Schneier on Security

JUNE 17, 2019

104

104

Thales Cloud Protection & Licensing

JUNE 18, 2019

As organizations move more of their sensitive data to cloud platforms for the efficiency, flexibility and scalability that it promises, security and control continue to be a significant obstacle to this adoption. Although the 2019 Thales Data Threat Report-Global Edition tells us that 90% of organizations report using the cloud and 71% say they are using sensitive data in cloud environments, it also finds that, globally, 60% of organizations surveyed have been breached at some point in their his

Cloud 127

Cloud Encryption Big data Compliance 127

Data Breach Today

JUNE 21, 2019

BeyondTrust's Karl Lankford on Mitigating the Unmanaged Privilege Threat Attackers crave insider-level access to IT infrastructure and regularly target insiders - and especially administrators- to steal their credentials, says BeyondTrust's Karl Lankford, who advises organizations to ensure they manage, monitor and audit all privileged access.

Access 251

Access IT 251

Krebs on Security

JUNE 19, 2019

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers. The filing, first reported by Bloomberg, comes from the Retrieval-Masters Creditors Bureau , the parent company of the American Medical Collection Agency (AMCA).

Data breaches 250

Data breaches IT 250

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

JUNE 20, 2019

Three cybersecurity firms have identified phishing attacks stemming from Iran—that may lay the groundwork for something more destructive.

Phishing 111

Phishing Cybersecurity Security 111

Data Breach Today

JUNE 19, 2019

Focus on 'Total Cost of Control,' Says BlackBerry Cylance's John McClurg After years of organizations being stuck in a reactive security posture, proactive prevention is finally possible thanks to machine learning backed by AI math models, says BlackBerry Cylance's John McClurg.

Security 239

Security 239

erwin

JUNE 21, 2019

Over the past few weeks several huge mergers and acquisitions (M&A) have been announced, including Raytheon and United Technologies , the Salesforce acquisition of Tableau and the Merck acquisition of Tilos Therapeutics. According to collated research and a Harvard Business Review report , the M&A failure rate sits between 70 and 90 percent.

Healthcare 108

Healthcare Compliance Financial Services GDPR 108

WIRED Threat Level

JUNE 20, 2019

The Global Hawk can fly at an altitude of 55,000 feet and stay aloft for 30 hours straight.

Security 111

Security 111

Security Affairs

JUNE 21, 2019

Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating Linux. Researchers at MalwareBytes have spotted a new cryptominer, tracked as Bird Miner, that targets macOS and emulates Linux. The malware spreads via a cracked installer for the music production software Ableton Live that is distributed on a piracy website called VST Crack, and that is over 2.6 GB in size. “ A new Mac cryptocurrency miner Malwarebytes detects as Bird

IT 111

IT Security Information Security 111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

JUNE 21, 2019

Barracuda's Michael Flouton on Social Engineering, Account Takeover and More The early days of email attacks - so much noise in the form of malware, spam and links - have given way to attacks that often rely on little more than words, and email gateways often struggle to arrest social engineering ploys, says Michael Flouton of Barracuda Networks.

229

229

National Archives Records Express

JUNE 21, 2019

NARA is in the final stages of our records scheduling process with U.S. Immigration and Customs Enforcement (ICE) for schedule DAA-0567-2015-0013, Detainee Records. This schedule was originally proposed to NARA on October 26, 2015. NARA published notice of the pending schedule in the Federal Register on July 14, 2017. The schedule, which covers records related to deaths of detainees and allegations of sexual assault and abuse of detainees, received a record number of public comments.

IT 108

IT 108

WIRED Threat Level

JUNE 17, 2019

Scammers are taking advantage of default calendar settings to try to trick users into clicking malicious links.

Phishing 111

Phishing Security 111

Security Affairs

JUNE 15, 2019

Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA).

File names 111

File names Mining Access Communications 111

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

JUNE 20, 2019

State's Department of Human Services Now Says 645,000 Affected The number of individuals affected by a phishing-related breach disclosed in March by the Oregon Department of Human Services has nearly doubled, according to a new notification statement, which offers more details.

Phishing 228

Phishing 228

Thales Cloud Protection & Licensing

JUNE 20, 2019

Quantum computing attacks may have already begun. Confidential data is being exchanged using algorithms that will eventually be broken by quantum computers. Even though attackers cannot break the communications today (for we lack sufficiently powerful quantum computers), they can patiently record them for future analysis. Perhaps the most popular way to share confidential data between two remote parties is through a TLS connection.

Communications 108

Communications Authentication Encryption Risk 108

WIRED Threat Level

JUNE 16, 2019

Ad trackers are out of control. Use a browser that reins them in.

Privacy 111

Privacy IT Security 111

Security Affairs

JUNE 20, 2019

The Riviera Beach City, Florida, agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. The Riviera Beach City Council voted unanimously to pay $600,000 in ransom to decrypt its records after a ransomware attack hit its systems. The council has previously agreed to spend $941,000 to modernize the entire IT infrastructure after hackers broke into the city’s system three weeks ago, ecrypting data managed by the City.

Insurance 111

Insurance Ransomware Encryption Government 111

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

JUNE 17, 2019

Agency Says It Tested Remote Code Execution Exploit Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.

Security 217

Security IT 217

Schneier on Security

JUNE 21, 2019

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here , the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered.

Manufacturing 107

Manufacturing Libraries Security IT 107

WIRED Threat Level

JUNE 18, 2019

Database giant MongoDB has a new encryption scheme that should help slow the scourge of breaches.

Encryption 111

Encryption Security 111

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT.

Phishing 111

Phishing Access Archiving Passwords 111

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

JUNE 19, 2019

Court Documents Outline a 'Host of Negative Consequences' The parent company of American Medical Collection Agency has filed for bankruptcy in the wake of a data breach affecting millions of patients. The filing provides an inside look at the "cascade of events" and financial havoc wreaked by a security incident.

Data breaches 213

Data breaches Security 213

Dark Reading

JUNE 18, 2019

How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.

Customer Experience 105

Customer Experience 105

WIRED Threat Level

JUNE 21, 2019

A jury this week finds that Minneapolis police officers abused their license database access. Dozens of other lawsuits have made similar claims.

Access 111

Access Privacy Security 111

Security Affairs

JUNE 16, 2019

Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan.

IoT 111

IoT e-Discovery Security IT 111

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

JUNE 20, 2019

More Data, Use of the Cloud and IoT Presage Even More Big, Bad Breaches Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.

Data breaches 212

Data breaches IoT Cloud IT 212

Schneier on Security

JUNE 19, 2019

Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud.

Passwords 105

Passwords Risk Cloud Security 105

WIRED Threat Level

JUNE 19, 2019

Google's Private Join and Compute will let companies compare notes without divulging sensitive information.

Security 109

Security 109