TAB OnRecord

JULY 1, 2019

Compliance 60

Compliance Risk 60

WIRED Threat Level

JULY 5, 2019

Ransomware attacks, supply chain hacks, escalating tensions with Iran—the first six months of 2019 have been anything but boring.

Cybersecurity 270

Cybersecurity Ransomware Security 270

Threatpost

JULY 3, 2019

Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.

Privacy 106

Privacy IT Data Privacy IoT 106

Security Affairs

JULY 5, 2019

Eurofins Scientific, the UK’s biggest provider of forensic services, has paid a ransom to demand to recover its data after a ransomware attack. Eurofins Scientific, the UK’s largest police forensics lab contractor, announced to have paid a ransom to crooks to recover its data after a ransomware had been encrypted them. The company is based in Brussels and manages more than 800 laboratories all over the world.

Ransomware 279

Ransomware Insurance Encryption Security 279

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

JULY 3, 2019

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks. Some researchers say the exploits could be tied to an Iranian-backed threat group.

Government 274

Government Access 274

AIIM

JULY 1, 2019

Guest Post: Joanne E. Novak from Konica Minolta Business Solutions. For the past 3 years, the Clerk of Common Pleas Court in Clark County, OH, Melissa Tuttle, has been utilizing a content management tool to automate her business workflows. Like many Counties, Melissa and her team deal with a lot of paperwork and file types. Utilizing a content management tool has helped them eliminate the time-consuming burden of pulling paper files manually and instead utilize automation so that Melissa and her

Paper 162

Paper Digital transformation Government Archiving 162

Security Affairs

JULY 4, 2019

Austin Thompson (23) from Utah, the hacker who carried out massive DDoS attacks on Sony, EA, and Steam gets a 27-months prison sentence. The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson (23) from Utah hit the principal gamins networks in 2013 and 2014, including Sony Online Entertainment. “Austin Thompson of Utah was sentenced in federal court today to 27 months

Computer and Electronics 279

Computer and Electronics Access Security IT 279

Data Breach Today

JULY 2, 2019

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents.

Ransomware 267

Ransomware IT 267

WIRED Threat Level

JULY 2, 2019

To prove a point about common location-sharing apps, I asked my wife to use them to spy on me.

Privacy 225

Privacy Security 225

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

The Last Watchdog

JULY 1, 2019

As the presidential debate season ramps up, the specter of nation-state sponsored hackers wreaking havoc, once more, with U.S. elections, looms all too large. It’s easy to get discouraged by developments such as Sen. McConnell recently blocking a bi-partisan bill to fund better election security , as well as the disclosure that his wife, Transportation Security Elaine Chao, has accepted money from voting machine lobbyists.

Phishing 159

Phishing Risk Passwords Cybersecurity 159

Security Affairs

JULY 4, 2019

Tens of VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. At least 30 VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. The vulnerabilities could be exploited by a remote unauthenticated attacker to trigger a denial-of-service (DoS) condition and reboot vulnerable systems.

Access 278

Access Cloud Security IT 278

Data Breach Today

JULY 1, 2019

Cloud-Based Databases Belonged to IT Firm Attunity Several unsecured Amazon S3 buckets belonging to IT services firm Attunity left at least 1TB of data, including files from companies such as Netflix, TD Bank and Ford, exposed to the internet, UpGuard researchers disclosed. Although the databases have been secured, an investigation is continuing.

Cloud 244

Cloud Security IT 244

WIRED Threat Level

JULY 1, 2019

Almost every month in 2019 so far has seen reports of a local government falling prey to ransomware, but this series of attacks belies an even broader threat.

Ransomware 187

Ransomware Government Security 187

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Thales Cloud Protection & Licensing

JULY 3, 2019

I recently had the pleasure of sharing some industry insights from our 2019 Data Threat Report-Federal Edition on Cyberwire’s Daily Podcast –specifically addressing the gap in security responsibility many federal agencies face today as they move tremendous amounts of sensitive data into multicloud environments. We also discussed a new digital landscape where perimeter defense is no longer effective.

Government 120

Government Security Encryption IoT 120

Security Affairs

JULY 5, 2019

The Federal Bureau of Investigation (FBI) issued a warning on Twitter regarding sextortion campaigns that are targeting teenagers in the United States. The FBI issued a warning on Twitter regarding sextortion attacks that are targeting teenagers in the United States. The internet connects you with the world. Do you know who in the world is connecting with you?

Communications 278

Communications Access IT Risk 278

Data Breach Today

JULY 2, 2019

Campaign Targeted Those Interested in Libyan Politics Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims. In the latest incident, Facebook removed more than 30 pages from its platform after security analysts with Check Point Research found that a hacker had loaded them with malware.

Security 236

Security IT 236

WIRED Threat Level

JUNE 29, 2019

Robert Mueller will testify, malware wrecks IoT, and more of the week's top security news.

IoT 138

IoT Security 138

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

JULY 4, 2019

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico. After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, and Telegram. It was the digital equivalent of tossing someone's house: opening cabinets, pulling out drawers, and overturning furniture in hopes of finding something -- any

Mining 111

Mining Passwords Encryption Communications 111

Security Affairs

JULY 5, 2019

Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers. The campaign began around June 10 and already infected several thousand machines.

Passwords 278

Passwords Archiving Mining Access 278

Data Breach Today

JULY 4, 2019

Vulnerabilities Found in APIs Controlling Croatia-Based Zipato's IoT Devices Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices. "Smart home" vendor Zipato says it's fixed the flaws.

IoT 227

IoT Risk Security IT 227

Dark Reading

JULY 3, 2019

There are important lessons to be learned from a crisis, even the ones that are more fiction than fact.

Manufacturing 111

Manufacturing Security 111

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

Schneier on Security

JULY 5, 2019

My Applied Cryptography is on a list of books banned in Oregon prisons. It's not me -- and it's not cryptography -- it's that the prisons ban books that teach people to code. The subtitle is "Algorithms, Protocols, and Source Code in C" -- and that's the reason. My more recent Cryptography Engineering is a much better book for prisoners, anyway.

IT 111

IT 111

Security Affairs

JUNE 29, 2019

Attunity data integration and big data management firm exposed a significant amount of sensitive data through unprotected Amazon S3 buckets. Data integration and big data management firm Attunity exposed a significant amount of sensitive data through unprotected Amazon S3 buckets. The company, owned by Qlik , provides solutions to over 2,000 enterprises and half of the Fortune 100 firms.

Big data 278

Big data Sales Passwords Marketing 278

Data Breach Today

JULY 5, 2019

Poor Password Reset Process Proves Too Convenient, as 900 Customers Affected Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days. Poor passwords and authentication designs by the company are likely to blame, according to media reports.

Passwords 222

Passwords Authentication Access 222

National Archives Records Express

JULY 1, 2019

Late last week, the Office of Management and Budget (OMB) and NARA jointly issued a new memorandum with guidance on managing Federal records. The new memo, titled Transition To Electronic Records (OMB/NARA M-19-21) is available at [link]. NARA is pleased to have the Administration’s continuing support for modernizing Federal agency recordkeeping and bringing about the necessary transformation to a fully electronic government.

Records Management 109

Records Management Government IT 109

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Schneier on Security

JULY 1, 2019

Wow, is this an embarrassing bug : Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys it generates. The security keys are used by thousands of federal employees on a daily basis, letting them securely log-on to their devices by issuing one-time passwords.

Security 110

Security Passwords Government Access 110

Security Affairs

JUNE 30, 2019

Explorer, Mozilla Firefox, Google Chrome, and Opera, no matter which web browser you use, here’s what you need to know to protect them against attacks. There are a number of web browsers available for surfing sites and accessing the content. The most popular and widely used are Internet Explorer, Mozilla Firefox, Google Chrome, and Opera. No matter which browser you use there are certain security leaks in each one of them.

Security 278

Security Risk Passwords Authentication 278

Data Breach Today

JULY 3, 2019

Proposed Settlement Requires D-Link to Bolster Security Program D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.

IoT 193

IoT Security 193