WIRED Threat Level

JANUARY 29, 2019

Google wants to get rid of URLs. But first, it needs to show you why.

IT 112

IT Security 112

Data Breach Today

JANUARY 29, 2019

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.

IT 261

IT 261

The Last Watchdog

JANUARY 28, 2019

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. Yet it’s my experience that most people don’t fully appreciate the profound risks they face online and all too many still do not practice simple behaviors that can dramatically reduce their chances of being victimized

Privacy 196

Privacy Passwords Security Access 196

Krebs on Security

FEBRUARY 1, 2019

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S., U.K. and the Netherlands took down attack-for-hire service WebStresser[.]org and arrested its alleged administrators.

Computer and Electronics 198

Computer and Electronics IT Access Security 198

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

AIIM

JANUARY 30, 2019

There‘s a lot of excitement about Artificial Intelligence and business automation these days, and for good reason. Developments in AI — and its sidekicks “Deep Learning” and “Machine Learning” — bring the promise of transforming work as we know it. Those transformed work processes will operate in a completely different way: fully automated and autonomous, with smart machines doing the work.

Artificial Intelligence 125

Artificial Intelligence Records Management Analytics Metadata 125

The Last Watchdog

FEBRUARY 1, 2019

Some chilling hard evidence has surfaced illustrating where stolen personal information ultimately ends up, once it has flowed through the nether reaches of the cyber underground. Wired magazine reported this week on findings by independent security researchers who have been tracking the wide open availability of a massive cache of some 2.2 billion stolen usernames, passwords and other personal data.

Passwords 164

Passwords Authentication Risk Personal data 164

Security Affairs

JANUARY 31, 2019

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Early this month, security firm Qualys disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux op

Security 111

Security Communications Access IT 111

AIIM

JANUARY 28, 2019

I've been working on a project over the past few weeks focused on the role that content plays in core business processes, specifically Human Resources (HR), Customer Relationship Management (CRM), and Enterprise Resource Planning (ERP). The background for this is a data point from one of AIIM's surveys last year -- "62% of organizations say that using content in the context of lead business systems is a problem.".

ECM 115

ECM Compliance Records Management Government 115

Data Breach Today

JANUARY 31, 2019

Facebook's Internal iOS Apps Break After Apple Revokes Developer Certificate Apple has revoked Facebook's enterprise certificate, leaving the social network's employees unable to access internal iOS apps, after Facebook used it to distribute an app that monitored smartphone activity, sometimes from minors, in exchange for monthly payments. Facebook says it did nothing wrong.

Access 240

Access IT 240

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

JANUARY 30, 2019

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor. Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — witho

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Security Affairs

JANUARY 31, 2019

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. A. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in 2017 (please take a look to here , here and here ) I was fascinated.

Communications 111

Communications Cybersecurity IT Security 111

WIRED Threat Level

JANUARY 30, 2019

The so-called Collections #1-5 represent a gargantuan, patched-together Frankenstein of rotting personal data.

ROT 111

ROT Personal data Security 111

Data Breach Today

JANUARY 31, 2019

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline?

Privacy 235

Privacy Data Privacy 235

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

The Last Watchdog

JANUARY 31, 2019

A report co-sponsored by Lloyd’s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown. The Cyber Risk Management (CyRiM) project lays out in detail how a theoretical ransomware attack – dubbed the “Bashe” campaign – could improve upon the real lif

Ransomware 145

Ransomware Government Risk Access 145

IT Governance

JANUARY 29, 2019

The first of this year’s monthly lists amounts to an impressive 1,769,185,063 leaked records, which – let’s be honest – isn’t the greatest start to the year. Although there will be some debate about the usefulness of including the 772,904,991 records from the Collection #1 breach – which comprises data stolen from a number of historic data breaches – even without them, the number of breached records still stands at just under 1 billion records for January 2019.

Data breaches 111

Data breaches Ransomware Phishing Privacy 111

WIRED Threat Level

JANUARY 30, 2019

Can a trio of privacy advocates effect change from within Facebook—or will they be stifled by corporate bureaucracy?

Privacy 111

Privacy IT Security 111

Data Breach Today

JANUARY 29, 2019

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.

IoT 220

IoT Security Cybersecurity IT 220

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

JANUARY 26, 2019

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the method of this.getPageNumWords() & this.getPageNthWord() for obfuscation, we found another, but much more powerful exploit ob

IT 111

IT Security 111

Dark Reading

JANUARY 28, 2019

Newly found bug reportedly allows callers to spy on you -- even if you don't pick up.

110

110

WIRED Threat Level

JANUARY 28, 2019

Former FTC chief technologist Ashkan Soltani argues it's time for Silicon Valley companies to formalize and test not just their products' security, but its "abusability.".

Security 106

Security IT 106

Data Breach Today

JANUARY 30, 2019

Judge Slams Attorneys' Fees, Security Shortcomings in $50 Million Proposal Court order: Yahoo's proposed settlement for a class-action lawsuit must return to the drawing board, after a federal judge said a proposal to place $50 million into a settlement fund for breach victims lacked security specifics and awarded excessive attorneys' fees. The case could go to trial.

Data breaches 211

Data breaches Security 211

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

JANUARY 26, 2019

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. The name Anatova is based on a name in the ransom note that is dropped on the infected systems. The Anatova ransomware outstands for its obfuscation capabilities and ability to infect network shares, it has a modular structure that allows add ing new functions to the malware. “During our continuous hunt for new threats, we discovered a new ransomware fam

Ransomware 111

Ransomware IT Encryption Security 111

Dark Reading

FEBRUARY 1, 2019

A Chicago-area family's smart home controls were compromised in a hack that has left them feeling vulnerable in their own home.

99

99

WIRED Threat Level

JANUARY 30, 2019

Until Apple revoked its privileges Wednesday, Facebook was paying iOS users $20 a month to download and install the data-sucking application.

IT 98

IT Security 98

Data Breach Today

JANUARY 30, 2019

China, Russia, Iran and North Korea Pose Increasing Risk, Congress Hears Efforts to exploit U.S. election security continue, and China, Russia, Iran and North Korea's "cyber espionage, attack and influence capabilities" pose an increasing threat, Director of National Intelligence Dan Coats told the Senate Intelligence Committee.

Risk 206

Risk Security 206

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

JANUARY 28, 2019

Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers. The first one could be exploited by a remote and unauthenticated attacker with admin privileges. to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ).

IoT 111

IoT Passwords Security IT 111

Dark Reading

JANUARY 31, 2019

The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.

Cybersecurity 99

Cybersecurity 99

Schneier on Security

JANUARY 31, 2019

A year ago , the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children. A recent analysis checked if anything had improved after that torrent of bad press. Short answer: no. Guess what: a train wreck.

Security 97

Security Passwords Access IT 97