Threatpost

NOVEMBER 8, 2019

Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies.

Data breaches 45

Data breaches Risk Privacy Security 45

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs.

IoT 122

IoT Risk Energy and Utilities Security 122

Data Matters

NOVEMBER 4, 2019

Two important decisions have recently occurred relating to website operators’ use of cookies. First, the Court of Justice of the European Union (the “ CJEU ” or the “ Court ”) has issued its judgement in Planet49, a case which looked at the standards of consent and transparency for the use of cookies and similar technologies in the context of the e-Privacy Directive and the GDPR and determined that opt-out consent, by way of a pre-ticked checkbox, was insufficient to obtain GDPR-standard consen

GDPR 76

GDPR Privacy Personal data Marketing 76

AIIM

NOVEMBER 7, 2019

I returned to downtown Washington, DC, last week to teach the AIIM Foundations of Intelligent Information Management (FIIM) course. The class started with some icebreaker exercises, including asking the students to define, in their own words, “ What is information management? ” There were some fantastic definitions generated from the students for this and other discussion questions throughout the course.

Records Management 88

Records Management Information governance Digital transformation Government 88

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

NOVEMBER 8, 2019

Legislation Spells Out Privacy Rights and Enforcement Measures Two Democratic members of the U.S. House have proposed a national privacy law that calls for the formation of a new federal agency to enforce the privacy rights that it defines.

Privacy 113

Privacy IT 113

OpenText Information Management

NOVEMBER 5, 2019

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as well as on premise. But would-be attackers are also continually working to step up their capabilities in the expanding IT landscape, so some attacks will inevitably slip through.

Analytics 56

Analytics Cloud Security IT 56

Security Affairs

NOVEMBER 7, 2019

Experts observed a new phishing campaign that used a specially crafted ZIP archive that was designed to bypass secure email gateways to distribute malware. Attackers have devised a new technique to distribute malware bypassing secure email gateways and other security solutions by using a specially crafted ZIP file. The structure of a ZIP archive contains compressed data, information about the compressed files and a single “End of Central Directory” (EOCD) record, that delimits the end of t

Archiving 279

Archiving Security File names Phishing 279

Krebs on Security

NOVEMBER 7, 2019

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

Data breaches 275

Data breaches Ransomware Cybersecurity Information Security 275

WIRED Threat Level

NOVEMBER 6, 2019

Hackers are one thing. But too few companies take the threat of an inside job seriously enough. .

Security 216

Security 216

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

The Last Watchdog

NOVEMBER 4, 2019

An undercurrent of discontent is spreading amongst knowledge workers in enterprises across the United States and Europe. Related: Phishing-proof busy employees White collar employees today have amazingly capable communications and collaboration tools at their beck and call. Yet the majority feel unsatisfied with narrow daily assignments and increasingly disconnected from the strategic goals of their parent organization.

Communications 180

Communications B2B Cloud Phishing 180

Security Affairs

NOVEMBER 3, 2019

Experts have spotted the first mass-hacking campaign exploiting the BlueKeep exploit , crooks leverage the exploit to install a cryptocurrency miner. Security researchers have spotted the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aims at installing a cryptocurrency miner on the infected systems. In May, Microsoft warned users to update their systems to address the remote code execution vulnerability dubbed BlueKeep , A few days later, the National Security Agency (

Honeypots 236

Honeypots Security Information Security Authentication 236

Data Breach Today

NOVEMBER 8, 2019

The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.

Privacy 171

Privacy Government Security 171

WIRED Threat Level

NOVEMBER 4, 2019

By pointing lasers tuned to a precise frequency at a smart assistant, researchers could force it to unlock cars, open garage doors, and more.

IT 196

IT Security 196

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Last Watchdog

NOVEMBER 6, 2019

From the start, two-factor authentication, or 2FA , established itself as a simple, effective way to verify identities with more certainty. Related: A primer on IoT security risks The big hitch with 2FA, and what it evolved into – multi-factor authentication, or MFA – has always been balancing user convenience and security. That seminal tension still exists today even as the global cybersecurity community is moving to extend MFA as a key security component in much more complex digital systems sp

Authentication 174

Authentication Cloud Digital transformation Risk 174

Security Affairs

NOVEMBER 5, 2019

The #FifthOfNovember has arrived, the Italian branch of Anonymous and LulzSecITA hacked websites of professional orders, prefecture of Naples, and also the telephone operator Lyca Mobile. The Million Mask March , also known as “Operation Vendetta” is a worldwide, annual protest associated with the hacktivist group Anonymous occurring annually on Guy Fawkes Day, the 5th of November.

Privacy 196

Privacy Data breaches Authentication Security 196

Data Breach Today

NOVEMBER 4, 2019

Exploit Isn't a Worm, but Experts Remain Braced for Mayhem The cybersecurity community had been holding its breath in anticipation of mass attacks targeting the severe BlueKeep vulnerability in Windows, which Microsoft has patched. The first in-the-wild exploits have now been seen, although they don't appear to constitute an emergency - at least yet.

Cybersecurity 169

Cybersecurity IT 169

WIRED Threat Level

NOVEMBER 6, 2019

Fraudulent tech-support sites are causing the browser to lock up and display a disturbing message. Force quitting is the only way out.

Security 163

Security 163

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

NOVEMBER 3, 2019

Banking industry giant NCR Corp. [ NYSE: NCR ] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight , an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded.

Passwords 142

Passwords Authentication Access Communications 142

Security Affairs

NOVEMBER 4, 2019

Security experts warn of a new piece of malware dubbed QSnatch that already infected thousands of QNAP NAS devices worldwide. A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. The name comes after the target vendor and the “snatching” activity the malware performs. According to the German Computer Emergency Response Team (CERT-Bund), over 7,000 devices have been infected in Germany alone.

Ransomware 193

Ransomware Encryption Passwords Manufacturing 193

Data Breach Today

NOVEMBER 7, 2019

Employee Has Been Fired; 68,000 Customers Affected A Trend Micro employee stole and then sold contact information for 68,000 of the company's consumer subscribers, which led to a raft of unsolicited tech support scam calls, the company says. The employee has been fired. The incident highlights the risk of insider threats.

Risk 165

Risk 165

WIRED Threat Level

NOVEMBER 8, 2019

At WIRED25, the NSA's Anne Neuberger talked election security, low orbit satellites, and weaponized autonomous drones.

Cybersecurity 159

Cybersecurity Security 159

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

AIIM

NOVEMBER 5, 2019

The dream of going paperless has been on the minds of businesses of all sizes and industries for years. The idea is simple - minimize the use of paper to reduce costs and carbon footprint while at the same time increasing operating efficiencies and profitability. But just because a concept is simple doesn’t mean it’s easy to implement. And so for many, the dream of a paperless office continues to be just that…a dream.

Libraries 129

Libraries Paper Access IT 129

Security Affairs

NOVEMBER 2, 2019

A vulnerability affecting devices running Andoid 8 (Oreo) or later, tracked as CVE-2019-2114, could be exploited by hackers to infect them via NFC beaming. Google has recently released a patch to address a vulnerability affecting devices running Android 8 (Oreo) or later, tracked as CVE-2019-2114, that could be exploited to infect nearby phones via NFC beaming.

Security 193

Security IT Information Security 193

Data Breach Today

NOVEMBER 8, 2019

Sprawling computing environments - from cloud to containers to serverless - are posing challenges in maintaining visibility and determining if data is secure, says Mike Adler of RSA.

Cloud 162

Cloud Security 162

WIRED Threat Level

NOVEMBER 7, 2019

It's much harder than it should be to get your name off of data broker and people-search sites, but it's possible. .

Personal data 156

Personal data IT Privacy Security 156

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Weissman's World

NOVEMBER 5, 2019

ARMA InfoCon 2019 was an eye-opener, thanks in large part to a healthy injection of information governance into the proceedings. (Thanks, no doubt, to the merger of the Information Coalition with ARMA last year.) The detection of risk management as an overt emerging theme also set it apart from ARMA Conferences of recent vintage, which […]. The post So, what did I think of ARMA InfoCon 2019?

Information governance 120

Information governance Government Risk IT 120

Security Affairs

NOVEMBER 8, 2019

Microsoft is warning once again of more BlueKeep attacks that could deliver disruptive payloads and urges organizations to patch their systems. Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. The popular expert Kevin Beaumont observed some of its EternalPot RDP honeypots crashing after being attacked. huh, the EternalPot RDP honeypots have all started BSOD'ing

Honeypots 189

Honeypots Mining Analytics Ransomware 189

Data Breach Today

NOVEMBER 4, 2019

New Malware 'Messagetap' Intercepts Communications for Espionage, Researchers Say The Chinese advanced threat group APT41 is using a new espionage tool to intercept SMS messages from specific phone numbers by infecting mobile telecommunication networks, according to the security firm FireEye Mandiant.

Communications 162

Communications Security 162