Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. Yesterday was a perfect example of that with 2 separate noteworthy stories adorning my early morning Twitter feed. The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing

Passwords 93

Passwords Education Data breaches Security 93

The Last Watchdog

NOVEMBER 5, 2018

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules. From smart phones, to smart TVs, location services, and speech capabilities, often times user data is stored without your knowledge.

Privacy 174

Privacy Sales Access Big data 174

Data Breach Today

NOVEMBER 5, 2018

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.

Ransomware 220

Ransomware Insurance 220

Krebs on Security

NOVEMBER 7, 2018

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out. This week, the U.S.

Authentication 279

Authentication Communications IT Security 279

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

NOVEMBER 8, 2018

Once you stop learning, you start dying. -- Albert Einstein. By now, you’ve probably heard all the statistics on how much information we create, how much faster we create it, and how much harder it is to manage. While these statistics are all true, there’s an opportunity for information professionals in all this chaos. Organizations desperately need someone to help them clean up their digital landfills.

Marketing 100

Marketing Libraries Paper Information governance 100

Data Breach Today

NOVEMBER 7, 2018

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.

Insurance 266

Insurance GDPR Privacy IT 266

Krebs on Security

NOVEMBER 6, 2018

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force , a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims.

Passwords 241

Passwords Authentication Access IT 241

AIIM

NOVEMBER 6, 2018

How do you make SharePoint and Office 365 deliver value as an intelligent information management platform? That's what we sought to find out when we first contacted SharePoint expert, Rob Bogue. Rob basically eats, breathes, and sleeps SharePoint, so we knew he'd be the perfect one to work with. Over the following months, we worked with Rob to develop an online course designed to teach you about Implementing Intelligent Information Management on SharePoint and Office 365.

Libraries 92

Libraries Access 92

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. According to the BBC, crooks are offering for sale on underground criminal forums the private messages of 81,000 hacked Facebook accounts. “The perpetrators told the BBC Russian Service that they had detail

Sales 111

Sales Data breaches Encryption Passwords 111

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Data Breach Today

NOVEMBER 7, 2018

'Unauthorized Entry' to Some Accounts Exposes Account Details and Statements HSBC bank is warning some of its U.S. customers that their personal data was compromised in a breach, although it says it's detected no signs of fraud following the "unauthorized entry." Security experts say the heist has all the hallmarks of a credential-stuffing attack campaign.

Data breaches 232

Data breaches Personal data Security IT 232

Krebs on Security

NOVEMBER 4, 2018

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that was obvious even to the untrained eye. These days, a compromised e-commerce site is more likely to be seeded with a tiny snippet of code that invokes a hostile domain which appears harmless or that is virtually indistinguishable from the hacked site’s own

e-Delivery 238

e-Delivery IT Security Privacy 238

AIIM

NOVEMBER 9, 2018

Life for the owner of a startup can be stressful and filled with rapid-fire choices that can hobble progress and add an undue burden. Luckily for startup owners everywhere automation has become a ubiquitous technology and is innovating in the business sector every day. This technology brings with it the possibility for owners to run a business in a cost-effective way without sacrificing productivity.

Communications 91

Communications Marketing Sales Digital transformation 91

Security Affairs

NOVEMBER 9, 2018

According to the head of the Federal Investigation Agency’s (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Almost all Pakistani banks were affected by a recent security breach, the shocking news was confirmed by the head of the Federal Investigation Agency’s (FIA) cybercrime wing. “According to a recent report we have received, data from almost all Pakistani banks has been reportedly hacked,” FIA Cybercrimes Director retired Capt Mohammad

Sales 111

Sales Security Access IT 111

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

NOVEMBER 8, 2018

Another Secure Service - As Allegedly Marketed to Criminals - Fails to Deliver Once again, a supposedly secure service allegedly marketed to criminals has proven to have limits. Dutch police have busted a "cryptophone" operation, allowing them to decrypt more than 258,000 encrypted chat messages, leading to a drug lab bust, 14 arrests and the seizure of cash, drugs and weapons.

Encryption 190

Encryption Marketing Security 190

Krebs on Security

NOVEMBER 9, 2018

A Connecticut man who’s earned bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned. In May 2018, ZDNet ran a story about the discovery of a glaring vulnerability in the Web site for wireless provider T-Mobile that let anyone look up customer home addresses and account PINs.

Sales 208

Sales Personal data Access Marketing 208

AIIM

NOVEMBER 8, 2018

Once you stop learning, you start dying. -- Albert Einstein. By now, you’ve probably heard all the statistics on how much information we create, how much faster we create it, and how much harder it is to manage. While these statistics are all true, there’s an opportunity for information professionals in all this chaos. Organizations desperately need someone to help them clean up their digital landfills.

Marketing 85

Marketing Libraries Paper Information governance 85

IT Governance

NOVEMBER 7, 2018

All organisations experience disruptions, whether that’s from a cyber attack, IT failure, weather event or something else, and they need to be prepared. The longer it takes to address an issue, the more the costs will spiral and the harder it will be to recover. A disaster recovery plan gives organisations a process for responding to a variety of incidents.

Insurance 92

Insurance Risk Data breaches Government 92

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

NOVEMBER 7, 2018

Watchdog Agency Cited Deficiencies, But Agency Says Many Have Already Been Addressed The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report. But since that audit was conducted, the FDA has been aggressively ramping up its activities around device cybersecurity.

Cybersecurity 178

Cybersecurity Marketing Security IT 178

Security Affairs

NOVEMBER 6, 2018

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. “Apache today released an advisory, urging users who run Apache Struts 2.3.x to update the commons-fileupload component [1].

Libraries 111

Libraries Access Security IT 111

Schneier on Security

NOVEMBER 9, 2018

This is a new thing : The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that's used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape. This feels like an example of the US's new strategy of actively harassing foreign government actors.

Government 97

Government Security 97

Data Matters

NOVEMBER 5, 2018

Rapid advances in automation have the potential to disrupt a number of sectors, perhaps none more so than the automobile industry. The U.S. Department of Transportation (DOT) has accordingly announced its intention to take “active steps to prepare for the future by engaging with new technologies to ensure safety without hampering innovation.” Most recently, on October 4, 2018, DOT issued Preparing for the Future of Transportation: Automated Vehicles 3.0 (AV 3.0), its third round of guidance on

Cybersecurity 84

Cybersecurity Government Communications Privacy 84

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

NOVEMBER 7, 2018

Card Details From 22 Banks Appeared On Underground Market Pakistan says the nation's banks have not been hacked, but are taking defensive steps after nearly 20,000 payment card details appeared for sale online. The State Bank of Pakistan says banks are implementing restrictions on international transactions.

Sales 179

Sales Marketing 179

Security Affairs

NOVEMBER 7, 2018

Security expert disclosed the details of a zero-day flaw affecting Oracle’s VirtualBox virtualization software without waiting for a patch from Oracle. The security expert Sergey Zelenyuk has disclosed the details of a zero-day vulnerability affecting Oracle’s VirtualBox virtualization software that could be exploited by an attacker to make a guest-to-host escape.

IT 111

IT Security Access 111

Schneier on Security

NOVEMBER 8, 2018

This is really just to point out that computer security is really hard : Almost as soon as Apple released iOS 12.1 on Tuesday, a Spanish security researcher discovered a bug that exploits group Facetime calls to give anyone access to an iPhone users' contact information with no need for a passcode. [.]. A bad actor would need physical access to the phone that they are targeting and has a few options for viewing the victim's contact information.

Access 96

Access Security 96

WIRED Threat Level

NOVEMBER 4, 2018

If you're not careful, websites can grab all kinds of permissions you don't realize or intend. Take back control in your browser.

Security 107

Security 107

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Breach Today

NOVEMBER 8, 2018

Company Says Medicare Supplemental Plan Policyholders Among Those Impacted Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident. Employee credentials were compromised, enabling unauthorized access to certain company websites containing personal data.

Insurance 181

Insurance Personal data Access 181

Security Affairs

NOVEMBER 4, 2018

The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web. Researchers from Recorded Future’s Insikt Group and McAfee’s Advanced Threat Research team have discovered a new version of the malware that is offered through a RaaS distribution program on the Dark Web.

Ransomware 111

Ransomware Security IT 111

Schneier on Security

NOVEMBER 6, 2018

Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data

Encryption 96

Encryption Security IT 96