WIRED Threat Level

JANUARY 29, 2019

Google wants to get rid of URLs. But first, it needs to show you why.

IT 279

IT Security 279

Data Breach Today

JANUARY 29, 2019

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.

IT 261

IT 261

The Last Watchdog

JANUARY 28, 2019

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. Yet it’s my experience that most people don’t fully appreciate the profound risks they face online and all too many still do not practice simple behaviors that can dramatically reduce their chances of being victimized

Privacy 196

Privacy Passwords Security Access 196

Security Affairs

JANUARY 31, 2019

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Early this month, security firm Qualys disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux op

Security 279

Security Communications Access IT 279

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

WIRED Threat Level

JANUARY 30, 2019

The so-called Collections #1-5 represent a gargantuan, patched-together Frankenstein of rotting personal data.

ROT 240

ROT Personal data Security 240

Krebs on Security

FEBRUARY 1, 2019

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S., U.K. and the Netherlands took down attack-for-hire service WebStresser[.]org and arrested its alleged administrators.

Computer and Electronics 205

Computer and Electronics IT Access Security 205

Security Affairs

JANUARY 31, 2019

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. A. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in 2017 (please take a look to here , here and here ) I was fascinated.

Communications 279

Communications Cybersecurity IT Security 279

WIRED Threat Level

JANUARY 30, 2019

Can a trio of privacy advocates effect change from within Facebook—or will they be stifled by corporate bureaucracy?

Privacy 206

Privacy IT Security 206

Data Breach Today

JANUARY 31, 2019

Facebook's Internal iOS Apps Break After Apple Revokes Developer Certificate Apple has revoked Facebook's enterprise certificate, leaving the social network's employees unable to access internal iOS apps, after Facebook used it to distribute an app that monitored smartphone activity, sometimes from minors, in exchange for monthly payments. Facebook says it did nothing wrong.

Access 240

Access IT 240

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

The Last Watchdog

FEBRUARY 1, 2019

Some chilling hard evidence has surfaced illustrating where stolen personal information ultimately ends up, once it has flowed through the nether reaches of the cyber underground. Wired magazine reported this week on findings by independent security researchers who have been tracking the wide open availability of a massive cache of some 2.2 billion stolen usernames, passwords and other personal data.

Passwords 164

Passwords Authentication Risk Personal data 164

Security Affairs

JANUARY 26, 2019

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the method of this.getPageNumWords() & this.getPageNthWord() for obfuscation, we found another, but much more powerful exploit ob

IT 279

IT Security 279

WIRED Threat Level

JANUARY 28, 2019

Former FTC chief technologist Ashkan Soltani argues it's time for Silicon Valley companies to formalize and test not just their products' security, but its "abusability.".

Security 149

Security IT 149

Data Breach Today

JANUARY 31, 2019

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline?

Privacy 235

Privacy Data Privacy 235

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Last Watchdog

JANUARY 31, 2019

A report co-sponsored by Lloyd’s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown. The Cyber Risk Management (CyRiM) project lays out in detail how a theoretical ransomware attack – dubbed the “Bashe” campaign – could improve upon the real lif

Ransomware 145

Ransomware Government Risk Access 145

Security Affairs

JANUARY 26, 2019

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. The name Anatova is based on a name in the ransom note that is dropped on the infected systems. The Anatova ransomware outstands for its obfuscation capabilities and ability to infect network shares, it has a modular structure that allows add ing new functions to the malware. “During our continuous hunt for new threats, we discovered a new ransomware fam

Ransomware 279

Ransomware IT Encryption Security 279

WIRED Threat Level

JANUARY 29, 2019

Group FaceTime chats let people eavesdrop on whoever they called, a bug so bad that Apple pulled the plug until it comes up with a fix.

IT 144

IT Security 144

Data Breach Today

JANUARY 29, 2019

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.

IoT 220

IoT Security Cybersecurity IT 220

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

AIIM

JANUARY 30, 2019

There‘s a lot of excitement about Artificial Intelligence and business automation these days, and for good reason. Developments in AI — and its sidekicks “Deep Learning” and “Machine Learning” — bring the promise of transforming work as we know it. Those transformed work processes will operate in a completely different way: fully automated and autonomous, with smart machines doing the work.

Artificial Intelligence 142

Artificial Intelligence Records Management Analytics Metadata 142

Security Affairs

JANUARY 28, 2019

Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers. The first one could be exploited by a remote and unauthenticated attacker with admin privileges. to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ).

IoT 279

IoT Passwords Security IT 279

WIRED Threat Level

JANUARY 30, 2019

Until Apple revoked its privileges Wednesday, Facebook was paying iOS users $20 a month to download and install the data-sucking application.

IT 142

IT Security 142

Data Breach Today

JANUARY 30, 2019

Judge Slams Attorneys' Fees, Security Shortcomings in $50 Million Proposal Court order: Yahoo's proposed settlement for a class-action lawsuit must return to the drawing board, after a federal judge said a proposal to place $50 million into a settlement fund for breach victims lacked security specifics and awarded excessive attorneys' fees. The case could go to trial.

Data breaches 211

Data breaches Security 211

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

AIIM

JANUARY 28, 2019

I've been working on a project over the past few weeks focused on the role that content plays in core business processes, specifically Human Resources (HR), Customer Relationship Management (CRM), and Enterprise Resource Planning (ERP). The background for this is a data point from one of AIIM's surveys last year -- "62% of organizations say that using content in the context of lead business systems is a problem.".

ECM 135

ECM Compliance Records Management Government 135

Security Affairs

JANUARY 28, 2019

Security experts at Wordfence security firms discovered WordPress Sites compromised via Zero-Day vulnerabilities in Total Donations Plugin. The Total Donations WordPress plugin was abandoned by its developers for this reason security experts are recommending to delete it after they discovered multiple zero-day flaws that were exploited by threat actors.

CMS 278

CMS Access Security IT 278

WIRED Threat Level

JANUARY 26, 2019

Google's elite security team, police scanner encryption, and more of the week's top security news.

Security 128

Security Encryption 128

Data Breach Today

JANUARY 30, 2019

China, Russia, Iran and North Korea Pose Increasing Risk, Congress Hears Efforts to exploit U.S. election security continue, and China, Russia, Iran and North Korea's "cyber espionage, attack and influence capabilities" pose an increasing threat, Director of National Intelligence Dan Coats told the Senate Intelligence Committee.

Risk 206

Risk Security 206

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

IT Governance

JANUARY 29, 2019

The first of this year’s monthly lists amounts to an impressive 1,769,185,063 leaked records, which – let’s be honest – isn’t the greatest start to the year. Although there will be some debate about the usefulness of including the 772,904,991 records from the Collection #1 breach – which comprises data stolen from a number of historic data breaches – even without them, the number of breached records still stands at just under 1 billion records for January 2019.

Data breaches 111

Data breaches Ransomware Phishing Privacy 111

Security Affairs

JANUARY 30, 2019

Imperva mitigated a SYN flood DDoS attack against one of its clients that exceeded 500 million packets per second, this is the largest ever. Earlier this month, the cyber security software and services company Imperva mitigated an attack against one of its clients that exceeded 500 million packets per second. This attack was a SYN flood DDoS and it is the largest DDoS attack by packet volume ever observed.

Security 278

Security IT 278

Dark Reading

JANUARY 28, 2019

Newly found bug reportedly allows callers to spy on you -- even if you don't pick up.

110

110