IT Governance

AUGUST 1, 2019

Phishing 73

Phishing 73

Dark Reading

AUGUST 2, 2019

OK, perhaps that's self-evident, so how come it far too often still takes an incident to trigger planning?

IT 106

IT 106

Thales Cloud Protection & Licensing

AUGUST 2, 2019

The British parliament has been unable to agree the exit package from the European Union. With the possibility of a “no deal” departure looming, EU leaders have granted a six-month extension to Brexit day. But the uncertainty that still lingers with regards to Britain’s future, creates various opportunities which cyber criminals could try to exploit.

Cybersecurity 117

Cybersecurity Personal data Data breaches GDPR 117

Data Breach Today

JULY 30, 2019

Researchers Detail use of Machine Learning to Find Phishing URLs JPMorgan Chase researchers have published a new paper describing their efforts at developing a novel "early warning" system based on artificial intelligence algorithms that can detect malware, Trojans and other advanced persistent threats before the phishing campaign that targets the bank's employees even starts.

Artificial Intelligence 182

Artificial Intelligence Phishing Paper 182

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Krebs on Security

JULY 30, 2019

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breach played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses.

Data breaches 279

Data breaches Cloud Mining Insurance 279

WIRED Threat Level

JULY 29, 2019

VxWorks is designed as a secure, "real-time" operating system for continuously functioning devices, like medical equipment, elevator controllers, or satellite modems.

Security 254

Security 254

Data Breach Today

JULY 30, 2019

Authorities Allege Paige A. Thompson Referenced Stolen Files on GitHub A Seattle-area woman has been charged with accessing tens of millions of Capital One credit card applications after allegedly taking advantage of a misconfigured firewall. The incident is likely to increase calls for better corporate caretaking of sensitive consumer data.

Data breaches 235

Data breaches Access 235

Krebs on Security

AUGUST 2, 2019

On Monday, a former Amazon employee was arrested and charged with stealing more than 100 million consumer applications for credit from Capital One. Since then, many have speculated the breach was perhaps the result of a previously unknown “zero-day” flaw, or an “insider” attack in which the accused took advantage of access surreptitiously obtained from her former employer.

Metadata 265

Metadata Cloud Data breaches Access 265

Security Affairs

JULY 28, 2019

Watch out! Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 and 9.0. Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution flaw.

Manufacturing 279

Manufacturing Security IT Information Security 279

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

WIRED Threat Level

JULY 29, 2019

It occupies a spot next to 'Black Mirror' and Big Brother in popular imagination, but China’s social credit project is far more complicated than a single, all-powerful numerical score.

IT 240

IT Privacy Security 240

Data Breach Today

JULY 31, 2019

Experts Say Bank May Have Made Several Errors The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.

Personal data 227

Personal data 227

Krebs on Security

JULY 29, 2019

Marcus Hutchins , the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday. Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm.

Ransomware 216

Ransomware Education Government Risk 216

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . A report published by cybersecurity firm Sixgill revealed that data for over 23 million payment card were offered for sale in the cybercrime underground. The report, titled “ Underground financial fraud report “, provides interesting details about the sale of stolen financial data in the Dark Web. .

Marketing 279

Marketing Sales Encryption Retail 279

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

WIRED Threat Level

JULY 31, 2019

The Guardian Firewall app gives iOS users a reprieve from the scourge of online trackers.

Security 238

Security 238

Data Breach Today

AUGUST 1, 2019

Researchers Say Proxy Machine Can Bypass Transaction Limits Via Man-in-the-Middle Attack A newly discovered vulnerability in Visa's contactless payment cards could allow fraudsters to bypass payment limits of 30 British pounds ($37) at U.K. banks, according to researchers at Positive Technologies, who claim the vulnerability could be exploited in other countries as well.

207

207

The Last Watchdog

AUGUST 1, 2019

Company officials at Capital One Financial Corp ought to have a crystal clear idea of what to expect next — after admitting to have allowed a gargantuan data breach. Capital One’s mea culpa coincided with the FBI’s early morning raid of a Seattle residence to arrest Paige Thompson. Authorities charged the 33-year-old former Amazon software engineer with masterminding the hack.

Data Privacy 198

Data Privacy Privacy Data breaches Cloud 198

Security Affairs

JULY 28, 2019

Experts at Trustwave observed threat actors using a rare technique to compromise fully patched websites. Security experts at Trustwave observed threat actors using a rare steganography technique, attackers are hiding PHP scripts in Exchangeable Image Format (EXIF) headers of JPEG images that are uploaded on the website. The Exchangeable image file format is a standard that specifies the formats for images, sound, and ancillary tags used by digital cameras (including smartphones), scanners and ot

GDPR 279

GDPR Security IT Information Security 279

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

JULY 31, 2019

"You don't need to change votes to cause chaos," Senator Mark Warner tells WIRED in an exclusive interview.

IT 187

IT Security 187

Data Breach Today

JULY 31, 2019

Questions Remain Over How Hacker Breached Bank Files In what's likely the first of many investigations, the New York attorney general's office announced late Tuesday that it's launching a Capital One probe following the disclosure that over 100 million U.S. residents had their personal data exposed in a breach. Meanwhile, class action lawsuits are looming.

Personal data 199

Personal data IT 199

AIIM

JULY 30, 2019

Everyone has a process for onboarding new hires, contractors, consultants, etc. There's a checklist to follow: issue the badge, issue the keys to the office and the parking garage, and of course set up the Active Directory account, the email account, and all the other information management system set-up tasks. Similarly, when employees separate, there's a checklist there too: remove access to systems, get the laptop back, get the keys back, etc.

Records Management 150

Records Management Archiving Access Cloud 150

Security Affairs

JULY 27, 2019

Attackers deployed a Magecart credit card skimmer script into fake Google domains used to trick visitors into making online transactions. Experts at Sucuri discovered threat actors using fake Google domains hosting a Magento skimmer script used to steal payment data when unaware visitors make transactions. The campaign was uncovered when the owner of a website discovered that its domain was blacklisted by McAfee’s SiteAdvisor service.

CMS 279

CMS Security Cloud IT 279

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

WIRED Threat Level

AUGUST 2, 2019

Amazon-owned Ring has cozied up to law enforcement, and critics say it's using police departments to help market its surveillance cameras.

Marketing 179

Marketing IT Privacy Security 179

Data Breach Today

AUGUST 2, 2019

Watchdog Points to Numerous Risk Management Shortcomings Some 23 federal agencies come up short in their cybersecurity efforts even as attacks on their IT infrastructures continue to grow and concerns about foreign interference in the upcoming 2020 elections persist, according to a Government Accountability Office report.

Cybersecurity 188

Cybersecurity Risk Government IT 188

AIIM

JULY 29, 2019

AIIM strongly believes in an even 50/50 split between men and women in the workplace. As the roles of women in the workplace have changed dramatically over the past few decades, more and more women continue to take on roles in Information Management. To grow and support this exciting transition, AIIM launched the Women In Information Management (WIIM) program.

Libraries 119

Libraries Access 119

Security Affairs

JULY 30, 2019

Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “ jackpot ” the infected machine. Introduction. Recently our attention was caught by a really particular malware sample most probably linked toa recent cybercriminal operation against the banking sector. This piece of malicious code is a so-called ‘ATM malware ‘: a malicious tool that is part of a criminal arsenal able to interact with Automatic Teller Machine.

Financial Services 279

Financial Services Communications Access IT 279

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

JULY 29, 2019

In a criminal complaint, the FBI detailed how a hacker allegedly stole data from 100 million people—and how she got caught.

Security 162

Security 162

Data Breach Today

JULY 29, 2019

Europol Marks Three-Year Anniversary of Non-Profit Security Initiative Three years since its launch, the No More Ransom portal has assisted 200,000 ransomware victims and stopped $108 million from being paid in ransom, according to Europol - one of its founding partners.

Ransomware 183

Ransomware Security IT 183

AIIM

AUGUST 2, 2019

Steps to Make Your Paperless Office Dream a Reality. According to AIIM research , 75% of the organizations we surveyed view digital transformation as “important” or “very important” to their organization. But why? Most respondents pointed to operational savings as a result of a more digital and connected workflow. In other words: cut the paper, cut the inefficiencies.

Digital transformation 117

Digital transformation Customer Experience Paper Insurance 117