Threatpost

OCTOBER 9, 2019

Study participants fail to correctly identify core security concepts and tools to help them stay safe online.

Cybersecurity 75

Cybersecurity Security Phishing Privacy 75

WIRED Threat Level

OCTOBER 9, 2019

Privacy 103

Privacy 103

The Guardian Data Protection

OCTOBER 8, 2019

David Omand warns festival Cheltenham festival audience of threat to democracy from monetisation of data Big internet firms know more about the lives of private individuals than any intelligence agency ever has and that is a dangerous threat to democracy, the former head of the spy agency GCHQ has said. David Omand was at the centre of British intelligence for decades, beginning his career at GCHQ after he graduated from Cambridge in 1969 and becoming its director from 1996-97.

IT 60

IT Security 60

The Last Watchdog

OCTOBER 10, 2019

Cloud Access Security Brokers – aka “caz-bees” — have come a long way in a short time. CASBs, a term coined by tech industry consultancy Gartner, first cropped about seven years ago to help organizations enforce security and governance policies as they commenced, in earnest, their march into the cloud. Related: Implications of huge Capital One breach CASBs supplied a comprehensive set of tools to monitor and manage the multitude of fresh cyber risks spinning out of the rise in in corporate

Cloud 200

Cloud Risk Access Security 200

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

OCTOBER 7, 2019

Pulse Secure, Palo Alto and Fortinet Devices Being Hit by APT Groups, NCSC Warns Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.

Security 217

Security 217

Thales Cloud Protection & Licensing

OCTOBER 10, 2019

It’s hard to believe it’s mid-October. Along with autumn, comes National Cybersecurity Awareness Month (NCSAM). The NCSAM 2019 focuses on personal accountability. Driven through mass public engagement, the ‘Own IT. Secure. IT. Protect IT.’ theme will help to encourage personal accountability and proactive behavior in digital privacy, security best practices, common cyber threats and cybersecurity careers.

Cloud 115

Cloud Security Encryption Digital transformation 115

The Last Watchdog

OCTOBER 9, 2019

To pay or not to pay? That’s the dilemma hundreds of organizations caught in the continuing surge of crippling ransomware attacks have faced. Related: How ransomware became such a scourge The FBI discourages it, as you might have guessed. What’s more, the U.S. Conference of Mayors this summer even passed a resolution declaring paying hackers for a decryption key anathema.

IT 164

IT Ransomware Phishing Encryption 164

Data Breach Today

OCTOBER 10, 2019

Europol Report: Ransomware, DDoS, Business Email Compromises Are Persistent Threats Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency. After numerous successful disruptions by police, criminals have responded by launching increasingly complex attacks.

Ransomware 207

Ransomware 207

Security Affairs

OCTOBER 11, 2019

With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career. Cyber attacks are making headlines almost every day in today’s era. The attacks have increased both in number and complexity. Because of this natural demand, it is now crucial for companies and specialized firms to reinforce and invest in professionals to face a problem that technology can’t solve.

Cybersecurity 111

Cybersecurity IT Information Security Cloud 111

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Schneier on Security

OCTOBER 8, 2019

Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. Thomas Drake , former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate. Suelette Dreyfus , lecturer at the University of Melbourne, was scheduled to give a talk on her work -- funded by the EU government -- on anonymous whistleblowing technologies like Dropbox and how they reduce corruption in countr

Government 95

Government Information Security Cybersecurity Security 95

The Last Watchdog

OCTOBER 7, 2019

It seems like any discussion of cybersecurity these days invariably circles back to automation. Our growing fixation with leveraging artificial intelligence to extract profits from Big Data – for both constructive and criminal ends—is the order of the day. Related: Why Cyber Pearl Harbor is upon us Vigilante is a cybersecurity startup that cuts against that grain.

Artificial Intelligence 138

Artificial Intelligence Cloud Cybersecurity Big data 138

Data Breach Today

OCTOBER 10, 2019

Audit Finds Agencies Not Following State's Cybersecurity Law The personal data of Mississippi citizens is susceptible to breaches because many state agencies, universities and other organizations are failing to comply with all the mandates of the state's cybersecurity law, according to a report issued by the Office of the State Auditor.

Compliance 182

Compliance Personal data Cybersecurity 182

Security Affairs

OCTOBER 7, 2019

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019.

Authentication 111

Authentication Security IT IoT 111

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Dark Reading

OCTOBER 9, 2019

How a new open source initiative for interoperable security tools and a wave of consolidation could finally provide some relief for overwhelmed security analysts and SOCs.

Security 92

Security 92

Schneier on Security

OCTOBER 9, 2019

Interesting : German investigators said Friday they have shut down a data processing center installed in a former NATO bunker that hosted sites dealing in drugs and other illegal activities. Seven people were arrested. [.]. Thirteen people aged 20 to 59 are under investigation in all, including three German and seven Dutch citizens, Brauer said. Authorities arrested seven of them, citing the danger of flight and collusion.

Marketing 90

Marketing IT 90

Data Breach Today

OCTOBER 11, 2019

Prosecutors, Defense Attorneys Ask Judge for Delay, Citing Massive Amounts of Data to Review Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A. Thompson, citing the overwhelming amount of digital evidence in the case and the ongoing forensics investigation. Prosecutors also expect to file additional charges.

181

181

Security Affairs

OCTOBER 11, 2019

Good news for the victims of the Nemty Ransomware , security researchers have released a free decryptor that could be used to recover files. I have great news for the victims of the recently discovered Nemty Ransomware , security researchers have released a free decryptor tool that could be used to recover files. In mid-August, the Nemty ransomware appeared in the threat landscape, the name of the ransomware comes after the extension it adds to the encrypted file names.

Ransomware 110

Ransomware File names Encryption Security 110

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Dark Reading

OCTOBER 10, 2019

One in four malicious URLs employed a legitimate domain, making it more difficult for potential victims to spot possible dangers, a mid-year report finds.

IT 95

IT 95

Schneier on Security

OCTOBER 10, 2019

Free Wi-Fi hotspots can track your location , even if you don't connect to them. This is because your phone or computer broadcasts a unique MAC address. What distinguishes location-based marketing hotspot providers like Zenreach and Euclid is that the personal information you enter in the captive portal­ -- like your email address, phone number, or social media profile­ -- can be linked to your laptop or smartphone's Media Access Control (MAC) address.

Privacy 88

Privacy Marketing Access IT 88

Data Breach Today

OCTOBER 10, 2019

To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.

Privacy 176

Privacy Artificial Intelligence Government 176

Security Affairs

OCTOBER 6, 2019

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure. According to the UK’s National Cyber Security Centre (NCSC), advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild.

Military 108

Military Data breaches Security Government 108

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

WIRED Threat Level

OCTOBER 6, 2019

From rogue USB sticks to Chrome extensions gone wild, here is a quick guide to some basic risks you should look out for.

Cybersecurity 108

Cybersecurity Risk Security 108

Schneier on Security

OCTOBER 8, 2019

A new iOS exploit allows jailbreaking of pretty much all version of the iPhone. This is a huge deal for Apple, but at least it doesn't allow someone to remotely hack people's phones. Some details : I wanted to learn how Checkm8 will shape the iPhone experience­ -- particularly as it relates to security­ -- so I spoke at length with axi0mX on Friday.

Access 88

Access Security IT 88

Data Breach Today

OCTOBER 9, 2019

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections.

Authentication 185

Authentication Security 185

Security Affairs

OCTOBER 6, 2019

A database containing details of 92 million Brazilians was auctioned by a threat actor on underground forums along with a search service focused on Brazilians. Someone is auctioning on several restricted underground forums a database containing personal information of 92 million Brazilian citizens. The threat actor, registered as X4Crow, is also advertising a search service that allows retrieving detailed information on Brazilian citizens.

Education 107

Education Authentication Security IT 107

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

OpenText Information Management

OCTOBER 7, 2019

Today, supply chains are considered strategic to the business, and meeting customer expectations for ethical and sustainable supply chain operations is increasingly becoming a top priority for supply chain managers. Last year, supply chain research specialists APICS found that 83% of supply chain professionals thought ethics were extremely or very important for their organization.

B2B 87

B2B 87

Dark Reading

OCTOBER 10, 2019

In the arms race of computer security, it's never been more important to develop an adversarial mindset that can identify assumptions and determine if and how they can be violated.

Security 85

Security IT 85

Data Breach Today

OCTOBER 9, 2019

Phone Numbers Provided for Security Were Used for Targeted Advertising Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.

Security 172

Security 172