Schneier on Security

JUNE 17, 2020

Zoom is doing the right thing : it's making end-to-end encryption available to all users, paid and unpaid. (This is a change; I wrote about the initial decision here.).we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe -- free and paid -- while maintaining the ability to prevent and fight abuse on our platform.

Encryption 117

Encryption Authentication Privacy Risk 117

Dark Reading

JUNE 18, 2020

The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?

Cybersecurity 131

Cybersecurity 131

Daymark

JUNE 15, 2020

Conditional Access in Azure AD provides a level of security required to maintain appropriate controls over who can access confidential and privileged information. It was the topic of discussion at our most recent “ Ask the Engineer Q&A Roundtable ” where attendees learned tips for a successful Conditional Access deployment and got answers to their specific questions.

Access 94

Access Security IT 94

Krebs on Security

JUNE 17, 2020

“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” -CIA’s Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division.

Security 303

Security Data breaches Security awareness Passwords 303

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identi

IT 341

IT Archiving Personal data Access 341

WIRED Threat Level

JUNE 15, 2020

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users.

Security 142

Security 142

Data Breach Today

JUNE 15, 2020

Personal Details on 727,000 Accounts in 14 Countries Leaked Delivery Hero, the online food delivery service, has confirmed a data breach of its Foodora brand. Breached information includes personal details for 727,000 accounts - names, addresses, phone numbers, precise location data and hashed passwords - in 14 countries.

Data breaches 358

Data breaches Passwords IT 358

Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control.

IT 363

IT Authentication Passwords Access 363

The Last Watchdog

JUNE 17, 2020

Application Programming Interfaces – APIs. Without them digital transformation would never have gotten off the ground. Related: Defending botnet-driven business logic hacks APIs made possible the astounding cloud, mobile and IoT services we have today. This happened, at a fundamental level, by freeing up software developers to innovate on the fly. APIs have exploded in enterprise use over the past several years.

Digital transformation 178

Digital transformation Risk Financial Services Military 178

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

AIIM

JUNE 18, 2020

There are literally thousands of file formats available – which can lead to lots of confusion when trying to select the best file format for your business applications. Different file formats work better to meet certain business requirements, and selecting the wrong format can cause issues for organizations, their customers, their legal team, etc. To help make this type of decision easier, we’ve outlined some very common file formats used in almost every organization.

Archiving 147

Archiving Marketing Access Compliance 147

Data Breach Today

JUNE 19, 2020

Researchers Find Extensions Could Steal Credentials and Security Tokens Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.

Security 307

Security 307

Krebs on Security

JUNE 13, 2020

For the past year, a site called Privnotes.com has been impersonating Privnote.com , a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the mess

Phishing 228

Phishing Encryption Passwords IT 228

The Guardian Data Protection

JUNE 15, 2020

Smittestopp had limited effect because of the small number of users, says data agency Coronavirus – latest updates See all our coronavirus coverage Norway’s health authorities said they suspended an app designed to help trace the spread of coronavirus after the country’s data protection agency said it was too invasive of privacy. Launched in April, the smartphone app Smittestopp (“infection stop”) was set up to collect movement data to help authorities trace the spread of Covid-19, and inform us

Privacy 144

Privacy IT 144

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

JUNE 16, 2020

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack. This DDoS attack is serious. It has taken down Instagram, Facebook, T-Mobile, Verizon, and Twitch… 2020 is something else. pic.twitter.com/ztU59XMWu3 — Jordan Daley (

Communications 145

Communications Marketing Security IT 145

Data Breach Today

JUNE 13, 2020

Suspected Russia-Linked Hackers Have Previously Focused on Ukraine The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.

Phishing 285

Phishing Security 285

AIIM

JUNE 16, 2020

Even though I’ve been an AIIM staff for more than 9 years, I continue to pay for my professional membership out of my own pocket. So it’s pretty obvious that I see the value of an AIIM membership, but you’re here to figure out if it’s worth it for YOU. My goal with this article is to give you a transparent look at both the pros and cons of an AIIM membership.

IT 113

IT Mining Content services GDPR 113

John Battelle's Searchblog

JUNE 17, 2020

It’s getting complicated out there. Marketers – especially brand marketers: Too many of you have lost the script regarding the critical role you play in society. And while well-intentioned TV spots about “getting through this together” are nice, they aren’t a structural solution. It’s time to rethink the relationship between marketers, media companies (not “content creators,” ick), and the audience.

Marketing 137

Marketing IT Risk Security 137

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

JUNE 18, 2020

79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices. Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models.

Security 145

Security Communications IT Information Security 145

Data Breach Today

JUNE 15, 2020

Magecart Gangs Targeting Larger Organizations During Lockdown, Researcher Warns Jewelry retailer Claire's says Magecart attackers hits its e-commerce store, hosted on Salesforce Commerce Cloud, and stole an unspecified number of customers' payment card details. Security firm Sansec, which discovered the breach, says Magecart attacks have grown more targeted during lockdown.

Retail 305

Retail Cloud Security IT 305

IT Governance

JUNE 19, 2020

Cyber criminals have many tricks up their sleeves when it comes to compromising sensitive data. They don’t always rely on system vulnerabilities and sophisticated hacks. They’re just as likely to target the an organisation’s employees. The attack methods they use to do this are known as social engineering. What is social engineering? Social engineering is a collective term for ways in which fraudsters manipulate people into performing certain actions.

IT 135

IT Phishing Sales Security 135

Troy Hunt

JUNE 19, 2020

Today, almost one year after the release of version 5 , I'm happy to release the 6th version of Pwned Passwords. The data set has increased from 555,278,657 known compromised passwords to a grand total of 572,611,621, up 17,332,964? (just over 3%). As with previous releases, I've made the call to push the data now simply because there were enough new records to justify the overhead in doing so.

Passwords 132

Passwords IT 132

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

The Guardian Data Protection

JUNE 17, 2020

Investigation finds cases being closed when complainants refuse ‘digital strip search’ Rape investigations are being systematically dropped after victims refuse to hand over their mobile phones for analysis, an investigation has found. Freedom of information requests reveal that about one in five complainants decline to submit to what has been termed a “digital strip search”.

Privacy 130

Privacy 130

Data Breach Today

JUNE 19, 2020

Creating Cloud-Hosted Attack Infrastructures a Common Practice, Academic Researchers Find Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.

Cloud 298

Cloud Security 298

erwin

JUNE 19, 2020

Despite the similarities in name, there are a number of key differences between an enterprise architecture and solutions architecture. Much like the differences between enterprise architecture (EA) and data architecture, EA’s holistic view of the enterprise will often see enterprise and solution architects collaborate. And as with data architecture , a solution architect’s focus is narrower.

Digital transformation 130

Digital transformation Government Cloud IT 130

Security Affairs

JUNE 17, 2020

AWS announced it has mitigated a 2.3 Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Tbps that took place in March 2018. Amazon announced it has mitigated the largest ever DDoS attack of 2.3 Tbps, the news is surprising if we consider that the previous record was of 1.7 Tbps that took place in March 2018. The 2.3 Tbps attack was neutralized by the Amazon AWS Shield service in mid-February this year.

Access 141

Access IT Security Information Security 141

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Protection Report

JUNE 17, 2020

Just when we thought our summers might have been looking a bit dull, it was announced that the Court of Justice of the European Union ( CJEU ) will be making its final ruling in Case C-311/18, Data Protection Commissioner v Facebook Ireland & Schrems on 16 July 2020. This judgement concerns the legality of the European Commission approved Standard Contractual Clauses ( SCCs ) which many organisations rely on to transfer personal data outside of the UK and the European Economic Area ( EEA ),

Personal data 119

Personal data Communications Access GDPR 119

Data Breach Today

JUNE 19, 2020

DHS Warns of Security Issues in Devices from Baxter, BD and Biotronik Federal authorities are sounding the alarm about cybersecurity vulnerabilities in six medical devices from three manufacturers. The device makers are providing risk mitigation advice.

Manufacturing 261

Manufacturing Cybersecurity Risk Security 261

Dark Reading

JUNE 17, 2020

The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.

IT 120

IT 120