Schneier on Security

SEPTEMBER 6, 2018

The Five Eyes -- the intelligence consortium of the rich English-speaking countries (the US, Canada, the UK, Australia, and New Zealand) -- have issued a " Statement of Principles on Access to Evidence and Encryption " where they claim their needs for surveillance outweigh everyone's needs for security and privacy.the increasing use and sophistication of certain encryption designs present challenges for nations in combatting serious crimes and threats to national and global security.

Security 104

Security Encryption Access Government 104

Thales Cloud Protection & Licensing

SEPTEMBER 6, 2018

In my recent blog on the evolving PCI SSC initiatives in 2018, “ Minor on PCI DSS, major on almost everything else ,” I outlined how the organisation is covering new areas to reflect the migration from physical card payments to online digital payments. Much of the latest innovation involves the use of mobile devices (for both initiation and acceptance ) to provide greater flexibility in how payments can be made and offer additional methods to authenticate transactions.

Security 66

Security Encryption Compliance Risk 66

IT Governance

SEPTEMBER 7, 2018

Data breaches can happen to anybody. Incidents at large organisations – such as Dixons Carphone and Superdrug – might be reported on more often, giving you the impression that they are the most frequent targets, but these are actually the exception. Breaches occur most often at SMEs (small and medium-sized enterprises), if only because there are a lot more of them.

Data breaches 56

Data breaches GDPR Paper Personal data 56

Krebs on Security

SEPTEMBER 4, 2018

mSpy , the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.

Passwords 204

Passwords Encryption Authentication Mining 204

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

SEPTEMBER 6, 2018

All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That’s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management and more.

Security 189

Security Analytics Digital transformation Marketing 189

Data Breach Today

SEPTEMBER 3, 2018

'CEO Fraud' Social-Engineering Attacks Continue to Surge Business email compromise attacks continue to be lucrative, for the criminally inclined. With the FBI reporting that reports of such attacks have recently doubled, researchers find that tricking victims into making fraudulent wire transfers remains attackers' top goal.

148

148

Krebs on Security

SEPTEMBER 6, 2018

A 19-year-old man from the United Kingdom who headed a cybercriminal group whose motto was “Feds Can’t Touch Us” pleaded guilty this week to making bomb threats against thousands of schools. On Aug. 31, officers with the U.K.’s National Crime Agency (NCA) arrested Hertfordshire resident George Duke-Cohan, who admitted making bomb threats to thousands of schools and a United Airlines flight traveling from the U.K. to San Francisco last month.

Security 182

Security IT 182

The Last Watchdog

SEPTEMBER 2, 2018

Just like the best sourdough bread derives from a “mother” yeast that gets divided, passed around, and used over and over, open-source software applications get fashioned from a “mother” library of code created and passed around by developers. Related: Equifax hack highlights open source attack vectors. In today’s world, quick innovations are a necessity, and software developers would rather not lose valuable time reinventing the wheel.

Compliance 179

Compliance Libraries Sales Personal data 179

Data Matters

SEPTEMBER 7, 2018

On September 5, 2018, the new Belgian Data Protection Act implementing the GDPR (the Belgian Act ) was published and entered into force. Despite the GDPR being an EU regulation that directly applies to all EU Member States, several provisions of the GDPR explicitly allow, and even require, Member States to enact legislation which implements the law.

GDPR 94

GDPR Archiving Privacy Compliance 94

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

SEPTEMBER 4, 2018

Sam Curry of Cybereason on the Need to Ask Vendors Tough Questions CISOs should ask tough questions of vendors that claim to offer machine learning and artificial intelligence capabilities so they can cut through the marketing hype to find out what's real, says Sam Curry of Cybereason.

Artificial Intelligence 133

Artificial Intelligence Marketing 133

Krebs on Security

SEPTEMBER 5, 2018

Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that any usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine. This attack serves as a fresh reminder that legitimate browser extensions can and periodically do fall into the wrong hands, and that it makes good security sense to limit your exposure to such attacks by getting rid of extensions that are no longer useful or

Risk 161

Risk Access Phishing Passwords 161

The Last Watchdog

SEPTEMBER 5, 2018

There is a concept in computing, called runtime, that is so essential and occurs so ubiquitously that it has long been taken for granted. Now cyber criminals have begun to leverage this heretofore innocuous component of computing to insinuate themselves deep inside of company networks. Related: The coming wave of ‘microcode’ attacks. They’ve figured out how to manipulate applications while in runtime and execute powerful and stealthy attacks that bypass conventional security tools.

Ransomware 140

Ransomware Access Marketing Cloud 140

TAB OnRecord

SEPTEMBER 5, 2018

Is it possible that you’re not managing your organizations records, but rather they are managing you? If panicked “All-Office” emails are common or if people are regularly searching for critical files after the information was needed, the answer may be yes. The following questions are designed to help diagnose how your organization uses and stores information.

Records Management 94

Records Management IT 94

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

SEPTEMBER 3, 2018

Lock Down Magento E-Commerce Software or See Card Details Get Routed to Moscow In the past six months, more than 7,000 sites that run Magento e-commerce software have been infected with malicious JavaScript designed to harvest customers' payment card details as they finalize their orders, a security researcher warns.

Security 145

Security 145

Krebs on Security

SEPTEMBER 2, 2018

A 20-year-old from Vancouver, Washington was indicted last week on federal hacking charges and for allegedly operating the “ Satori ” botnet, a malware strain unleashed last year that infected hundreds of thousands of wireless routers and other “Internet of Things” (IoT) devices. This outcome is hardly surprising given that the accused’s alleged alter ego has been relentless in seeking media attention for this global crime machine.

IoT 125

IoT Communications Security IT 125

The Last Watchdog

SEPTEMBER 7, 2018

Over the past couple of decades, some amazing advances in locking down software code have quietly unfolded in, of all places, Hollywood. Related: HBO hack spurs cyber insurance market. Makes sense, though. Digital media and entertainment giants like Netflix, Amazon, Hulu, HBO, ESPN, Sony, and Disney are obsessive about protecting their turf. These Tinsel Town powerhouses retain armies of investigators and lawyers engaged in a never-ending war to keep piracy and subscription fraud in check.

IoT 133

IoT Security Digital transformation Cloud 133

AIIM

SEPTEMBER 5, 2018

Intelligent Information Management (IIM).It sounds great, but what the heck do those 3 words really mean? Here at AIIM, you've probably heard us use IIM to describe the core set of capabilities that are necessary for organizations to digitally transform. In fact, we believe so whole-heartedly that it's the future of Information Management that we actually changed our name to the Association of Intelligent Information Management and even wrote the book on it.

ECM 83

ECM Digital transformation Libraries Access 83

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

SEPTEMBER 5, 2018

With the midterm elections just around the corner, Barbara Simons, author of the election security book "Broken Ballots," explains why some voting computers remain inherently flawed.

Security 142

Security 142

Troy Hunt

SEPTEMBER 5, 2018

As time has gone by, one of the things I've enjoyed the most in running Have I Been Pwned (HIBP) is seeing how far I could make the dollars stretch. How big can it go whilst at the same time, running it on a shoestring? I keep finding new ways of optimising cost and the two most significant contributions to that since launching almost 5 years ago have come via serverless technology provided by 2 of my favourite tech companies: Cloudflare and Microsoft.

Passwords 94

Passwords IT Data structuring Cloud 94

The Last Watchdog

SEPTEMBER 4, 2018

Most large enterprises today can point to multi-millions of dollars expended over the past two decades erecting “layered defenses” to protect their digital systems. Yet catastrophic network breaches continue apace. Turns out there’s a downside to “defense in depth.”. Related: Obsolecense creeps into legacy systems. There’s no doubt that monitoring and continually updating all parts of a multi-tiered security system is a must-do best practice.

Data breaches 133

Data breaches Honeypots Digital transformation Communications 133

AIIM

SEPTEMBER 5, 2018

Intelligent Information Management (IIM).It sounds great, but what the heck do those 3 words really mean? Here at AIIM, you've probably heard us use IIM to describe the core set of capabilities that are necessary for organizations to digitally transform. In fact, we believe so whole-heartedly that it's the future of Information Management that we actually changed our name to the Association of Intelligent Information Management and even wrote the book on it.

ECM 80

ECM Digital transformation Libraries Access 80

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

SEPTEMBER 5, 2018

But Tech-Support Fraud is Surging, via Cold Calls, Phishing and More, FBI Warns While tech-support scams have proliferated for years, the FBI says losses tied to such fraud are now higher than ever. Google has pledged to crack down on fake tech-support listings. But fraudsters regularly employ a variety of channels, including cold calls, pop-up windows and phishing emails.

Phishing 139

Phishing 139

IT Governance

SEPTEMBER 7, 2018

Saying you’ve done something doesn’t necessarily mean you’ve actually done it. Almost every data breach begins with an organisation saying they were secure until a crook comes along and shows them otherwise. . This is one of the biggest problems facing the cyber security industry. Organisations approach issues reluctantly, creating measures that seem adequate but are in fact only, to borrow from information governance expert Andrea Simmons, “skin deep”. .

Security 82

Security Information Security Information governance Data breaches 82

OpenText Information Management

SEPTEMBER 7, 2018

Gone are the days of the “job ladder” – following one linear path for your entire career. Instead, professionals today tend to create their own adventure by gaining experience across a wider range of disciplines. Lynn Elwood, VP of Cloud & Services Solutions, is a prime example of this. Lynn’s desire to be challenged and … The post Thriving as a woman in tech: A Q&A with OpenText VP, Lynn Elwood appeared first on OpenText Blogs.

Cloud 81

Cloud 81

WIRED Threat Level

SEPTEMBER 4, 2018

"Whatever we propose is going to be controversial. But it’s important we do something, because everyone is unsatisfied by URLs. They kind of suck.".

Security 89

Security 89

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Breach Today

SEPTEMBER 4, 2018

Joseph Feiman of WhiteHat Security on the Need for Cultural Change Application security is not improving because about 60 percent of vulnerabilities never get fixed, says Joseph Feiman of WhiteHat Security.

Security 128

Security 128

Data Matters

SEPTEMBER 5, 2018

On Friday, August 31, the California legislature unanimously passed a host of “clean-up” amendments to the new California Consumer Privacy Act (CCPA), AB 375 , as it set about addressing flaws and other concerns in the state’s groundbreaking data privacy law. These amendments are now awaiting Governor Brown’s signature. These amendments follow closely on the heels of the State’s initial enactment of the CCPA in June.

Privacy 66

Privacy Compliance Data breaches Data Privacy 66

Security Affairs

SEPTEMBER 5, 2018

Security expert discovered that S kype has a malloc(): memory corruption vulnerability that could be triggered while users share some media/file with someone during a call. . Tested on: Linux zero 4.15.0-29-generic #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu 18.04 LTS). Product affected: Skype for linux (skypeforlinux_8.27.0.85_amd64.deb) Steps to reproduce this issue: 1.

Security 92

Security IT 92