Sat.Feb 09, 2019 - Fri.Feb 15, 2019

article thumbnail

Blockchain and Trust

Schneier on Security

article thumbnail

Malicious PDF Analysis

Security Affairs

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. Because the manufacturer’s analysis was not satisfactory, the team responsible for handling the incident requested a second opinion, since in other anti-virus

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to Create a Dream Team for the New Age of Cybersecurity

Dark Reading

When each member of your security team is focused on one narrow slice of the pie, it's easy for adversaries to enter through the cracks. Here are five ways to stop them.

article thumbnail

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever. Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Japan's Credit Card Fraud Debacle

Data Breach Today

Fraudsters Received 20 Percent Cashback for Fraudulent Purchases A convergence of events in December in Japan led to an unprecedented spike in card-not-present fraud. New statistics from a dark web monitoring firm explains how a promotion by PayPay, a third-party payments service, slid sideways.

249
249

More Trending

article thumbnail

Blockchain is Real, But Still Not for Everybody

Weissman's World

I have conversations every day with people who believe either (a) blockchain is just another overhyped new technology being foisted upon us by unscrupulous vendors, or (b) it’s the solution to all their problems. Neither of these, of course, is correct. As written and discussed before in this space (and plenty of ‘elsewheres,’ too), blockchain […].

article thumbnail

Bomb Threat Hoaxer Exposed by Hacked Gaming Site

Krebs on Security

Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused — who had fairly well separated his real life identity from his online personas — appears to have been caught after a gaming Web site he frequented got hacked.

article thumbnail

Report: Facebook Faces Multibillion Dollar US Privacy Fine

Data Breach Today

FTC and Social Network Are Negotiating Record Penalty, Washington Post Reports The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures. But the social network is alarmed about the proposed settlement agreement's terms and conditions, The Washington Post reports.

Privacy 240
article thumbnail

GUEST ESSAY: Australia’s move compelling VPNs to cooperate with law enforcement is all wrong

The Last Watchdog

The moment we’ve all feared has finally come to pass. When government agencies and international intelligence groups pooled together resources to gather user data, the VPN’s encryption seemed like the light at the end of the tunnel. Related: California enacts pioneering privacy law. However, it looks like things are starting to break apart now that Australia has passed the “Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018”.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Creating Magic Moments for Your Customers with Intelligent Business Processes

AIIM

Content, documents, and information are at the center of all organizations, of all sizes, and in all industries. But once your clients need to review, approve, sign a document, or receive some information— efficiency is key. That is when you need your organization and processes to shine. Allen Bonde, an analyst at Forrester , defines “The Magic Moment” as the moment of communication between your organization and your customer.

article thumbnail

Patch Tuesday, February 2019 Edition

Krebs on Security

Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicly disclosed prior to Patch Tuesday.

Security 194
article thumbnail

With Doctored Photos, Thieves Try to Steal Bitcoin

Data Breach Today

'Deep Fakes' May Eventually Complicate Identity Verification Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree of success, underscoring the difficulties around verifying identity on the internet.

233
233
article thumbnail

Docker runc flaw opens the door to a ‘Doomsday scenario’

Security Affairs

Security experts found a serious flaw tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O.

Cloud 111
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

US Air Force Defector Allegedly Helped Iran Hack Americans

WIRED Threat Level

In an astonishing indictment, the DoJ details how Monica Witt allegedly turned on her former counterintelligence colleagues.

Security 111
article thumbnail

Devastating Cyberattack on Email Provider Destroys 18 Years of Data

Dark Reading

All data belonging to US users-including backup copies-have been deleted in catastrophe, VMEmail says.

107
107
article thumbnail

WannaCry Hero Loses Key Motions in Hacking Case

Data Breach Today

Judge Says 'Terrible Hangover' Didn't Fuzz Suspect's Miranda Rights Clarity A famed British computer security researcher has lost several key motions in a federal hacking case that stems from his alleged contribution to two types of banking malware. The rulings could complicate the challenges for the defense team of Marcus Hutchins, who remains in the U.S.

Security 228
article thumbnail

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the users, the malicious code adds some 700 entries to the /etc/hosts file that redirects requests to IP address 0.0.0.0.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess

WIRED Threat Level

The shutdown may have ended two weeks ago, but federal cybersecurity professionals will be coping with its impact for a long time to come.

article thumbnail

Cybersecurity and the Human Element: We're All Fallible

Dark Reading

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers.

article thumbnail

No-Deal Brexit Threatens British Crime-Fighting

Data Breach Today

Police Say Data-Sharing Alternatives 'Will Not Be As Efficient Or Effective' British police say they're doing their best to cope with the possibility that the U.K. will crash out of the EU in 45 days and lose access to joint policing resources. But Richard Martin of the Met Police says replacements "will not be as efficient or effective as the tools we currently use.

Access 222
article thumbnail

620 million accounts stolen from 16 hacked websites available for sale on the dark web

Security Affairs

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. The advertising for the sale of the huge trove of data was published in the popular Dream Market black marketplace, data are available for less than $20,000 worth of Bitcoin.

Sales 111
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

The Xiaomi M365 Scooter Can Be Hacked to Speed Up or Stop

WIRED Threat Level

A hacker can accelerate Xiaomi M365 scooter—or hit the breaks—while a rider is on it.

IT 110
article thumbnail

High Stress Levels Impacting CISOs Physically, Mentally

Dark Reading

Some have even turned to alcohol and medication as their demands outpace resources.

96
article thumbnail

Major Flaw in Runc Poses Mass Container Takeover Risk

Data Breach Today

Attackers Could 'Break Out' via Runc Flaw to Compromise All Containers on Host Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.

Risk 220
article thumbnail

New Linux coin miner kills competing malware to maximize profits

Security Affairs

Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner. Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner, researchers observed it killing other Linux malware and coin miners present on the infected machine.

Honeypots 111
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

An Apple-Hacking Teen, SIM-Swap Indictments, and More Security News This Week

WIRED Threat Level

Location data scandals, a Zcash bug, and more of the week's top security news.

Security 108
article thumbnail

The Who, What and Why of Micro Focus

Micro Focus

Over the past decade, through a combination of organic growth and M&A, Micro Focus has grown precipitously. Today, the company has thousands of employees in 43 countries worldwide, and is one of the largest pure-play enterprise software companies in the world. Yet, despite this size and growth, and likely because the company is headquartered in.

article thumbnail

US Air Force Veteran Charged in Iran Hacking Scheme

Data Breach Today

Monica Witt Allegedly Aided Spear-Phishing Attacks Against US Military A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government.

Military 210