Krebs on Security
OCTOBER 1, 2018
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).
Security Affairs
OCTOBER 4, 2018
China used tiny chips implanted on computer equipment manufactured for US companies and government agencies to steal secret information. According to a report published by Bloomberg News, China used tiny chips implanted on computer equipment manufactured for US companies and government agencies, including Amazon and Apple, to steal secret information.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
AIIM
OCTOBER 2, 2018
Taking care of your old documents is a complicated process. On one hand, you need to keep them stored away so that they don’t obstruct your daily work and clutter up the workspace. On the other, however, when you do need the documents, you need to be able to locate them quickly and not waste hours trying to figure out where they might have ended up.
Data Breach Today
OCTOBER 2, 2018
Victims Need 'Single Sign-Off' in This Age of Hyper-Connected Services and Apps While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Krebs on Security
OCTOBER 2, 2018
A ridiculous number of companies are exposing some or all of their proprietary and customer data by putting it in the cloud without any kind of authentication needed to read, alter or destroy it. When cybercriminals are the first to discover these missteps, usually the outcome is a demand for money in return for the stolen data. But when these screw-ups are unearthed by security professionals seeking to make a name for themselves, the resulting publicity often can leave the breached organization
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
AIIM
OCTOBER 5, 2018
Having your cake and eating it, too, is a proverb that’s almost 500 years old, which means you cannot have two incompatible things at the same time. So many examples of situations exist where you face two mutually exclusive options. Let’s take document capture. Document capture software is designed to automate document-oriented tasks such as sorting or extracting key data.
Data Breach Today
OCTOBER 1, 2018
'Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers.
Security Affairs
SEPTEMBER 29, 2018
The FBI Internet Crime Complaint Center (IC3) warns of cyber attacks exploiting Remote Desktop Protocol (RDP) vulnerabilities. Remote Desktop Protocol (RDP) is a widely adopted protocol for remote administration, but it could dramatically enlarge the attack surface if it isn’t properly managed. The FBI Internet Crime Complaint Center (IC3) and the DHS issued a joint alert to highlight the rise of RDP as an attack vector.
WIRED Threat Level
OCTOBER 2, 2018
Major sites using Facebook's Single Sign-On don't implement basic security features, potentially making the fallout of last week's hack much worse.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
OCTOBER 2, 2018
From Kashmir Hill : Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. It is also using contact information you handed over for security purposes and contact information you didn't hand over at all, but that was collected from other people's contact books, a hidden layer of details Facebook has about you that I've come to call "shadow contact information.
Data Breach Today
OCTOBER 4, 2018
FireEye Traces APT38 Attacks; US-CERT Issues ATM Cash-Out Malware Attack Alert A gang of North Korean government hackers, known as APT38, has stolen more than $100 million from banks in Asia and Africa via fraudulent SWIFT transfers, cybersecurity firm FireEye warns. Separately, the U.S. government says North Korea is also behind serious ATM malware cash-out attacks.
The Guardian Data Protection
SEPTEMBER 29, 2018
Images posted to social media show people accessing data of senior Tories such as Boris Johnson and Michael Gove A major flaw in the Conservative ’s official conference mobile phone application has made the private data of senior party members – including cabinet members – accessible to anyone that logged in as a conference attendee. The data of every person who registered to attend the Tory conference could be viewed, with Boris Johnson, Michael Gove and others among hundreds of diplomats, dign
Security Affairs
OCTOBER 2, 2018
Experts at the Cybaze Z-Lab have analyzed the latest iteration of the infamous GandCrab ransomware, version 5.0. Malware researchers at Cybaze ZLab analyzed the latest version of the infamous GandCrab ransomware, version 5.0. Most of the infections have been observed in central Europe, but experts found evidence that the malicious code doesn’t infect Russian users.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
WIRED Threat Level
OCTOBER 3, 2018
By only checking a file's code signature when you install it—and never again—macOS gives malware a chance to evade detection indefinitely.
Data Breach Today
OCTOBER 1, 2018
Attackers Hacked Three Separate Bugs to Breach 50 Million Accounts Facebook says that whoever hacked 50 million user accounts, putting the privacy of those users' personal data at risk, did so by abusing its "View As" privacy feature. Facebook says the attack successfully targeted three separate bugs in its video-uploading functionality.
AIIM
OCTOBER 3, 2018
Are you finding yourself overwhelmed by the amount of data you have to manage? While it's great to stay up with the latest technology, digital transformation can sometimes leave people feeling like there was a document "explosion" in their department. Not to worry, we're here to help. I invite you to join us for a free webinar on Wednesday, October 10th @ 2pm EDT as AIIM’s Chief Evangelist, John Mancini and Microsoft’s Principal Engineering Lead, Nishan DeSilva discuss the latest ways Office 365
Security Affairs
OCTOBER 1, 2018
Facebook has revealed additional details about the cyber attack that exposed personal information of 50 million accounts. Last week, Facebook announced that attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users. The “View As” feature allows users to see how others see their profile, it was implemented under the privacy section to help users to check that only intended data is visible for their public profile.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
OCTOBER 5, 2018
Sales intelligence firm Apollo left a "staggering amount" of exposed online, including 125 million email addresses and nine billion data points.
Data Breach Today
OCTOBER 1, 2018
Report Into 50 Million Breached Accounts Is Incomplete, Privacy Watchdog Warns To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
Schneier on Security
OCTOBER 4, 2018
Noted conspiracy theorist John McAfee tweeted : The "Presidential alerts": they are capable of accessing the E911 chip in your phones - giving them full access to your location, microphone, camera and every function of your phone. This not a rant, this is from me, still one of the leading cybersecurity experts. Wake up people! This is, of course, ridiculous.
Security Affairs
OCTOBER 3, 2018
A joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “FASTCash,” used by Hidden Cobra APT. The US-CERT has released a joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “ FASTCash ,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace).
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
WIRED Threat Level
OCTOBER 4, 2018
A blockbuster report from Bloomberg says that China has compromised servers used by major US companies. It's a problem that experts have long feared, and still don't know how to resolve.
Data Breach Today
OCTOBER 5, 2018
If Accurate, Bloomberg Report Would Mark a New Era of Mass Hardware Compromise Did the Chinese government pull off one of the most secretive hardware hacks of all time? That's what information security experts are pondering after a Bloomberg report has detailed an espionage operation that purportedly planted a tiny spying chip on widely distributed server motherboards.
Schneier on Security
OCTOBER 4, 2018
Bloomberg is reporting about a Chinese espionage operating involving inserting a tiny chip into computer products made in China. I've written ( alternate link ) this threat more generally. Supply-chain security is an insurmountably hard problem. Our IT industry is inexorably international, and anyone involved in the process can subvert the security of the end product.
Security Affairs
OCTOBER 5, 2018
The sales intelligence firm Apollo is the last victim of a massive data breach that exposed more than 200 million contact records. Apollo collects a lot of its information from public sources, including names, email addresses, and company contact information, it also gathers data by scraping Twitter and LinkedIn. The company already notified the security breach to its customers last week, the incident occurred on 23 Jul 2018. “On discovery, we took immediate steps to remediate our systems
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
OCTOBER 3, 2018
While the presidential text that hits your phone Wednesday will be the first of its kind, it's part of a decades-long lineage of official government Doomsday alerts.
Data Breach Today
OCTOBER 2, 2018
Health Insurer Slammed by Regulator for Failing to Detect Bulk Theft of Records The U.K.'s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web. The ICO found that the health insurer's CRM system lacked adequate security controls.
Hunton Privacy
OCTOBER 2, 2018
Recently, the French Data Protection Authority (“CNIL”) published its initial assessment of the compatibility of blockchain technology with the EU General Data Protection Regulation (GDPR) and proposed concrete solutions for organizations wishing to use blockchain technology when implementing data processing activities. What is a Blockchain? A blockchain is a database in which data is stored and distributed over a high number of computers and all entries into that database (called “transactions”
Expert insights. Personalized for you.
279 
Let's personalize your content