Thales Cloud Protection & Licensing

NOVEMBER 14, 2019

In the modern era of a global information economy, every single day, enormous amounts of information are transmitted, stored and collected worldwide. All these transactions are made possible by the massive technological advancements in our computing and networking capabilities that have materialized in recent years. These technological advancements not only changed the landscape of our global online, social, economic and financial endeavors but also brought numerous changes in privacy and data p

GDPR 110

GDPR Privacy Personal data Compliance 110

Data Breach Today

NOVEMBER 15, 2019

Bribing Employees Easier Than Hacking Silicon Valley, Security Experts Say Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.

Security 197

Security 197

IT Governance

NOVEMBER 13, 2019

Cyber security awareness training is one of the most important steps an organisation can take to protect its systems. Sure, you need anti-malware tech and firewalls to prevent cyber attacks, and you definitely need to back up sensitive files in case they’re lost or stolen, but who handles all that information? Your staff. And if they don’t know what they should be doing, all your other defences will be for nothing.

IT 54

IT Security Data breaches Passwords 54

Krebs on Security

NOVEMBER 11, 2019

Orvis , a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned.

Retail 211

Retail Passwords Data breaches Security 211

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

NOVEMBER 12, 2019

There’s little doubt that the shift to quantum computing will open new horizons of digital commerce. But it’s also plain as day that the mainstreaming of quantum processing power will profoundly exacerbate cybersecurity exposures. Related: The ‘post quantum crytpo’ race is on This isn’t coming as any surprise to IT department heads. In fact, there’s widespread recognition in corporate circles that the planning to address fresh cyber risks associated with quantum computing should hav

Encryption 164

Encryption Cloud Cybersecurity IoT 164

AIIM

NOVEMBER 12, 2019

According to the 2019 IDC study of spending on Artificial Intelligence (AI), it's estimated to reach $35.8 billion in 2019 and is expected to double by 2022 to $ 79.2 billion representing an annual growth rate of 38% for the period 2018-2022. The economic benefits and utility of AI technologies are clear and compelling. No doubt, applications of AI may address some of the most vexing social challenges such as health, the environment, economic empowerment, education, and infrastructure.

Artificial Intelligence 114

Artificial Intelligence Computer and Electronics Communications Manufacturing 114

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme. An advertisement for Orcus RAT.

Marketing 209

Marketing Systems administration Sales Passwords 209

Security Affairs

NOVEMBER 12, 2019

New problems for Facebook, it seems that the social networking giant is secretly using the camera while iPhone users are scrolling their feed. Is this another privacy issue for Facebook? The iPhone users Joshua Maddux speculates that Facebook might be actively using your camera without your knowledge while you’re scrolling your feed. Maddux published footage on Twitter that shows the camera o n his iPhone that is active while he scrolls through his feed.

Privacy 112

Privacy Access Security IT 112

Data Breach Today

NOVEMBER 11, 2019

Software Giant Says Exploits Could Expand Beyond Cryptomining Now that security researchers have located the first exploits that take advantage of the BlueKeep vulnerability in Windows, Microsoft is warning users to apply patches the company issued for this flaw before more dangerous exploits merge.

Security 214

Security 214

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

WIRED Threat Level

NOVEMBER 15, 2019

The dozens of flaws across 29 Android smartphone makers show just how insecure the devices can be, even brand-new.

Security 109

Security 109

Krebs on Security

NOVEMBER 12, 2019

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and programs that run on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

Security 27

Security IT 27

Security Affairs

NOVEMBER 10, 2019

Experts believe Artificial intelligence (AI) could introduce new cybersecurity concerns, and that the upcoming 5G network could pose new risks as well. Information Risk Management (IRM) recently published its 2019 Risky Business Report. The document shows the results of polling decision-makers in the cybersecurity and risk management sectors to get their expert opinions on things like the changing threat landscape, corporate decision-making about cybersecurity and other pertinent topics.

Cybersecurity 111

Cybersecurity Risk Artificial Intelligence Education 111

Data Breach Today

NOVEMBER 13, 2019

Study Recommends Federal Certification Program for Vendors Providing Election Infrastructure A new report calls for the creation of a federal certification program that makes sure vendors that build election infrastructure - including voting machines - meet cybersecurity standards.

Cybersecurity 210

Cybersecurity 210

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

NOVEMBER 15, 2019

From the 2017 French election to the Olympics to NotPetya, the same group's fingerprints have appeared again and again.

Security 109

Security 109

Data Protection Report

NOVEMBER 12, 2019

On October 30, 2019 the Berlin Commissioner for Data Protection and Freedom of Information ( Berliner Beauftragte für Datenschutz und Informationsfreiheit – Berlin DPA ) issued a €14.5 million fine on a German real estate company, die Deutsche Wohnen SE ( Deutsche Wohnen ), the highest German GDPR fine to date. The infraction related to the over retention of personal data.

GDPR 106

GDPR Personal data Records Management Archiving 106

Security Affairs

NOVEMBER 12, 2019

On S unday , the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos (Pemex) taking down part of its network. The ransom amount for Pemex is 565 BTC currently… Also, DoppelPaymer's TOR site's text was updated sometimes & now have this: "Also, we have gathered all your private sensitive data.

Ransomware 111

Ransomware Government Security IT 111

Data Breach Today

NOVEMBER 11, 2019

White House Describes Framework for Notifying Public of 2020 Election Interference The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released.

200

200

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

NOVEMBER 13, 2019

The repercussions over custody and extradition of Aleksei Burkov have set off a geopolitical maelstrom.

Security 97

Security 97

Dark Reading

NOVEMBER 14, 2019

Seven chief information security officers share their pain points and two-year spending plans.

Cybersecurity 95

Cybersecurity Information Security Security 95

Security Affairs

NOVEMBER 11, 2019

Crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards during the last week of October. Bug bounty program could represent an excellent opportunity to monetize your passion, in just one week crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards at the end of October. Bugcrowd is used by many enterprises, it allows them to manage bug bounty programs, penetration testing, and vulnerability disclosure.

Security 110

Security IT Information Security 110

Data Breach Today

NOVEMBER 14, 2019

State-Owned Pemex Still Recovering From Attack Pemex, Mexico's state-run oil company, is refusing to pay attackers a $5 million ransom after a ransomware attack against the firm's administrative offices, according to news reports. The company is still attempting to recover.

Ransomware 199

Ransomware 199

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

NOVEMBER 12, 2019

The Wall Street Journal has a story about how two people were identified as the perpetrators of a ransomware scheme. They were found because -- as generally happens -- they made mistakes covering their tracks. They were investigated because they had the bad luck of locking up Washington, DC's video surveillance cameras a week before the 2017 inauguration.

Ransomware 94

Ransomware 94

ARMA International

NOVEMBER 15, 2019

This article is part of a collaboration between ARMA and AIEF and is included in Information Management Magazine, ARMA-AIEF Special Edition , which will be available for download in November. A printed version of the special issue will be available as well, for a nominal fee. Documentation the Emblem of Modern Society? Documentation is a central feature of the contemporary world.

Information governance 93

Information governance Government Libraries Paper 93

Security Affairs

NOVEMBER 15, 2019

Sergiy P. , the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P. Usatyuk , a man that was operating several DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. DDoS-for-hire services , aka stressers or booters , allows crooks to launch large scale DDoS attacks by paying a subscription fee. “An Orland Park, Illinois, resident was sentenced yeste

Computer and Electronics 110

Computer and Electronics Government Security Access 110

Data Breach Today

NOVEMBER 13, 2019

DoJ Says Aleksey Burkov, Who Was Extradited This Week, Ran 'Cardplanet' Site The U.S. Justice Department Tuesday unsealed an indictment charging Russian national Aleksey Burkov with running an underground site called "Cardplanet" that acted as a clearinghouse for stolen payment card data. Burkov arrived in the U.S. Tuesday after being extradited by Israel.

191

191

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Dark Reading

NOVEMBER 14, 2019

Well-known Trojans Emotet and Trickbot are cybercriminals' favorite weapons in their campaigns.

92

92

Schneier on Security

NOVEMBER 15, 2019

Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks , by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we per-form a black-box timing analysis of TPM 2.0 devices deployed on commodity computers.

Authentication 91

Authentication Manufacturing 91

Security Affairs

NOVEMBER 11, 2019

Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month. Researchers from Radware are warning of a wave of TCP SYN-ACK DDoS reflection attacks that in the last 30 days hit Amazon, SoftLayer and telecom infrastructure. “Over the last 30 days, Radware has observed a number of criminal campaigns that have been abusing the TCP implementation by performing TCP reflection attacks against large corporati

Security 110

Security 110