Threatpost

OCTOBER 9, 2019

Study participants fail to correctly identify core security concepts and tools to help them stay safe online.

Cybersecurity 75

Cybersecurity Security Phishing Privacy 75

WIRED Threat Level

OCTOBER 9, 2019

Privacy 235

Privacy 235

The Guardian Data Protection

OCTOBER 8, 2019

David Omand warns festival Cheltenham festival audience of threat to democracy from monetisation of data Big internet firms know more about the lives of private individuals than any intelligence agency ever has and that is a dangerous threat to democracy, the former head of the spy agency GCHQ has said. David Omand was at the centre of British intelligence for decades, beginning his career at GCHQ after he graduated from Cambridge in 1969 and becoming its director from 1996-97.

IT 72

IT Security 72

Security Affairs

OCTOBER 11, 2019

With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career. Cyber attacks are making headlines almost every day in today’s era. The attacks have increased both in number and complexity. Because of this natural demand, it is now crucial for companies and specialized firms to reinforce and invest in professionals to face a problem that technology can’t solve.

Cybersecurity 279

Cybersecurity IT Information Security Cloud 279

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

OCTOBER 7, 2019

Pulse Secure, Palo Alto and Fortinet Devices Being Hit by APT Groups, NCSC Warns Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.

Security 245

Security 245

The Last Watchdog

OCTOBER 10, 2019

Cloud Access Security Brokers – aka “caz-bees” — have come a long way in a short time. CASBs, a term coined by tech industry consultancy Gartner, first cropped about seven years ago to help organizations enforce security and governance policies as they commenced, in earnest, their march into the cloud. Related: Implications of huge Capital One breach CASBs supplied a comprehensive set of tools to monitor and manage the multitude of fresh cyber risks spinning out of the rise in in corporate

Cloud 200

Cloud Risk Access Security 200

Security Affairs

OCTOBER 11, 2019

Good news for the victims of the Nemty Ransomware , security researchers have released a free decryptor that could be used to recover files. I have great news for the victims of the recently discovered Nemty Ransomware , security researchers have released a free decryptor tool that could be used to recover files. In mid-August, the Nemty ransomware appeared in the threat landscape, the name of the ransomware comes after the extension it adds to the encrypted file names.

Ransomware 279

Ransomware File names Encryption Security 279

Data Breach Today

OCTOBER 10, 2019

Europol Report: Ransomware, DDoS, Business Email Compromises Are Persistent Threats Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency. After numerous successful disruptions by police, criminals have responded by launching increasingly complex attacks.

Ransomware 235

Ransomware 235

WIRED Threat Level

OCTOBER 6, 2019

From rogue USB sticks to Chrome extensions gone wild, here is a quick guide to some basic risks you should look out for.

Cybersecurity 247

Cybersecurity Risk Security 247

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Krebs on Security

OCTOBER 8, 2019

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights. Happily, only about 15 percent of the bugs patched this week earned Microsoft’s most dire “critical” rating.

Security 39

Security IT 39

Security Affairs

OCTOBER 7, 2019

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019.

Authentication 279

Authentication Security IT IoT 279

Data Breach Today

OCTOBER 7, 2019

Google Security Evangelist Mike Burr Describes Android Security Measures Mike Burr of Google provides an overview of Android security efforts, including using artificial intelligence to scan Android apps.

Artificial Intelligence 217

Artificial Intelligence Security 217

WIRED Threat Level

OCTOBER 8, 2019

The Internet Research Agency specifically targeted African Americans, and has not stopped trying to influence elections, a Senate intelligence report says.

Security 203

Security 203

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Weissman's World

OCTOBER 10, 2019

We spend a lot of time advocating for process improvement everywhere we can – the proven thinking being that even the best information available loses value if it can’t be effectively shared and leveraged. But there’s one element that consistently goes missing that warrants special attention: the need to anticipate circumstances beyond our control and […].

IT 168

IT Government 168

Security Affairs

OCTOBER 6, 2019

A database containing details of 92 million Brazilians was auctioned by a threat actor on underground forums along with a search service focused on Brazilians. Someone is auctioning on several restricted underground forums a database containing personal information of 92 million Brazilian citizens. The threat actor, registered as X4Crow, is also advertising a search service that allows retrieving detailed information on Brazilian citizens.

Education 278

Education Authentication Security IT 278

Data Breach Today

OCTOBER 9, 2019

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections.

Authentication 213

Authentication Security 213

WIRED Threat Level

OCTOBER 5, 2019

FCC comment bots, a "bulletproof" hosting takedown, and more of the week's top security news.

Security 191

Security 191

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

OCTOBER 9, 2019

To pay or not to pay? That’s the dilemma hundreds of organizations caught in the continuing surge of crippling ransomware attacks have faced. Related: How ransomware became such a scourge The FBI discourages it, as you might have guessed. What’s more, the U.S. Conference of Mayors this summer even passed a resolution declaring paying hackers for a decryption key anathema.

IT 164

IT Ransomware Phishing Encryption 164

Security Affairs

OCTOBER 9, 2019

Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Volusion is a privately-held technology company that provides ecommerce software and marketing and web design services for small and medium sized businesses. The company has over 250 employees and has served more than 180,000 customers since its founding in 1999.

e-Discovery 277

e-Discovery Cloud Analytics Marketing 277

Data Breach Today

OCTOBER 10, 2019

To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.

Privacy 193

Privacy Artificial Intelligence Government 193

WIRED Threat Level

OCTOBER 9, 2019

Opinion: Without proper guidelines, smartphones on the battlefield may kill more soldiers than they save.

Security 155

Security 155

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

The Last Watchdog

OCTOBER 7, 2019

It seems like any discussion of cybersecurity these days invariably circles back to automation. Our growing fixation with leveraging artificial intelligence to extract profits from Big Data – for both constructive and criminal ends—is the order of the day. Related: Why Cyber Pearl Harbor is upon us Vigilante is a cybersecurity startup that cuts against that grain.

Artificial Intelligence 138

Artificial Intelligence Cloud Cybersecurity Big data 138

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. According to the UK’s National Cyber Security Centre (NCSC), advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

Military 277

Military Data breaches Security Government 277

Data Breach Today

OCTOBER 10, 2019

Audit Finds Agencies Not Following State's Cybersecurity Law The personal data of Mississippi citizens is susceptible to breaches because many state agencies, universities and other organizations are failing to comply with all the mandates of the state's cybersecurity law, according to a report issued by the Office of the State Auditor.

Compliance 193

Compliance Personal data Cybersecurity 193

WIRED Threat Level

OCTOBER 9, 2019

The road to routing all Domain Name System lookups through HTTPS is pocked with disagreements over just how much it will help.

Encryption 129

Encryption IT Privacy Security 129

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Thales Cloud Protection & Licensing

OCTOBER 10, 2019

It’s hard to believe it’s mid-October. Along with autumn, comes National Cybersecurity Awareness Month (NCSAM). The NCSAM 2019 focuses on personal accountability. Driven through mass public engagement, the ‘Own IT. Secure. IT. Protect IT.’ theme will help to encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers.

Cloud 115

Cloud Security Encryption Digital transformation 115

Security Affairs

OCTOBER 5, 2019

NSA is redefining its cybersecurity mission and with the Cybersecurity Directorate it will enhance its partnerships with unclassified collaboration and information sharing. Under the new Cybersecurity Directorate — a major organization that unifies NSA’s foreign intelligence and cyberdefense missions. The NSA announced the new Cybersecurity Directorate — which will help defend domestic organizations from foreign cyberattacks.

Cybersecurity 275

Cybersecurity Military Security Access 275

Data Breach Today

OCTOBER 11, 2019

Prosecutors, Defense Attorneys Ask Judge for Delay, Citing Massive Amounts of Data to Review Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A. Thompson, citing the overwhelming amount of digital evidence in the case and the ongoing forensics investigation. Prosecutors also expect to file additional charges.

192

192