Sat.Jan 26, 2019 - Fri.Feb 01, 2019

article thumbnail

Google Takes Its First Steps Toward Killing the URL

WIRED Threat Level

Google wants to get rid of URLs. But first, it needs to show you why.

IT 111
article thumbnail

Apple Rushes to Fix Serious FaceTime Eavesdropping Flaw

Data Breach Today

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.

IT 245
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. Yet it’s my experience that most people don’t fully appreciate the profound risks they face online and all too many still do not practice simple behaviors that can dramatically reduce their chances of being victimized

Privacy 196
article thumbnail

250 Webstresser Users to Face Legal Action

Krebs on Security

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S., U.K. and the Netherlands took down attack-for-hire service WebStresser[.]org and arrested its alleged administrators.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New AIIM Research: Leveraging Machine Learning Capabilities

AIIM

There‘s a lot of excitement about Artificial Intelligence and business automation these days, and for good reason. Developments in AI — and its sidekicks “Deep Learning” and “Machine Learning” — bring the promise of transforming work as we know it. Those transformed work processes will operate in a completely different way: fully automated and autonomous, with smart machines doing the work.

More Trending

article thumbnail

MY TAKE: Why companies should care about 2.2 billion stolen credentials circulating in easy reach

The Last Watchdog

Some chilling hard evidence has surfaced illustrating where stolen personal information ultimately ends up, once it has flowed through the nether reaches of the cyber underground. Wired magazine reported this week on findings by independent security researchers who have been tracking the wide open availability of a massive cache of some 2.2 billion stolen usernames, passwords and other personal data.

Passwords 164
article thumbnail

List of data breaches and cyber attacks in January 2019 – 1,769,185,063 records leaked

IT Governance

The first of this year’s monthly lists amounts to an impressive 1,769,185,063 leaked records, which – let’s be honest – isn’t the greatest start to the year. Although there will be some debate about the usefulness of including the 772,904,991 records from the Collection #1 breach – which comprises data stolen from a number of historic data breaches – even without them, the number of breached records still stands at just under 1 billion records for January 2019.

article thumbnail

A Six Pack of Content on HR, CRM and ERP

AIIM

I've been working on a project over the past few weeks focused on the role that content plays in core business processes, specifically Human Resources (HR), Customer Relationship Management (CRM), and Enterprise Resource Planning (ERP). The background for this is a data point from one of AIIM's surveys last year -- "62% of organizations say that using content in the context of lead business systems is a problem.".

ECM 115
article thumbnail

Apple Slams Facebook for Monitoring App Given to Minors

Data Breach Today

Facebook's Internal iOS Apps Break After Apple Revokes Developer Certificate Apple has revoked Facebook's enterprise certificate, leaving the social network's employees unable to access internal iOS apps, after Facebook used it to distribute an app that monitored smartphone activity, sometimes from minors, in exchange for monthly payments. Facebook says it did nothing wrong.

Access 209
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor. Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — witho

Risk 147
article thumbnail

Using steganography to obfuscate PDF exploits

Security Affairs

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the method of this.getPageNumWords() & this.getPageNthWord() for obfuscation, we found another, but much more powerful exploit ob

IT 111
article thumbnail

8 Cybersecurity Myths Debunked

Dark Reading

The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.

article thumbnail

Privacy: Several States Consider New Laws

Data Breach Today

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline?

Privacy 199
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

MY TAKE: ‘Bashe’ attack theorizes a $200 billion ransomware raid using NSA-class cyber weapons

The Last Watchdog

A report co-sponsored by Lloyd’s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown. The Cyber Risk Management (CyRiM) project lays out in detail how a theoretical ransomware attack – dubbed the “Bashe” campaign – could improve upon the real lif

article thumbnail

Anatova ransomware – Expert believe it will be a dangerous threat

Security Affairs

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. The name Anatova is based on a name in the ransom note that is dropped on the infected systems. The Anatova ransomware outstands for its obfuscation capabilities and ability to infect network shares, it has a modular structure that allows add ing new functions to the malware. “During our continuous hunt for new threats, we discovered a new ransomware fam

article thumbnail

Making the Case for Encryption in the Era of Digital Transformation – Highlights from our Annual Data Threat Report

Thales Cloud Protection & Licensing

Around this time each year, Thales eSecurity releases our annual Data Threat Report (DTR). Now in its sixth year, the report is squarely focused on digital transformation and what that means for organizations and their data security. Today, it’s almost impossible to do business of any kind without some sensitive data being exchanged, managed or stored in the cloud or on servers with an outgoing connection to the web.

article thumbnail

Airbus Hacked: Aircraft Giant Discloses Data Breach

Data Breach Today

Investigation Underway After Attack Compromises Employee Details Airbus says it suffered a hack attack, leading to a breach of "contact and IT identification details" for at least some of its EU employees. The aerospace giant says its investigation continues and that it has notified European privacy authorities, per GDPR requirements.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

OpenText Buys Catalyst Repository Systems, Inc.

OpenText Information Management

I’m pleased to announce that OpenText has acquired Catalyst Repository Systems, Inc., a leading provider of cloud-based eDiscovery software for large-scale discovery and regulatory compliance. This acquisition extends our leadership in both the Enterprise eDiscovery and Legal Tech markets, increasing our scale and scope with new capabilities, new enterprise customers and deeper coverage of the … The post OpenText Buys Catalyst Repository Systems, Inc. appeared first on OpenText Blogs.

article thumbnail

Researchers published the PoC exploit code for Linux SystemD bugs

Security Affairs

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Early this month, security firm Qualys disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux op

Security 111
article thumbnail

Rethinking the detection of child sexual abuse imagery on the internet

Elie

A critical part of child sexual abuse criminal world is the creation and distribution of child sexual abuse imagery (CSAI) on the Internet. To combat this crime efficiently and illuminate current defense short-coming, it is vital to understand how CSAI content is disseminated on the Internet. Despite the importance of the topic very little work was done on the subject so far.

article thumbnail

Brexit Preparation: Get Personal Data Flows in Order

Data Breach Today

Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K. teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Security Flaws in Children's Smart Watches

Schneier on Security

A year ago , the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children. A recent analysis checked if anything had improved after that torrent of bad press. Short answer: no. Guess what: a train wreck.

article thumbnail

Exclusive: spreading CSV Malware via Google Sheets

Security Affairs

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. A. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in 2017 (please take a look to here , here and here ) I was fascinated.

article thumbnail

Why capture is a key foundation of information management strategies

OpenText Information Management

Today’s number one business challenge is keeping track of information. Whether we are talking about user or business-process generated information, the volumes, types and sources are increasing rapidly, and there is a recognition — some would say an anxiety — that organizations are losing control of their information and the value it contains. Effectively connecting … The post Why capture is a key foundation of information management strategies appeared first on OpenText Blogs.

article thumbnail

Japan's IoT Security Strategy: Break Into Devices

Data Breach Today

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.

IoT 184
article thumbnail

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

article thumbnail

Japanese Government Will Hack Citizens' IoT Devices

Schneier on Security

The Japanese government is going to run penetration tests against all the IoT devices in their country, in an effort to (1) figure out what's insecure, and (2) help consumers secure them: The survey is scheduled to kick off next month, when authorities plan to test the password security of over 200 million IoT devices, beginning with routers and web cameras.

IoT 92
article thumbnail

Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online

Security Affairs

Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers. The first one could be exploited by a remote and unauthenticated attacker with admin privileges. to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ).

IoT 111
article thumbnail

Why Privacy Is Hard Work

Dark Reading

For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.

Privacy 92