WIRED Threat Level

JANUARY 30, 2020

Better anti-tracking measures have become the norm for Chrome, Firefox, Safari, and other modern browsers. But they still disagree on how exactly they should work.

Privacy 110

Privacy Security 110

Threatpost

JANUARY 28, 2020

While there are dozens of metrics available to determine success, there are two key cybersecurity performance indicators every organization should monitor.

Cybersecurity 55

Cybersecurity Security 55

Dark Reading

JANUARY 27, 2020

There's an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives.

Security 70

Security 70

IT Governance

JANUARY 28, 2020

In April, there will be a major change to the way the Cyber Essentials scheme is administered. From 1 April 2020, in a move to standardise the requirements for Cyber Essentials certification, the National Cyber Security Centre (NCSC) will drop four of its accreditation bodies in favour of the IASME Consortium (IASME), which will operate as the sole accreditation body for the Cyber Essentials scheme.

Government 93

Government IT Access Security 93

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

JANUARY 27, 2020

Some Are Not Giving Customers Option to Opt out of Data Sale, Legal Experts Say Many companies that should be offering customers the ability to "opt out" of the sale of their information under the California Consumer Privacy Act are failing to do so because of the law's ambiguities, some legal experts say. CCPA went into effect Jan. 1, but it won't be enforced until July.

Sales 243

Sales Privacy IT 243

The Last Watchdog

JANUARY 29, 2020

A cyber strategy is a documented approach to handling various aspects of cyberspace. It is mostly developed to address the cybersecurity needs of an entity by focusing on how data, networks, technical systems, and people are protected. An effective cyber strategy is normally on par with the cybersecurity risk exposure of an entity. It covers all possible attack landscapes that can be targeted by malicious parties.

Cloud 203

Cloud Security Risk Cybersecurity 203

Thales Cloud Protection & Licensing

JANUARY 28, 2020

January 28, 2020 marks the 13th iteration of Data Privacy Day. An extension of the celebration for Data Protection Day in Europe, Data Privacy Day functions as the signature event of the National Cyber Security Centre’s ongoing education and awareness efforts surrounding online privacy. Its aim is to foster dialogue around the importance of privacy.

Data Privacy 150

Data Privacy Privacy Encryption Unstructured data 150

Data Breach Today

JANUARY 28, 2020

More Sophisticated Gangs Increasingly Target Large Enterprises, Coveware Warns Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.

Ransomware 291

Ransomware 291

Krebs on Security

JANUARY 31, 2020

On Sept. 11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. On Thursday Jan. 30, prosecutors in Iowa announced they had dropped the criminal charges.

Security 330

Security Education Access IT 330

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Security Affairs

JANUARY 31, 2020

Crooks sometimes damage their mobile devices to destroy evidence, NIST tests forensic methods for getting data from damaged mobile phones. Criminals sometimes damage their mobile phones in an attempt to destroy evidence. They might smash, shoot, submerge or cook their phones, but forensics experts can often retrieve the evidence anyway. Now, researchers at the National Institute of Standards and Technology (NIST) have tested how well these forensic methods work.

Manufacturing 145

Manufacturing Access Encryption IT 145

erwin

JANUARY 30, 2020

I’m excited to share the results of our new study with Dataversity that examines how data governance attitudes and practices continue to evolve. Defining Data Governance: What Is Data Governance? . The 2020 State of Data Governance and Automation (DGA) report is a follow-up to an initial survey we commissioned two years ago to explore data governance ahead of the European Union’s General Data Protection Regulation (GDPR) going into effect.

Government 145

Government Metadata Digital transformation Analytics 145

Data Breach Today

JANUARY 29, 2020

Fraud Marketplace Joker's Stash Says it Has 30 Million Cards A long-running marketplace for selling stolen payment card data claims it has 30 million stolen payment cards that experts believe are linked to the breach at Wawa convenience stores late last year. The breach is one of the largest ever involving card-related data.

Sales 285

Sales IT 285

Krebs on Security

JANUARY 29, 2020

Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web. KrebsOnSecurity recently contacted Sprint to let the company know that an internal customer support forum called “Social Care” was being indexed by search engines, and that several months worth of postings about customer complaints and other issues w

Data Privacy 282

Data Privacy Phishing Authentication Communications 282

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

JANUARY 25, 2020

The Greek government announced that a DDoS cyber attack hit the official state websites of the prime minister, the national police and fire service and several important ministries. Yesterday the Greek government announced that the official websites of the prime minister, the national police and fire service and several important ministries were hit by a DDoS cyberattack that took them down.

Government 145

Government Security IT Information Security 145

WIRED Threat Level

JANUARY 31, 2020

At least one email campaign is preying on fears by claiming to offer info about the Wuhan coronavirus.

Phishing 139

Phishing Security 139

Data Breach Today

JANUARY 27, 2020

Operation Night Fury Targets JavaScript Skimming Gangs Hitting E-Commerce Sites Police in Indonesia have arrested three suspected members of an e-commerce hacking crew that employed JavaScript sniffing code to steal customer and payment card data, as part of Interpol's ongoing anti-skimming operation, codenamed "Night Fury," targeting hackers in southeast Asia.

275

275

AIIM

JANUARY 29, 2020

It’s no secret that AIIM believes every organization is on — or should be on — a Digital Transformation journey. In fact, AIIM itself is on its own Digital Transformation! But, before I get into that, let’s take a deeper look at Digital Transformation and what it actually entails. At the heart of this transformation journey, is understanding, anticipating, and redefining internal and external customer experiences.

Digital transformation 139

Digital transformation Customer Experience Access IT 139

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Manufacturing 145

Manufacturing Data breaches Sales Access 145

WIRED Threat Level

JANUARY 25, 2020

How the Shlayer Trojan topped the macOS malware charts—despite its “rather ordinary” methods.

IT 134

IT Security 134

Data Breach Today

JANUARY 29, 2020

Trend Micro Project Demonstrates Targeting of Industrial Control Systems Trend Micro researchers created a phony "smart factory" that lured attackers, demonstrating how they are increasingly focusing on industrial control systems and have become adept at planting malware within vulnerable infrastructure.

260

260

Schneier on Security

JANUARY 31, 2020

From a FOIA request, over a hundred old NSA security awareness posters. Here are the BBC's favorites. Here are Motherboard's favorites. I have a related personal story. Back in 1993, during the first Crypto Wars, I and a handful of other academic cryptographers visited the NSA for some meeting or another. These sorts of security awareness posters were everywhere, but there was one I especially liked -- and I asked for a copy.

Security awareness 126

Security awareness FOIA Security IT 126

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

JANUARY 30, 2020

A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United N ations that was leaked to The N ew Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and Vienna.

Passwords 144

Passwords Access Security IT 144

WIRED Threat Level

JANUARY 25, 2020

The facial recognition startup claims it collected billions of photos from sites like Facebook and Twitter. What does the practice mean for the open web?

IT 129

IT Privacy Security 129

Data Breach Today

JANUARY 31, 2020

Reports: Cybercriminals Using Health Emergency Messages to Spread Malware Cybercriminals are using fake email messages about the coronavirus to spead the Emotet Trojan and other malware, according to reports released this week by IBM and Kaspersky.

253

253

Threatpost

JANUARY 31, 2020

APT34 has been spotted in a malware campaign targeting customers and employees of a company that works closely with U.S. federal agencies, and state and local governments.

Government 108

Government 108

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

JANUARY 27, 2020

The vendor Fortinet has finally released security patches to remove the hardcoded SSH keys in Fortinet SIEM appliances. Fortinet has finally released security updates to remove the hardcoded SSH keys in Fortinet SIEM appliances. Recently Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinet’s Security Information and Event Management FortiSIEM that can be used by attackers to the FortiSIEM Supervisor. .

Passwords 144

Passwords Authentication Access Security 144

WIRED Threat Level

JANUARY 28, 2020

From controversy over camo print to Star Trek comparisons, the new military branch can't buy a break online.

Military 111

Military Security 111

Data Breach Today

JANUARY 30, 2020

Department Says Several Concerns Must Be Addressed The U.S. Department of the Interior this week announced that it has temporarily grounded all drone operations, except for emergencies, citing concerns over national security and cybersecurity. The agency is joining the U.S. Army and Navy in raising concerns about unmanned aircraft made in China.

Cybersecurity 240

Cybersecurity Security IT 240