacement page a few times, they protested against the new Linux kernel developer code of conduct in a regrettable way with racial slurs and the image of an individual showing the anus.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Data Breach Today
DECEMBER 14, 2018
Splunk's Jim Apger on Streamlining Omni-Channel Defenses The data being used to drive effective anti-fraud efforts can be rich in context and useful for other activities. Jim Apger of Splunk describes emerging fraud schemes and solutions, highlighting the role of machine learning.
Jamf
DECEMBER 14, 2018
See how Apple and Jamf are helping hospitals deliver a better patient experience by making it easy for them to stay connected with their care teams and enjoy a mental break from their surroundings.
Dark Reading
DECEMBER 14, 2018
Security pundits predict the ways that cybercriminals, nation-state actors, and other attackers will refine their tactics, techniques, and procedures in the coming year.
Security Affairs
DECEMBER 12, 2018
Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week. Saipem has customers in more than 60 countries, including Saudi Arabian oil and gas giant Saudi Aramco. It could be considered a strategic target for a broad range of threat actors. The attack has been identified out of India on Monday and primarily affected the servers in the Middle East, including Saudi Arabia, the United Arab Emirates, and Kuwait.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Data Breach Today
DECEMBER 12, 2018
Because Breached Businesses' 'Take Your Security Seriously' Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
DLA Piper Privacy Matters
DECEMBER 12, 2018
The Local Court ( Amtsgericht ) Diez (in a final decision dated 7 November 18, case number 8 C 130/18) was the first German court – and as far as we know the first court EU-wide – to decide on a claim for immaterial damages under Art. 82 (1) GDPR. The main question was how to calculate a claim for immaterial damages caused by a single email that violated the provisions of the GDPR.
Dark Reading
DECEMBER 8, 2018
Researcher demonstrates how attackers could steal data from smartphones while they charge up.
Expert insights. Personalized for you.
224 
Let's personalize your content