Data Breach Today
AUGUST 20, 2020
Bug Bounty Pioneer Katie Moussouris on Challenges, Sustainability, Election Security To build a successful vulnerability disclosure program, avoid thinking of it as quick-fix "bug bounty Botox," and instead focus on building positive relationships with the security community, hiring top-notch talent and "building a sustainable ecosystem," says Luta Security's Katie Moussouris.
Krebs on Security
AUGUST 21, 2020
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “ vishing ” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pand
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
AUGUST 17, 2020
The amazing array of digital services we so blithely access on our smartphones wouldn’t exist without agile software development. Related: ‘Business logic’ hacks on the rise Consider that we began this century relying on the legacy “waterfall” software development process. This method required a linear plan, moving in one direction, that culminated in a beta deliverable by a hard and fast deadline.
Data Protector
AUGUST 17, 2020
Many privacy professionals will be shocked to learn that, in terms of safeguarding personal data flows from an EU to a non-EU country, in the absence of an adequacy decision, more is required than simply slipping the right set of SCCs into a vendor contract. The CEJU has clarified that one of the key tasks facing data exporters, when considering whether SCCs are appropriate, is to consider whether there is a conflict between the protections afforded by the SCCs and other local laws, particularly
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
AUGUST 20, 2020
Report: 9 Leaks Account for Exposure of PHI for at Least 150,000 Patients Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Security Affairs
AUGUST 21, 2020
Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb , researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen Group.
Data Protector
AUGUST 17, 2020
A number of commentators will assume that, should the UK not receive an adequacy assessment by the European Commission with regard to its data protection standards, a key reason will be the impact of the UK’s Investigatory Powers Act (IPA) which prescribes how UK public authorities obtain personal data for national security and law enforcement purposes.
Data Breach Today
AUGUST 18, 2020
SEC Filing Warns That Guest and Employee Data Likely Compromised Carnival Corp., the world's largest cruise ship company, is investigating a ransomware attack that likely compromised guest and employee data, according its filing with the SEC. It's the company's second security incident this year.
Krebs on Security
AUGUST 16, 2020
A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem. One of the 120 security holes Microsoft fixed on Aug. 11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
AUGUST 21, 2020
The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social and Behavioral Science [CSBS]).
Data Protector
AUGUST 17, 2020
One of the Government's core objectives throughout the Brexit negotiations has been to respect data protection rights, slash Brussels' red tape and allow the United Kingdom to be a competitive safe haven for businesses all over the world. With that in mind, how could the Government reduce its ties to the EU's 'data protection level playing field' while continuing to maintain a robust and effective data protection regime?
Data Breach Today
AUGUST 19, 2020
UK Claim Seeks Damages Under GDPR Over Long-Running Starwood Reservation System Hack Marriott faces a new class-action lawsuit, filed in Britain, over the breach of its Starwood guest reservation system. The breach ran from 2014 to 2018 - Marriott acquired Starwood in 2016 - and exposed personal information for an estimated 7 million customers in the U.K.
WIRED Threat Level
AUGUST 15, 2020
Plus: TikTok tracking, Russian SIMs, and more of this week's top security news.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
Security Affairs
AUGUST 19, 2020
Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance sectors.
Data Protector
AUGUST 17, 2020
Here we go again. The compulsory Sunday morning church services for all Anglicans at my boarding school served as an opportunity for The Reverend James Culross, (or Druid, as we boys affectionately called him), to churn out stuff from the Book of Common Prayer. It was stuff designed to cleanse our souls and provide us with helpful words of comfort, to prepare us for the horrors that would be inflicted upon each and every one of us during the school week ahead.
Data Breach Today
AUGUST 18, 2020
Coveware: Average Ransom Paid Jumps 60%; Sodinokibi, Maze, Phobos Dominate Ransomware gangs continue to see bigger payoffs from their ransom-paying victims, driven by "big-game hunting," data exfiltration and smaller players seeking larger returns, according to ransomware incident response firm Coveware.
WIRED Threat Level
AUGUST 15, 2020
Over the last few years, so-called jackpotting attacks have gotten increasingly sophisticated—while cash machines remain largely the same.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
AUGUST 17, 2020
The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. The hackers targeted the GCKey service with credential stuffing attacks, the service is used by some 30 federal departments and Canada Revenue Agency accounts.
Dark Reading
AUGUST 17, 2020
Like their counterparts who run legitimate businesses, cybercriminals need hosting and cybersecurity protection, too.
Data Breach Today
AUGUST 17, 2020
Luxury London Hotel Investigates 'Food and Beverage Reservation System' Data Breach Scammers have reportedly been putting one over on customers of the famous Ritz London, which says it is "aware of a potential data breach within our food and beverage reservation system, which may have compromised some of our clients' personal data." No payment card data was exposed, it says.
WIRED Threat Level
AUGUST 18, 2020
“Phone spear phishing” attacks have been on the rise since a bitcoin scam took over the social media platform in July.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Security Affairs
AUGUST 15, 2020
A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The first zero-day issue is used to steal cookies via a flaw in the behavior of Data Vaults , while the second one is used to abuse the development version of Safari.
Dark Reading
AUGUST 18, 2020
Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June.
Data Breach Today
AUGUST 20, 2020
Suspected Fraudsters Targeted Santander Bank Branches in 3 States Dozens of suspects have reportedly been arrested in connection with an ATM cash-out scheme that targeted Santander Bank branches in New Jersey, New York and Connecticut.
WIRED Threat Level
AUGUST 20, 2020
The scheme involved 7,000 $94 toothbrushes, according to law enforcement.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
AUGUST 15, 2020
Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Threat actors claim to have exfiltrated 1TB of confidential data and plan to put it up for auction the most sensitive info and leak the rest.
Dark Reading
AUGUST 21, 2020
Researchers advise Amazon Web Services users running Community Amazon Machine Images to verify them for potentially malicious code.
Data Breach Today
AUGUST 21, 2020
Joe Sullivan Accused of Making 'Hush Money' Bitcoin Payoff to Hackers The U.S. Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers.
Expert insights. Personalized for you.
364 
Let's personalize your content