Sat.Feb 16, 2019 - Fri.Feb 22, 2019

article thumbnail

2019 Thales DTR: Global Edition: Facts that may surprise you

Thales Cloud Protection & Licensing

A few weeks ago, we issued the Global Edition of our 2019 Thales Data Threat Report, now in its seventh year. This year much of the emphasis within the results was on how digital transformation can put organizations’ sensitive data at risk. The results showed, for instance, that almost every organization surveyed is dealing with digital transformation at one level or another (97%), and that organizations that are aggressively investing in digital transformation had higher rates of data breaches.

article thumbnail

Password Managers Leave Crumbs in Memory, Researchers Warn

Data Breach Today

Popular Password Managers for Windows Fail to Tidy Up Before Locking Up Shop A security audit of popular password manager has revealed some concerning weaknesses. Luckily, none of the problems are showstoppers that should put people off using such applications. But the research shows that some password managers need to more thoroughly scrub data left in memory.

Passwords 259
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Breed of Fuel Pump Skimmer Uses SMS and Bluetooth

Krebs on Security

Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from anywhere in the world. One interesting component of this criminal innovation is a small cellphone and Bluetooth-enabled device hidden inside the contactless payment terminal of the pump, which appears to act as a Bluetooth hub that wirelessly gathers card

article thumbnail

Why is Information Management Modernization So Important Right NOW?

AIIM

The combination of cloud technologies plus mobile is a volatile one when it comes to the sustainability of existing organizations. We’ve never before been in a disruptive environment quite like this one, and it demands much more agile approaches to IT. Established incumbents are being challenged on every front. Consider the following: In the banking industry, Better Mortgage can qualify a mortgage loan in 3-minutes and approve it within 24-hours.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Why Information Architecture is VITAL to Information Governance

Weissman's World

Our very own Kevin Parker has written another stellar piece on the importance of information architecture to information governance. You can read it in ARMA’s Information Management Magazine – and if you want to learn more, register for Kevin’s ARMA iMasters Webinar on February 27. He IS a busy boy! The post Why Information Architecture is VITAL to Information Governance appeared first on Holly Group.

More Trending

article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

Passwords 271
article thumbnail

MY TAKE: Here’s why the Internet Society’s new Privacy Code of Conduct deserves wide adoption

The Last Watchdog

When Facebook founder Mark Zuckerberg infamously declared that privacy “is no longer a social norm” in 2010, he was merely parroting a corporate imperative that Google had long since established. That same year, then-Google CEO Eric Schmidt publicly admitted that Google’s privacy policy was to “get right up to the creepy line and not cross it.”. Related: Mark Zuckerberg’s intolerable business model.

Privacy 113
article thumbnail

Security experts released new GandCrab Decryptor for free

Security Affairs

Security experts at BitDefender have released a new version of the GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5. Security experts at BitDefender have released a new version of the GandCrab decryptor that could be used to decrypt versions of GandCrab 1, 4 and 5, including the latest version 5.1. The GandCrab decryptor is available for free from BitDefender and from the NoMoreRansom project.

Security 111
article thumbnail

Hackers Target Fresh Drupal CMS Flaw to Infiltrate Sites

Data Breach Today

CMS Project Team Patches "Highly Critical" Remote Code Execution Vulnerability Patch alert: Some versions of the popular content management system Drupal have a "highly critical" flaw that attackers can exploit to remotely execute code. The Drupal project team has released updates to fix the problem, which is already being targeted by hackers.

CMS 244
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Russian Sleuth Who Outs Moscow's Elite Hackers and Assassins

WIRED Threat Level

Roman Dobrokhotov has been playing a dangerous game for a Russian reporter: identifying agents of the GRU military intelligence agency.

Military 111
article thumbnail

Facebook labelled 'digital gangsters' by report on fake news

The Guardian Data Protection

Company broke privacy and competition law and should be regulated urgently, say MPs Facebook deliberately broke privacy and competition law and should urgently be subject to statutory regulation, according to a devastating parliamentary report denouncing the company and its executives as “digital gangsters”. The final report of the Digital, Culture, Media and Sport select committee’s 18-month investigation into disinformation and fake news accused Facebook of purposefully obstructing its inquiry

Privacy 111
article thumbnail

Critical bug in WINRAR affects all versions released in the last 19 years

Security Affairs

Security experts at Check Point have disclosed technical details of a critical vulnerability in the popular file compression software WinRAR. Experts at Check Point discovered the logical bug in WinRAR by using the WinAFL fuzzer and found a way to exploit it to gain full control over a target computer. Over 500 million users worldwide use the popular software and are potentially affected by the flaw that affects all versions of released in the last 19 years.

Libraries 111
article thumbnail

Toyota Australia, Healthcare Group Hit By Cyberattacks

Data Breach Today

Country Has Faced a Series of Security Incidents in Recent Weeks Australia has faced a few tough weeks on the cybersecurity front. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. A healthcare group acknowledged it was the victim of a ransomware attack. And last week, suspected nation-state attackers hit Parliament's email systems.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

7 Scenarios for How the Mueller Probe Might End

WIRED Threat Level

New reports say that Robert Mueller will be "wrapping up" his investigation soon. Here's what that might actually mean.

Security 111
article thumbnail

5 ways organizations can benefit from machine learning

IBM Big Data Hub

Machine learning (ML) offers huge potential to help compliance and legal teams accomplish many of their most important rule tracking, employee monitoring and documentation activities.

article thumbnail

ATT&CKized Splunk – Threat Hunting with MITRE’s ATT&CK using Splunk

Security Affairs

Most of us know MITRE and the ATT&CK framework that they have come up with. What a splendid job they have done for the cyber security community by bringing most of the key attack vectors under an organized framework that segregates these attack vectors in various stages of a typical attack. Moreover, not only they have orchestrated the key attack vectors but the mitigation and detection guidance for each attack vector are also part of this framework.

Cloud 111
article thumbnail

Wendy's Reaches $50 Million Breach Settlement With Banks

Data Breach Today

After Insurance, Fast-Food Chain's Breach Costs Are Nearly $34 Million Fast-food giant Wendy's has reached a $50 million settlement agreement with financial institutions that sued after attackers planted RAM-scraping malware on point-of-sale systems in 1,025 of its restaurants in 2015 and 2016, stealing massive quantities of payment card data.

Insurance 235
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders.

Military 111
article thumbnail

Facebook May Be Fined for Billions for Cambridge Analytica Scandal

Adam Levin

Facebook’s long string of privacy scandals may (finally) have some meaningful repercussions by way of a multi-billion dollar fine from the Federal Trade Commission. The social media giant has been under investigation by the FTC since March 2018 in the wake of the Cambridge Analytica scandal, which affected 87 million users and may have been a pivotal influence in the 2016 election campaign.

Privacy 99
article thumbnail

Toyota PASTA Car-Hacking Tool will be soon on GitHub

Security Affairs

Toyota plans to release the PASTA (Portable Automotive Security Testbed) Car-Hacking Tool on GitHub next month. Takuya Yoshida from Toyota’s InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed). PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of modern vehicles.

Paper 111
article thumbnail

11 Takeaways: Targeted Ryuk Attacks Pummel Businesses

Data Breach Today

Faulty Decryptor Often Shreds Victims' Data, McAfee and Coveware Warn A rush by some media outlets to attribute a late-2018 alleged Ryuk ransomware infection at Tribune Publishing to North Korean attackers appears to have been erroneous, as many security experts warned at the time. Rather, multiple cybercrime gangs appear to be using Ryuk, say researchers at McAfee and Coveware.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

The Imperfect Truth About Finding Facts in a World of Fakes

WIRED Threat Level

It used to make sense to believe something until it was debunked; now, it makes sense to assume certain claims are fake—unless they are verified.

IT 106
article thumbnail

6 Tips for Getting the Most from Your VPN

Dark Reading

VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.

article thumbnail

Facebook paid $25,000 for CSRF exploit that leads to Account Takeover

Security Affairs

Facebook paid a $25,000 bounty for a critical cross-site request forgery (CSRF) vulnerability that could have been exploited to hijack accounts simply by tricking users into clicki on a link. The white hat hacker who goes online with the moniker “Samm0uda” discovered a critical CSRF vulnerability in Facebook and the social network giant paid a $25,000 bounty. “This bug could have allowed malicious users to send requests with CSRF tokens to arbitrary endpoints on Facebook which could lead t

Passwords 111
article thumbnail

WhatsApp Flaw Could Enable iOS Message Snooping

Data Breach Today

Facebook Promises Quick Patch for Face ID and Touch ID Bypassing Problem Facebook says it will soon issue a patch for a bug in its WhatsApp messenger application that can circumvent a security feature launched just last month for Apple devices. The flaw could let someone with physical access to a device bypass Face ID and Touch ID.

Access 231
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Russian Hackers Go From Foothold to Full-On Breach in 19 Minutes

WIRED Threat Level

A new ranking of nation-state hacker speed puts Russia on top by a span of hours.

Security 103
article thumbnail

Labour reports former MP Joan Ryan over alleged data breach

The Guardian Data Protection

Party claims MP contacted its supporters after quitting for the Independence Group Labour has reported its former MP Joan Ryan to the Information Commissioner’s Office alleging she accessed party systems to contact members after resigning from the party on Tuesday to join the breakaway Independence Group. It is understood the party has informed the information commissioner about the alleged breach and that it intends to submit a full report.

article thumbnail

Facebook login phishing campaign can deceive tech-savvy users

Security Affairs

Security experts at Myki have recently discovered a new phishing campaign that could deceive even most tech-savvy users. The technique relies upon the concept of being able to reproduce a social login prompt in a very realistic format inside an HTML block. Crooks are distributing links to blogs and services that display users “login using Facebook account” to read an exclusive article or purchase a discounted product.

Phishing 111