The Last Watchdog

AUGUST 27, 2018

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA. To the contrary, DDoS attacks appear to be scaling up and getting more sophisticated in lock step with digital transformation; DDoS attacks today are larger, more varied and come at the targeted website from so many more vectors than ever before.

IoT 255

IoT Digital transformation Marketing Security 255

IT Governance

AUGUST 29, 2018

Most criminal hackers aren’t state-sponsored agencies or activists looking for high-profile targets, and they don’t spend countless hours staking out and researching their targets. Instead, they’re more opportunistic, looking for poorly-protected targets. Just like an organised house burglar might send out scouts looking for signs of poorly-safeguarded properties, the modern cyber criminal will send out phishing emails or network scans looking for vulnerable systems.

Security 82

Security Data breaches Access Phishing 82

OpenText Information Management

AUGUST 29, 2018

The internet was born to connect us to each other and to the information we need. And somewhere along the way, sharing content—whether it’s your mood on social media or your experience through message boards—became easier and easier. Sharing files is no different. It’s as easy as a click, drag and drop and your file … The post I’m worried about information leaks.

Security 40

Security Customer Experience ECM 40

Data Breach Today

AUGUST 27, 2018

Attacker Wants to Sell Stolen Data, Security Researcher Warns T-Mobile has suffered a breach that may have exposed personal data for 2.3 million of its 77 million customers, and one security researcher says the hacker appears to be keen to sell the stolen data.

Personal data 203

Personal data Security IT 203

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

AUGUST 28, 2018

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned. Brookfield, Wisc.-based Fiserv [ NASDAQ:FISV ] is a Fortune 500 company with 24,000 employees and $5.7 billion in earnings last year.

Retail 188

Retail Security Access Marketing 188

Security Affairs

AUGUST 29, 2018

Cyberstalking is one of the most overlooked crimes. This is exactly why it is among the fastest growing crimes in the world. Learn all there is about cyberstalking here. The internet has been a blessing since its inception. The very concept of globalization has come into existence just because of the internet. The world that was previously unconnected soon became a global village with different cultures and traditions linking together via the information highway.

Cybersecurity 111

Cybersecurity Big data IoT Security 111

Data Breach Today

AUGUST 27, 2018

Bots and Trolls Account for Majority of Vaccine Tweets, Researchers Find Public health alert: Russian trolls have been spreading "polarized and anti-vaccine" misinformation via social media in a manner that appears designed to undercut trust in vaccines, researchers warn. Lower vaccination rates have already contributed to a rise in mass outbreaks of measles among children.

183

183

Krebs on Security

AUGUST 29, 2018

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys. On Tuesday, the Facebook -owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does nothing to block Instagram account takeovers when thieves manage to hijack a target’s mobile phone number — an increasingly common crime.

Authentication 143

Authentication Security Passwords IT 143

The Last Watchdog

AUGUST 29, 2018

If digital transformation, or DX , is to reach its full potential, there must be a security breakthrough that goes beyond legacy defenses to address the myriad new ways threat actors can insinuate themselves into complex digital systems. Network traffic analytics, or NTA , just may be that pivotal step forward. NTA refers to using advanced data mining and security analytics techniques to detect and investigate malicious activity in traffic moving between each device and on every critical system

Digital transformation 140

Digital transformation Security Analytics Access 140

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Security Affairs

AUGUST 27, 2018

A group of researchers has conducted an interesting study on AT commands attacks on modern Android devices discovering that models of 11 vendors are at risk. A group of researchers from the University of Florida, Stony Brook University, and Samsung Research America, has conducted an interesting research on the set of AT commands that are currently supported on modern Android devices.

Paper 109

Paper Access Security Risk 109

Data Breach Today

AUGUST 27, 2018

The March SamSam ransomware attack in Atlanta is reported to have cost the city $17 million to resolve. The attackers had asked for a $51,000 bitcoin ransom, which the city refused to pay. But Gartner Research analyst Avivah Litan stresses that paying ransoms has more cons than pros.

Ransomware 180

Ransomware 180

Krebs on Security

AUGUST 25, 2018

The sextortion email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals. Rather, it’s likely that additional spammers and scammers piled on with their own versions of the phishing email after noticing that some recipients were actually paying up.

Passwords 133

Passwords Ransomware Phishing Privacy 133

AIIM

AUGUST 27, 2018

Digital transformation can mean different things to different organizations. For some, it might mean simply getting rid of paper. But in these competitive times organizations need to look further. That is the subject of an upcoming AIIM webinar “ Digital Darwinism - Real Digital Transformation for Your Automation Projects ” that will explore how the processes that are most-ripe for automation are those that require a bit more thought.

Digital transformation 108

Digital transformation Paper IT 108

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

AUGUST 25, 2018

Your phone number was never meant to be your identity. Now that it effectively is, we're all at risk.

Risk 104

Risk IT Security 104

Data Breach Today

AUGUST 30, 2018

Airline Hits Password-Nuke Button, Forces Reset on 1.7 Million Accounts Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. But the company is enforcing password complexity rules that experts advise against.

Passwords 167

Passwords IT 167

Dark Reading

AUGUST 29, 2018

The right know-how can turn the search engine for Internet-connected devices into a powerful tool for security professionals.

Security 104

Security 104

IT Governance

AUGUST 29, 2018

As we end the near of August, it’s time to tally up the month’s breaches. The volume of breaches is actually rather low in comparison to recent months; however the number of leaked records is a staggering 215,009,428. However, it is worth pointing out that 130 million of those records are from a Chinese hotel chain. As with every month, if I have missed anything – let me know by commenting below.

Data breaches 101

Data breaches Passwords Ransomware Privacy 101

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Schneier on Security

AUGUST 27, 2018

A report for the Center for Strategic and International Studies looks at surprise and war. One of the report's cyberwar scenarios is particularly compelling. It doesn't just map cyber onto today's tactics, but completely re-imagines future tactics that include a cyber component (quote starts on page 110). The U.S. secretary of defense had wondered this past week when the other shoe would drop.

Military 101

Military Government IT Security 101

Data Breach Today

AUGUST 27, 2018

Experts Say Companies Offer Good Examples of Transparency Philips and Becton Dickinson have each issued multiple alerts this year regarding cybersecurity flaws in some of their medical devices. Some security experts say the two companies' transparency about cybersecurity issues - including new alerts issued last week - should be emulated by other manufacturers.

Manufacturing 160

Manufacturing Security Cybersecurity 160

Security Affairs

AUGUST 25, 2018

Chinese-owned telecommunications firm Huawei has been banned from Australia’s 5G network due to security concerns. The Australian government considers risky the involvement of Huawei for the rolling out of next-generation 5G communication networks. Huawei Australia defined the decision disappointing. We have been informed by the Govt that Huawei & ZTE have been banned from providing 5G technology to Australia.

Security 96

Security Military Manufacturing Retail 96

WIRED Threat Level

AUGUST 29, 2018

So-called Attention commands date back to the 80s, but they can enable some very modern-day smartphone hacks.

Security 82

Security 82

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

AUGUST 29, 2018

Interesting story of a CIA intelligence network in China that was exposed partly because of a computer-security failure: Although they used some of the same coding, the interim system and the main covert communication platform used in China at this time were supposed to be clearly separated. In theory, if the interim system were discovered or turned over to Chinese intelligence, people using the main system would still be protected -- and there would be no way to trace the communication back to

Communications 97

Communications Access Risk Government 97

Data Breach Today

AUGUST 28, 2018

Previously Unnamed Utility Reached Record $2.7 Million Settlement Agreement A previously unnamed U.S. energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.

Information Security 157

Information Security Cybersecurity Security IT 157

Security Affairs

AUGUST 29, 2018

Qualys experts discovered that OpenSSH is still vulnerable to Oracle attack, it is affected by the CVE-2018-15919 flaw at least since September 2011. Security experts from Qualys discovered that OpenSSH is still vulnerable to Oracle attack, it is affected by the CVE-2018-15919 flaw at least since September 2011. A few days ago the security expert Darek Tytko from securitum.pl has reported a similar username enumeration vulnerability in the OpenSSH client.

Authentication 93

Authentication Passwords Libraries Security 93

Threatpost

AUGUST 31, 2018

The Magecart group is likely behind the most prolific card-stealing operation seen in the wild to date.

Security 81

Security 81

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Schneier on Security

AUGUST 31, 2018

On Thursday, September 6, starting at 10:00 am CDT, I'll be doing a Reddit " Ask Me Anything " in association with the Ford Foundation. It's about my new book , but -- of course -- you can ask me anything. No promises that I will answer everything.

IT 81

IT 81

Data Breach Today

AUGUST 30, 2018

Hotel Giant Huazhu May Have Accidentally Uploaded Access Credentials to GitHub Police in Shanghai are investigating the apparent loss of 130 million customers' personal details from Huazhu Hotels Group. The data exposure may trace to the Chinese hotel group's developers accidentally accessing credentials for a production database to GitHub.

Sales 145

Sales Access 145

Security Affairs

AUGUST 26, 2018

A team of security experts has devised a rogue USB charging cable named USBHarpoon that can be used to compromise a computer in just a few seconds. The team was composed of Olaf Tan and Dennis Goh of RFID Research Group , Vincent Yiu of SYON Security , and the popular Kevin Mitnick. The USBHarpoon takes inspiration on the BadUSB project built by researchers at Security Research Labs lead by Karsten Nohl.

Security 85

Security IT 85