Schneier on Security

JUNE 17, 2019

101

101

Thales Cloud Protection & Licensing

JUNE 18, 2019

As organizations move more of their sensitive data to cloud platforms for the efficiency, flexibility and scalability that it promises, security and control continue to be a significant obstacle to this adoption. Although the 2019 Thales Data Threat Report-Global Edition tells us that 90% of organizations report using the cloud and 71% say they are using sensitive data in cloud environments, it also finds that, globally, 60% of organizations surveyed have been breached at some point in their his

Cloud 127

Cloud Encryption Big data Compliance 127

Krebs on Security

JUNE 19, 2019

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers. The filing, first reported by Bloomberg, comes from the Retrieval-Masters Creditors Bureau , the parent company of the American Medical Collection Agency (AMCA).

Data breaches 244

Data breaches IT 244

Data Breach Today

JUNE 21, 2019

BeyondTrust's Karl Lankford on Mitigating the Unmanaged Privilege Threat Attackers crave insider-level access to IT infrastructure and regularly target insiders - and especially administrators- to steal their credentials, says BeyondTrust's Karl Lankford, who advises organizations to ensure they manage, monitor and audit all privileged access.

Access 249

Access IT 249

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

JUNE 17, 2019

Organizations today work with a great volume and variety of data. The trick is using that information in ways that improve the performance of the organization. One example is in the oil and gas industry where the stakes are extremely high; involving millions in revenue. Government approval for exploratory oil and gas rights are awarded to companies with the best technical application.

IT 94

IT Government 94

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT.

Phishing 110

Phishing Access Archiving Passwords 110

Data Breach Today

JUNE 19, 2019

Focus on 'Total Cost of Control,' Says BlackBerry Cylance's John McClurg After years of organizations being stuck in a reactive security posture, proactive prevention is finally possible thanks to machine learning backed by AI math models, says BlackBerry Cylance's John McClurg.

Security 216

Security 216

erwin

JUNE 21, 2019

Over the past few weeks several huge mergers and acquisitions (M&A) have been announced, including Raytheon and United Technologies , the Salesforce acquisition of Tableau and the Merck acquisition of Tilos Therapeutics. According to collated research and a Harvard Business Review report , the M&A failure rate sits between 70 and 90 percent.

Healthcare 108

Healthcare Compliance Financial Services GDPR 108

National Archives Records Express

JUNE 21, 2019

NARA is in the final stages of our records scheduling process with U.S. Immigration and Customs Enforcement (ICE) for schedule DAA-0567-2015-0013, Detainee Records. This schedule was originally proposed to NARA on October 26, 2015. NARA published notice of the pending schedule in the Federal Register on July 14, 2017. The schedule, which covers records related to deaths of detainees and allegations of sexual assault and abuse of detainees, received a record number of public comments.

IT 108

IT 108

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

JUNE 16, 2019

On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim ema i l servers, that already compromised some Azure installs. Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers. Microsoft Azure is not immune , recently experts reported several attacks leveraging the platform to host tech-support scam and phishing templates.

Phishing 111

Phishing Authentication Cloud Security 111

Data Breach Today

JUNE 20, 2019

State's Department of Human Services Now Says 645,000 Affected The number of individuals affected by a phishing-related breach disclosed in March by the Oregon Department of Human Services has nearly doubled, according to a new notification statement, which offers more details.

Phishing 200

Phishing 200

AIIM

JUNE 19, 2019

Last week, I had the privilege of teaching our inaugural Foundations of Intelligent Information Management course in Denver, CO. We had students from a variety of industries and locations take part in the course, which is designed to provide participants with a thorough understanding of the fundamentals of information management. Over four days, we covered the entire lifecycle of information management: Creating and capturing information.

Metadata 87

Metadata Records Management Compliance Communications 87

Schneier on Security

JUNE 21, 2019

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here , the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered.

Manufacturing 105

Manufacturing Libraries Security IT 105

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

JUNE 15, 2019

Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA).

File names 110

File names Mining Access Communications 110

Data Breach Today

JUNE 21, 2019

Barracuda's Michael Flouton on Social Engineering, Account Takeover and More The early days of email attacks - so much noise in the form of malware, spam and links - have given way to attacks that often rely on little more than words, and email gateways often struggle to arrest social engineering ploys, says Michael Flouton of Barracuda Networks.

200

200

Dark Reading

JUNE 18, 2019

How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.

Customer Experience 105

Customer Experience 105

Schneier on Security

JUNE 19, 2019

Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud.

Passwords 102

Passwords Risk Cloud Security 102

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

JUNE 21, 2019

Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating Linux. Researchers at MalwareBytes have spotted a new cryptominer, tracked as Bird Miner, that targets macOS and emulates Linux. The malware spreads via a cracked installer for the music production software Ableton Live that is distributed on a piracy website called VST Crack, and that is over 2.6 GB in size. “ A new Mac cryptocurrency miner Malwarebytes detects as Bird

IT 109

IT Security Information Security 109

Data Breach Today

JUNE 18, 2019

London Conference Tackles Data Breaches, Machine Learning, Cybercrime and More The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.

Data breaches 180

Data breaches 180

WIRED Threat Level

JUNE 20, 2019

Three cybersecurity firms have identified phishing attacks stemming from Iran—that may lay the groundwork for something more destructive.

Phishing 104

Phishing Cybersecurity Security 104

Schneier on Security

JUNE 20, 2019

Security researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It will demonstrate several attack paths, some of them allowing unauthenticated attackers to take full control of the HSM.

Security 94

Security Manufacturing Paper Access 94

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

JUNE 16, 2019

Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan.

IoT 108

IoT e-Discovery Security IT 108

Data Breach Today

JUNE 21, 2019

Report Outlines 10 Years' Worth of Serious Incidents Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.

Security 183

Security 183

Dark Reading

JUNE 20, 2019

Early information suggests threat actors gained access to the managed service provider's remote monitoring and management tools and used them to attack the firm's clients.

Ransomware 90

Ransomware Access 90

Schneier on Security

JUNE 20, 2019

Matthew Green intelligently speculates about how Apple's new "Find My" feature works. If you haven't already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: If your device is constantly emitting a BLE signal that uniquely identifies it, the whole world is going to have (yet another) way to track you.

Privacy 90

Privacy Marketing IT 90

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

JUNE 20, 2019

The Riviera Beach City, Florida, agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. The Riviera Beach City Council voted unanimously to pay $600,000 in ransom to decrypt its records after a ransomware attack hit its systems. The council has previously agreed to spend $941,000 to modernize the entire IT infrastructure after hackers broke into the city’s system three weeks ago, ecrypting data managed by the City.

Insurance 108

Insurance Ransomware Encryption Government 108

Data Breach Today

JUNE 20, 2019

More Data, Use of the Cloud and IoT Presage Even More Big, Bad Breaches Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.

Data breaches 185

Data breaches IoT Cloud IT 185

Dark Reading

JUNE 19, 2019

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.

Phishing 98

Phishing 98