The Last Watchdog

FEBRUARY 3, 2022

I currently have over 450 accounts that use passwords combined with a variety of two-factor authentication methods. Related: How the Fido Alliance enables password-less authentication. I don’t know every password; indeed, each password is long, complex and unique. In effect, my passwords are now “keys” — and I must authenticate across many accounts, multiple times per day, on a variety of device platforms.

Authentication 235

Authentication Blockchain Passwords Access 235

Dark Reading

JANUARY 31, 2022

The cybercriminals behind the malware claim to have compromised more than a dozen companies; they have aggressively outed victims and purportedly paid a significant share of ransoms back to affiliates.

Ransomware 77

Ransomware 77

Krebs on Security

FEBRUARY 3, 2022

If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such as phishing pages that mimic top online brands (but chiefly Linkedin’s parent firm Microsoft ).

Phishing 347

Phishing Marketing Access IT 347

WIRED Threat Level

FEBRUARY 2, 2022

Disappointed with the lack of US response to the Hermit Kingdom's attacks against US security researchers, one hacker took matters into his own hands.

IT 145

IT Security 145

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

JANUARY 31, 2022

We all rely on passwords. For better or worse, we will continue to use passwords to access our computing devices and digital services for years to come. Related : The coming of password-less access. Passwords were static to begin with. They have since been modified in two directions: biometrics and dynamic passwords. Here is an overview of the passwords we’re now using – and their respective security limitations: Static passwords.

Passwords 232

Passwords e-Delivery Computer and Electronics Artificial Intelligence 232

Krebs on Security

JANUARY 29, 2022

Several articles here have delved into the history of John Bernard , the pseudonym used by a fake billionaire technology investor who tricked dozens of startups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian company hoping to build a fleet of environmentally friendly shipping vessels — is now embroiled in a lawsuit over a deal gone bad, in which Bernard falsely claimed to have secured $100 million from six other wealthy investors, including t

IT 301

IT Security 301

IT Governance

FEBRUARY 3, 2022

ISO 9001 is the international standard that describes best practices for a QMS (quality management system). It contains seven principles that help organisations monitor and control their operations, while also benchmarking their performance and service. Adopting a QMS is no easy feat, requiring you to rethink the way your business operates and what your strategic goals are.

Compliance 135

Compliance Government IT Security 135

Security Affairs

FEBRUARY 4, 2022

Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact centers and back office processing; meetings and incentives management; and exhibits and displays production.

Ransomware 133

Ransomware Business Services Data breaches Insurance 133

Schneier on Security

FEBRUARY 4, 2022

Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition.

IT 132

IT Privacy Cloud Security 132

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Hunton Privacy

JANUARY 31, 2022

On January 28, 2022, California Attorney General Rob Bonta published a statement regarding recent investigations conducted by the California Office of Attorney General (“AG”) with respect to businesses operating loyalty programs and their compliance with the California Consumer Privacy Act’s (“CCPA’s”) financial incentive requirements. As a result of the investigations, the AG’s Office sent non-compliance notices to major corporations across multiple sectors, including retail, food services, tra

Compliance 124

Compliance Retail Data collection Privacy 124

IT Governance

FEBRUARY 1, 2022

If there was any belief that 2022 would see a sudden improvement in the cyber security landscape, our first list data breaches and cyber attacks of the year should end that hope. We discovered 95 security incidents in January, resulting in 65,984,648 compromised records. You can find the full list of data breaches below, with incidents affecting UK organisations listed in bold.

Data breaches 132

Data breaches Ransomware Phishing Retail 132

Security Affairs

FEBRUARY 3, 2022

A cyber attack hit the oil terminals of some of the biggest European ports impacting their operations. Some of the major oil terminals in Western Europe’s biggest ports have been targeted with a cyberattack. Threat actors have hit multiple oil facilities in Belgium’s ports, including Antwerp, which is the second biggest port in Europe after Rotterdam.

Security 127

Security Cybersecurity Information Security 127

Jamf

FEBRUARY 1, 2022

Ever thought about presenting at JNUC? We’d love to hear your tech success story at the 2022 conference in San Diego.

122

122

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

eSecurity Planet

FEBRUARY 2, 2022

Tens of thousands of applications that are critical to the operations of data centers around the globe are exposed to the internet, with many secured with default factory passwords, posing a significant cyber risk to enterprises worldwide. Researchers with cybersecurity firm Cyble this week said that along with the public-facing data center infrastructure management (DCIM) software, they also found intelligent monitoring devices, thermal cooling management and power monitors for racks vulnerable

Passwords 121

Passwords Marketing Risk Cybersecurity 121

Data Matters

FEBRUARY 4, 2022

On 28 January 2022, the UK Government Department for Digital, Culture, Media & Sport ( DCMS ) laid before the UK Parliament its International Data Transfer Agreement ( IDTA ) and International Data Transfer Addendum ( UK Addendum ) to the European Commission’s Standard Contractual Clauses ( EU SCCs ). If no objections are raised by the UK Parliament, the IDTA and the UK Addendum will come into force on 21 March 2022.

GDPR 120

GDPR Personal data IT Compliance 120

Security Affairs

FEBRUARY 3, 2022

Six years ago the Powerful Greek Army (PGA) appeared in the threat landscape. After a long breach the hacker collective is back. I have interviewed them in exclusive … enjoy it! Tell me about your hacker team, which is the motivation behind the attacks? We have many motivations and reasons. First of all, we started by selecting random targets from different countries, not just Greece, Greece was only at the back of our minds.

Education 125

Education Ransomware Government Access 125

IBM Big Data Hub

FEBRUARY 4, 2022

The phrase ‘data is the new oil’ has been widely used in the last number of years, but in an unrefined state, it has limited use. ISO 20022 is refined and provides the necessary structure to efficiently drive multiple engines in a bank. Background on ISO 20022. ISO 20022 was first introduced in 2004 to provide more standardization and deliver richer information for Financial Services transactions.

Artificial Intelligence 119

Artificial Intelligence Financial Services Analytics Marketing 119

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

OpenText Information Management

JANUARY 31, 2022

Many EU government agencies have invested substantially in cloud computing initiatives to boost the adoption of cloud solutions. The rising demand to personalize customer interactions with customer data has driven the demand for SaaS solutions, further enticing enterprises to move to the cloud. The Europe Cloud Computing Market? size exceeded USD 35 billion in 2020 … The post Europe invests in cloud computing, yet compliance is a barrier appeared first on OpenText Blogs.

Compliance 119

Compliance Cloud Marketing Government 119

Troy Hunt

JANUARY 29, 2022

Well, true to my opening dialogue, this was a monotopical weekly update (and yeah, apparently that's a word ). The Azure bill story got a huge amount of traction this week and there are many interesting angles to it that I didn't fully cover in the original blog post. And incidentally, yep, there's a little background hiss on this video.

Compliance 23

Compliance IT 23

Security Affairs

JANUARY 29, 2022

The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal Communications Commission (FCC) has revoked the license for China Unicom Americas over “serious national security concerns.” China Unicom is the world’s sixth-largest mobile service provider by subscriber base.

Risk 125

Risk Security Communications Government 125

Schneier on Security

FEBRUARY 3, 2022

MIT Technology Review published an interview with Gil Herrera, the new head of the NSA’s Research Directorate. There’s a lot of talk about quantum computing, monitoring 5G networks, and the problems of big data: The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data.

Big data 115

Big data Data science Mining Access 115

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Dark Reading

JANUARY 31, 2022

How best to integrate privacy into your organization's security program.

Privacy 114

Privacy Security 114

Hunton Privacy

FEBRUARY 3, 2022

On February 2, 2022, the Litigation Chamber of the Belgian Data Protection Authority (the “Belgian DPA”) imposed a €250,000 fine against the Interactive Advertising Bureau Europe (“IAB Europe”) for several alleged infringements of the EU General Data Protection Regulation (the “GDPR”), following an investigation into IAB Europe Transparency and Consent Framework (“TCF”).

GDPR 111

GDPR Personal data Marketing IT 111

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems.

Ransomware 123

Ransomware Encryption Blockchain Security 123

Schneier on Security

FEBRUARY 2, 2022

The Open Source Security Foundation announced $10 million in funding from a pool of tech and financial companies, including $5 million from Microsoft and Google, to find vulnerabilities in open source projects: The “Alpha” side will emphasize vulnerability testing by hand in the most popular open-source projects, developing close working relationships with a handful of the top 200 projects for testing each year. “Omega” will look more at the broader landscape of open sour

Security 112

Security IT 112

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Dark Reading

FEBRUARY 4, 2022

Phishing, smishing, and business email compromise continue to do their dirty work.

Data breaches 112

Data breaches Phishing 112

WIRED Threat Level

FEBRUARY 2, 2022

China’s Winter Games are overshadowed by human rights problems and overreaching state surveillance.

Security 104

Security 104

Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model. Unlike other ransomware operations, Sugar ransomware appears to primarily focus on individual computers instead of entire enterprises.

Ransomware 117

Ransomware Retail Libraries Encryption 117