Schneier on Security

APRIL 30, 2019

To better understand influence attacks, we proposed an approach that models democracy itself as an information system and explains how democracies are vulnerable to certain forms of information attacks that autocracies naturally resist. Our model combines ideas from both international security and computer security, avoiding the limitations of both in explaining how influence attacks may damage democracy as a whole.

Military 103

Military Paper Security IT 103

Data Breach Today

APRIL 29, 2019

Vulnerabilities Found in Security Cameras, Baby Monitors and More An independent security researcher is warning about a vulnerability in peer-to-peer software used in millions of IoT devices that could allow a hacker to eavesdrop on conversations or turn these items into a botnet.

IoT 237

IoT Security 237

The Last Watchdog

MAY 2, 2019

While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts. Related: Defusing weaponized documents While social media on every platform has benefits, there remains risks that must be addressed so as to keep your companies’ image and data safe.

Risk 138

Risk Marketing Passwords Education 138

Krebs on Security

MAY 3, 2019

A Pennsylvania credit union is suing financial industry technology giant Fiserv , alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. The credit union said the investigation that fueled the lawsuit was prompted by a 2018 KrebsOnSecurity report about glaring security weaknesses in a Fiserv platform that exposed personal and financial details of customers across hundreds of bank Web sites.

Security 220

Security Passwords Financial Services Sales 220

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

AIIM

MAY 1, 2019

Before the introduction of online collaboration tools, work used to take place only in the office. However, online collaboration application has made a huge transformation. Nowadays, work is executed from the place where the team members are present. Online collaboration tools have ended up making the world a smaller place. These applications are smashing all the problems related to location and distance.

Communications 160

Communications IT 160

The Last Watchdog

APRIL 29, 2019

In today’s complex IT environments, a million things can go wrong, though only a few systems touch everything. Related: Why Active Directory is so heavily targeted For companies running Microsoft Windows, one such touch-all systems is Active Directory, or AD, the software that organizes and provides access to information across the breadth of Windows systems.

Ransomware 207

Ransomware Healthcare Paper Access 207

Krebs on Security

MAY 3, 2019

Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly trying to extort money from WSM vendors and buyers (supposedly including Yours Truly) — i

Marketing 203

Marketing Communications IT Access 203

AIIM

APRIL 29, 2019

Some of you may know that, when I was a kid, my dad was my high school principal and my mom was our high school drama teacher. Basically, it meant that NO ONE asked me out on a date. But it also meant that I had a unique front row seat for observing my parents in their ‘natural environments’. I knew they taught, I knew they loved what they did, and I knew they were really, really good at what they did because all the kids and teachers loved them.

ECM 147

ECM Military GDPR IT 147

Data Breach Today

MAY 1, 2019

FBI Tipoff Led to Discovery; Citrix Blames Poor Password Security Citrix says the data breach it first disclosed in early March appears to have persisted for six months before being discovered and hackers ejected. In an ironic twist, the company sells the very products that might have blocked recent credential stuffing and password spraying attacks against it.

Passwords 247

Passwords Data breaches Security IT 247

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

MAY 2, 2019

Small and midsize businesses — so-called SMBs — face an acute risk of sustaining a crippling cyberattack. This appears to be even more true today than it was when I began writing about business cyber risks at USA TODAY more than a decade ago. Related: ‘Malvertising’ threat explained However, one small positive step is that company decision makers today, at least, don’t have their heads in the sand.

Risk 182

Risk Cybersecurity Passwords Ransomware 182

WIRED Threat Level

MAY 3, 2019

A group of likely Chinese hackers has poisoned the software of seven companies in just the last three years.

Security 111

Security 111

AIIM

MAY 3, 2019

It’s warm greetings from sunny San Diego on this episode of the AIIM on Air podcast! Your host Kevin Craine comes to you from The AIIM Conference 2019 floor with a series of interviews from the hallways, sessions, and even poolside at the Conference Party (if you listen closely, you can hear the party’s Beach Boys cover band in the background). AIIM19 welcomed over 700 information professionals from all over the world joining up to learn, network, and even party - together.

Libraries 112

Libraries Access Digital transformation IT 112

Data Breach Today

APRIL 30, 2019

After Citycomp Refuses to Pay Ransom, Cybercriminals Post Customers' Data Online Cybercriminals have stolen customer data from, Citycomp, a German IT company whose clients include Oracle, Volkswagen, Airbus, Ericsson, Toshiba British Telecom and many others. After not paying the ransom, the gang posted the data online.

IT 235

IT 235

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

The Last Watchdog

APRIL 30, 2019

If your company is participating in the global supply chain, either as a first-party purchaser of goods and services from other organizations, or as a third-party supplier, sooner or later you’ll encounter the NIST Cybersecurity Framework. Related: How NIST protocols fit SMBs The essence of the NIST CSF is showing up in the privacy regulations now being enforced in Europe, as well as in a number of U.S. states.

Cybersecurity 173

Cybersecurity Insurance Security Privacy 173

Security Affairs

MAY 2, 2019

The Department of Energy confirmed that in March a cyber event disrupted power grid operations in California, Wyoming, and Utah. The Department of Energy confirmed that on March 2019, between 9 a.m. and 7 p.m., a cyber event disrupted energy grid operations in California, Wyoming, and Utah. The news was first reported by E&E News, a “cyber event” interrupted grid operations in parts of the western United States in March, according to a report posted by the Department of Energy.

Energy and Utilities 111

Energy and Utilities Security IT 111

WIRED Threat Level

APRIL 30, 2019

Mueller is done and Rosenstein is on his way out the door, but federal and state authorities around the country are still investigating the president and those in his orbit.

Security 112

Security 112

Data Breach Today

MAY 3, 2019

The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.

Risk 227

Risk Security 227

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

The Last Watchdog

MAY 1, 2019

Defending a company network is a dynamic, multi-faceted challenge that continues to rise in complexity, year after year after year. Related: Why diversity in training is a good thing. Yet there is a single point of failure common to just about all network break-ins: humans. Social engineering, especially phishing, continues to trigger the vast majority of breach attempts.

Phishing 166

Phishing Financial Services Manufacturing Education 166

Security Affairs

MAY 3, 2019

German police have shut down one of the world’s largest black marketplace in the darkweb, the ‘Wall Street Market,’ and arrested its operators. The German police, with the support of Europol, Dutch police and the FBI, has shut down one of the world’s largest black marketplace in the darkweb , the ‘Wall Street Market,’ and arrested three operators allegedly running it.

Marketing 111

Marketing Sales Government Access 111

WIRED Threat Level

APRIL 29, 2019

If you're going up against an army of the undead, maybe plan a little better.

Security 112

Security 112

Data Breach Today

MAY 1, 2019

Huawei Denies Concealing Backdoors in Equipment Vodafone is disputing a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipment could have allowed unauthorized access to its fixed-line carrier network in Italy. The report comes as Huawei continues to face concerns over its engineering practices and government ties.

Government 221

Government Access Security IT 221

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

DXC Technology

MAY 1, 2019

Recently, Rishidot analyst Krishnan Subramanian proclaimed the Cloud Foundry, Platform-as-a-Service (PaaS) cloud, had met its demise as a standalone platform. Really? That’s news to me, and I cover Cloud Foundry like paint. What got Subramanian so frazzled was Cloud Foundry started offering Docker in place of its own container runtime, Garden.

Cloud 105

Cloud IT 105

Security Affairs

APRIL 29, 2019

A cyber survey conducted by the United Kingdom’s National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. Security experts at the United Kingdom’s National Cyber Security Centre (NCSC) analyzed the 100,000 most-commonly re-occurring breached passwords using data from Have I Been Pwned (HIBP). Have I Been Pwned allows users to search across multiple data breaches to see if their email address has been compromised.

Passwords 111

Passwords Data breaches Risk Access 111

WIRED Threat Level

APRIL 27, 2019

Mueller report fallout, a biometrics database, and more of the week's top security news.

Security 111

Security 111

Data Breach Today

APRIL 29, 2019

Potential Leak of GitHub, Bitbucket Tokens As Well Docker, which offers an open source container platform, is notifying users that an intruder briefly had access to sensitive data from 190,000 Docker Hub accounts, or less than 5 percent of Hub users. But the breach has caused a collective gasp because it potentially magnifies risks for enterprises.

IT 211

IT Risk Access 211

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Thales Cloud Protection & Licensing

MAY 1, 2019

Over the last two election cycles, we’ve seen an increased focus on election security, hacking and fraud. While many state and government officials are under no illusion that they are safe from a digital attack, concern should run deeper than election integrity. Most federal security issues are a result of well-known long-standing vulnerabilities that agencies have not addressed.

Cybersecurity 105

Cybersecurity Digital transformation Data breaches Cloud 105

Security Affairs

APRIL 27, 2019

Docker became aware of unauthorized access to a Docker Hub database that exposed sensitive information for roughly 190,000 users. Docker notified its users that an unauthorized entity gained access to a Docker Hub database that exposed sensitive information for roughly 190,000 users. The exposed information included some usernames and hashed passwords, as well as tokens for GitHub and Bitbucket repositories.

Data breaches 111

Data breaches Passwords Access Security 111

Schneier on Security

MAY 3, 2019

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there's no way to provide this capability without also weakening the security of every user of those devices and communications systems.

Cybersecurity 101

Cybersecurity Artificial Intelligence Government Communications 101