Data Breach Today
NOVEMBER 19, 2018
Database Blunder Left Two-Step Codes, Account Reset Links Exposed A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links.
Krebs on Security
NOVEMBER 23, 2018
‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here’s a quick refresher course on how to make it through the next few weeks without getting snookered online. Adopting a shopping strategy of simply buying from the online merchant with the lowest advertised prices can be a bit like playing Russian Roulette with your wallet, for the simple r
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
NOVEMBER 19, 2018
Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. A string of advances in biometric authentication systems has brought facial recognition systems, in particular, to the brink of wide commercial use. Related: Drivers behind facial recognition boom. Adoption of facial recognition technology is fast gaining momentum, with law enforcement and security use cases leading the way.
Security Affairs
NOVEMBER 18, 2018
Instagram has suffered a serious security leak that might have exposed user’s passwords, revealed The Information website. Instagram notified some of its users that it might have accidentally exposed their password due to a security glitch. According to a company spokesperson, the bug was “discovered internally and affected a very small number of people.”.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
WIRED Threat Level
NOVEMBER 17, 2018
Safer browsing, more bitcoin scams, and the rest of the week's top security news.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
NOVEMBER 21, 2018
One Answer Is Clear: Network Re-Routing Raises Suspicions For nearly 30 months, internet traffic going to Australian Department of Defense websites flowed through China Telecom data centers, an odd and suspicious path. Why the strange routing occurred is known. But the reasons why it persisted for so long aren't.
Security Affairs
NOVEMBER 18, 2018
On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider, and deleted 6,500+ sites. On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider. The news was confirmed by Daniel Winzen, the software developer behind the hosting service. Daniel’s Hosting became the largest Dark Web hosting provider earlier 2017 when Anonymous members breached and took down Freedom Hosting II.
WIRED Threat Level
NOVEMBER 17, 2018
Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.
The Last Watchdog
NOVEMBER 21, 2018
Privacy regulations and legislation are topics that continue to be of concern for consumers and businesses alike. News of data breaches, data vulnerabilities and compromised private information is released almost daily from businesses both small and large. Related: Europe’s GDPR ushers in new privacy era. Legislation has recently been proposed for individual states, addressing data privacy regulations head-on.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
NOVEMBER 19, 2018
Card-Sniffing JavaScript Posed as Google Analytics Script on Retailer's Sites Online contact lens retailer Vision Direct says it suffered a data breach that exposed customers' names and complete payment card details. Researchers say fake Google Analytics JavaScript designed to capture card details appears to have been planted by the prolific cybercrime gangs known as Magecart.
Security Affairs
NOVEMBER 17, 2018
A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company. The ransom demand ( archive.is link ) was posted on Pastebin , the hacker claims to have compromised user’s email and also accused ProtonMail of sending user’s decrypted data to America
WIRED Threat Level
NOVEMBER 21, 2018
Researchers have discovered that the so-called Rowhammer technique works on "error-correcting code" memory, in what amounts to a serious escalation.
Schneier on Security
NOVEMBER 21, 2018
Democracy is an information system. That's the starting place of our new paper: " Common-Knowledge Attacks on Democracy." In it, we look at democracy through the lens of information security, trying to understand the current waves of Internet disinformation attacks. Specifically, we wanted to explain why the same disinformation campaigns that act as a stabilizing influence in Russia are destabilizing in the United States.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
NOVEMBER 21, 2018
Cisco's Paul Singleton on Why It's Important to Know Your Adversary How have cyberattacks evolved in 2018? Cisco's Paul Singleton describes the common threats and vectors, as well as why it's important to know exactly who your attacker is - and how they are exploiting your defenses.
Security Affairs
NOVEMBER 22, 2018
The authentication process via German eID cards with RFID chips is flawed, an attacker could impersonate any other citizen. The nightmare comes true, the authentication process via German eID cards with RFID chips is flawed and a flaw could allow an attacker to allow identity spoofing and changing the date of birth. The situation is very serious, the new cards are accepted as an ID document in most countries in Europe and allow the German citizens to access online government services (i.e. tax s
WIRED Threat Level
NOVEMBER 18, 2018
You were right not to trust hotel and airport Wi-Fi a few years ago. But these days, it's (probably) fine.
Schneier on Security
NOVEMBER 23, 2018
Researchers are able to create fake fingerprints that result in a 20% false-positive rate. The problem is that these sensors obtain only partial images of users' fingerprints -- at the points where they make contact with the scanner. The paper noted that since partial prints are not as distinctive as complete prints, the chances of one partial print getting matched with another is high.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
NOVEMBER 23, 2018
Scant Detail on Incident and Unusual Email Notification Raises Eyebrows Amazon has blamed a technical error for its inadvertent exposure of some customers' names and email addresses online. The online retailing giant maintains that its systems were not breached, says it has sent an email notification to all affected customers, and that the problem has been fixed.
Security Affairs
NOVEMBER 22, 2018
Dropbox team disclosed three critical zero-day vulnerabilities in Apple macOS, chaining them it is possible to take over a Mac computer. Dropbox team disclosed three critical zero-day vulnerabilities (CVE-2017-13890, CVE-2018-4176, CVE-2018-4175) affecting the Apple macOS operating system, an attacker could chain them to remotely execute arbitrary code on a targeted Mac computer.
WIRED Threat Level
NOVEMBER 20, 2018
Cybercriminals are always looking to steal your credit card or even your identity. But it pays to be on extra high alert come Black Friday.
IT Governance
NOVEMBER 19, 2018
Preparing your organisation for cyber attacks and data breaches is complicated, and you should look for advice wherever you can get it. One of the most trusted resources is the NCSC’s (National Cyber Security Centre) ten-step guide. In this blog we summarise its guidance and recommend tools and resources to help you along the way. Create a risk management regime.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
NOVEMBER 20, 2018
Telecom Company Says Total Losses Due to Data Breach Stand at $99 Million Two men who pleaded guilty to participating in the massive 2015 hack of London-based telecom company TalkTalk have been sentenced to serve time in jail. Police say they recovered data from a suspect's wiped and encrypted systems as well as chat messages that incriminated the pair of friends.
Security Affairs
NOVEMBER 17, 2018
According to the head of the Federal Investigation Agency’s (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Group-IB experts discovered another large set of compromised payment cards details that was put on sale on Joker’s Stash, one of the most popular underground hubs of stolen card data, on Nov. 13. The new set of dumps, unauthorized digital copies of the information contained in magnetic stripe of a bank card, came with the payment details of 177,
WIRED Threat Level
NOVEMBER 20, 2018
Two new reports show an uptick in sophisticated phishing attacks originating from—where else—Russia.
AIIM
NOVEMBER 21, 2018
Artificial Intelligence (AI) is obviously all the rage. Consider the search traffic on “Artificial Intelligence” since early 2016. As a result, just about every technology product in the world now seems to have the artificial intelligence “label” attached to it. Which is ironic, because AI has actually been with us for decades, not months. People have been thinking about the relationship between people and machines going all the way back to ancient times, and process automation goes back to the
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
NOVEMBER 23, 2018
In the latest edition of the ISMG Security Report, Asaf Ashkenazi of the mobile security firm Inside Secure discusses new threats to car security posed by certain smartphone apps. Plus, updates on behavioral authentication and protecting "very attackable people" from hackers.
Security Affairs
NOVEMBER 23, 2018
VMware released security updates to address a vulnerability (CVE-2018-6983) that was recently discovered at the Tianfu Cup PWN competition. VMware released security updates to address a vulnerability ( CVE-2018-6983 ) that was recently discovered by Tianwen Tang of Qihoo 360’s Vulcan Team at the Tianfu Cup PWN competition. White hat hackers earned more than $1 million for zero-day exploits disclosed at the hacking contest that took place on November 16-17 in Chengdu.
WIRED Threat Level
NOVEMBER 23, 2018
Every new version of iOS seems to bring with it a fresh lock screen bypass. Head the next one off by shushing Siri on your lock screen.
Expert insights. Personalized for you.
215 
Let's personalize your content