Sat.Jul 07, 2018 - Fri.Jul 13, 2018

article thumbnail

Tokenization: Ready for Prime Time

Thales Cloud Protection & Licensing

The digital transformation has changed how the world does business. It has created whole new enterprises and industries, but it has also left many organizations vulnerable to new and destructive threats. Digital transformation can and does deliver increased efficiencies, improved decision-making, lower costs, improved reach, and higher profits. But it also frequently relies on increasing amounts of personal and other sensitive data.

article thumbnail

How ‘digital transformation’ gave birth to a new breed of criminal: ‘machine-identity thieves’

The Last Watchdog

There’s a new breed of identity thief at work plundering consumers and companies. However, these fraudsters don’t really care about snatching up your credentials or mine. By now, your personal information and mine has been hacked multiple times and is readily on sale in the Dark Web. This has long been true of the vast majority of Americans. Related article: 7 hacks signaling a coming global cyber war.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Software Flaws: Why Is Patching So Hard?

Data Breach Today

Federal Agency Offers Insights on Vulnerability Mitigation; Others Weigh In Federal regulators are reminding organizations about the importance of identifying and patching software vulnerabilities. But why are these seemingly basic security steps so challenging for so many?

Security 113
article thumbnail

The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. Officially, it “protects fundamental rights and freedoms of natural persons, and in particular, their right to the protection of personal data.” Note the […]. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group.

GDPR 159
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Notorious ‘Hijack Factory’ Shunned from Web

Krebs on Security

Score one for the good guys: Bitcanal , a Portuguese Web hosting firm long accused of helping spammers hijack large swaths of dormant Internet address space over the years, was summarily kicked off the Internet this week after a half-dozen of the company’s bandwidth providers chose to sever ties with the company. Spammers and Internet service providers (ISPs) that facilitate such activity often hijack Internet address ranges that have gone unused for periods of time.

IT 156

More Trending

article thumbnail

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene.

IoT 190
article thumbnail

Facebook fined for data breaches in Cambridge Analytica scandal

The Guardian Data Protection

Firm fined £500k for lack of transparency and failing to protect users’ information Facebook is to be fined £500,000, the maximum amount possible, for its part in the Cambridge Analytica scandal , the information commissioner has announced. The fine is for two breaches of the Data Protection Act. The Information Commissioner’s Office (ICO) concluded that Facebook failed to safeguard its users’ information and that it failed to be transparent about how that data was harvested by others.

article thumbnail

Patch Tuesday, July 2018 Edition

Krebs on Security

Microsoft and Adobe each issued security updates for their products today. Microsoft’s July patch batch includes 14 updates to fix more than 50 security flaws in Windows and associated software. Separately, Adobe has pushed out an update for its Flash Player browser plugin, as well as a monster patch bundle for Adobe Reader/Acrobat. According to security firm Qualys , all but two of the “critical” fixes in this round of updates apply to vulnerabilities in Microsoft’s b

Security 140
article thumbnail

Q&A: Here’s why it has become vital for companies to deter ‘machine-identity thieves’

The Last Watchdog

We’re undergoing digital transformation , ladies and gentlemen. And we’re in a nascent phase where clever advances are blossoming even as unprecedented data breaches arise in parallel. The latest example of this dichotomy comes from Timehop, a service that enables social media users to plug into their past. On Sunday, Timehop shared details about how a hacker got into their network, conducted several reconnaissance forays, and then moved swiftly on July 4th to pilfer personal information for 21

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Hospital Diverts Ambulances Due to Ransomware Attack

Data Breach Today

Latest Cyber Incident Spotlights Impact on Patient Care A ransomware attack that forced a Missouri medical center to divert ambulances carrying trauma and stroke patients to other facilities serves as reminder of the impact cyberattacks can have on healthcare delivery. What are the lessons to learn?

article thumbnail

A Landmark Legal Shift Opens Pandora’s Box for DIY Guns

WIRED Threat Level

Cody Wilson makes digital files that let anyone 3-D print untraceable guns. The government tried to stop him. He sued—and won.

article thumbnail

Here's Why Your Static Website Needs HTTPS

Troy Hunt

It was Jan last year that I suggested HTTPS adoption had passed the "tipping point" , that is it had passed the moment of critical mass and as I said at the time, "will very shortly become the norm" Since that time, the percentage of web pages loaded over a secure connection has rocketed from 52% to 71% whilst the proportion of the world's top 1 million websites redirecting people to HTTPS has gone from 20% to about half (projected).

Risk 110
article thumbnail

Labour bought data on 1m mothers and their children

The Guardian Data Protection

ICO to fine baby club Emma’s Diary £140,000 for infraction before 2017 general election The Labour party bought data on more than 1 million new and expectant mothers and their children from a leading baby club ahead of the 2017 general election. The Information Commissioner’s Office (ICO) has issued a notice of intent to fine Emma’s Diary £140,000 for the infraction.

IT 107
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Timehop: Lack of Multifactor Login Controls Led to Breach

Data Breach Today

Breach Underlines Need for Strong Authentication in Cloud Services Timehop, an application that revives older social media posts, says the lack of multifactor authentication on a cloud services account led to a data breach affecting 21 million users. The breach exposed names, email addresses, phone numbers and access tokens Timehop used to read information from accounts.

article thumbnail

Facebook Gave Russian Internet Giant Special Data Extension

WIRED Threat Level

Mail.ru also ran hundreds of apps on Facebook at a time when the platform’s policies allowed app developers to collect their users' friends' data.

Security 111
article thumbnail

Gas Pump Hack

Schneier on Security

This is weird : Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1,800. The theft took place in the middle of the day and went on for about 90 minutes, with the gas station attendant unable to thwart the hackers. The theft, reported by Fox 2 Detroit , took place at around 1pm local time on June 23 at a Marathon gas station located about 15 minutes from downtown Detroit.

IT 84
article thumbnail

Facebook labels Russian users as ‘interested in treason’

The Guardian Data Protection

Firm removes category, which affected 65,000 people, from ad tools, following safety fears Facebook’s advertising tools algorithmically labelled 65,000 Russians as interested in treason, potentially putting them at risk from the repressive state, until the company removed the category, following inquiries from journalists. The labelling raises new concerns over data-driven profiling and targeting of users on the website, which has already faced criticism for the same tool algorithmically inferri

Risk 91
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

HealthEngine Offered $25 Gift Vouchers for Dental Invoices

Data Breach Today

Patients, Dentist Alarmed By HealthEngine, Which Claims It Had Consent Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.

Privacy 176
article thumbnail

Apple's China-Friendly Censorship Caused an iPhone-Crashing Bug

WIRED Threat Level

The bug serves as a reminder of China-friendly censorship code hidden in all iOS devices.

Security 111
article thumbnail

The 111 Million Record Pemiblanc Credential Stuffing List

Troy Hunt

One of the most alarming trends I've seen in the world of data breaches since starting Have I Been Pwned (HIBP) back in 2013 is the rapid rise of credential stuffing attacks. Per the definition in that link, it simply means this: Credential stuffing is the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts.

article thumbnail

How analytics superhero Mike Tamir uses data to fight fake news

IBM Big Data Hub

How can we always be sure the stories we’re reading are accurate? Is there an agenda to distort facts to change opinions? Does a story assert falsehoods, misquote its subjects or rely on hyperbole? In short: is the news we’re consuming the truth? Or is it “fake news?” Meet Mike Tamir, an analytics hero who uses data science to take fake news head-on.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Puzzling Health Dept. Privacy Incident Exposes HIV Data

Data Breach Today

Thousands of Individuals' Data Was Allegedly Accessible to All Agency Workers An incident involving an unsecured database containing information about thousands of HIV/AIDS patients in Tennessee is shining a spotlight on privacy risks involving sensitive health data.

Privacy 167
article thumbnail

The Worst Cybersecurity Breaches of 2018 So Far

WIRED Threat Level

There haven't been as many hacks and attacks compared to this time last year, but that's where the good news ends.

article thumbnail

Department of Commerce Report on the Botnet Threat

Schneier on Security

Last month, the US Department of Commerce released a report on the threat of botnets and what to do about it. I note that it explicitly said that the IoT makes the threat worse, and that the solutions are largely economic. The Departments determined that the opportunities and challenges in working toward dramatically reducing threats from automated, distributed attacks can be summarized in six principal themes.

article thumbnail

Major International Airport System Access Sold for $10 on Dark Web

Dark Reading

Researchers from the McAfee Advanced Threat Research team began with an open search on Russian RDP shop UAS to make their discovery.

Access 74
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

RiskIQ: Ticketmaster Hackers Compromised Widely Used Tools

Data Breach Today

Breach May Have Affected More Ticketmaster Sites, Researchers Say Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.

article thumbnail

Robert Mueller's Indictment Today of 12 Russian Hackers Could Be His Biggest Move Yet

WIRED Threat Level

The special counsel has unleashed an international, geopolitical bombshell.

Security 111
article thumbnail

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

The Internet of Things (IoT) is very crowded. Connected devices outnumber people. The United Nations estimates the current world population at 7.6 billion 1 , and Gartner projects over 20.8 billion devices will be connected to the Internet by 2020 2. Connected things are what make the IoT – sensors, cameras, wearable electronics, medical devices, automatic controls.

IoT 72