Data Breach Today
NOVEMBER 10, 2020
Investigators Find Encryption, Monitoring, Logging and Whitelisting Failures Inadequate database and privileged account monitoring, incomplete multi-factor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.
Krebs on Security
NOVEMBER 10, 2020
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. On the evening of Monday, Nov. 9, an ad campaign apparently taken out by the Ragnar Locker Team began appearing on Facebook.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
NOVEMBER 11, 2020
Employees are often your first line of security defense when the bad guys come calling -- providing your workers are properly trained. Security leaders share how they're raising awareness.
The Last Watchdog
NOVEMBER 9, 2020
The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. Related: Companies sustain damage from IoT attacks That was back in 1982. Since then, IoT devices have become widely and deeply integrated into our homes, businesses, utilities and transportations systems.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
NOVEMBER 12, 2020
WildWorks Data Breach Shows Danger of Sharing Sensitive Keys Over Chat Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Protector
NOVEMBER 9, 2020
The EU’s draft Data Governance Act is designed to facilitate the greater sharing of non-Personal data within the EU. Such big data ought to provide new insights and benefit the lives of EU citizens, the EU thinking goes. The Act is also designed to prevent access and use by non-EU based data intermediaries such as those that may be established in the UK, or elsewhere in the world.
AIIM
NOVEMBER 12, 2020
Here at AIIM, we believe that information is a business asset. Your information has the potential to help you digitally transform and understand, anticipate, and redefine experiences for your customers. But, information is a different type of asset. An asset like money is much more straight-forward because it’s easy to see its value and easy to understand.
Data Breach Today
NOVEMBER 9, 2020
Attackers Exploit a Vulnerability in Asterisk VoIP PBX Servers Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system.
Krebs on Security
NOVEMBER 10, 2020
Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.
Advertisement
Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?
The Last Watchdog
NOVEMBER 11, 2020
As a tradeoff for enjoying our digital lives, we’ve learned to live with password overload and even tolerate two-factor authentication. But now, at long last, we’re on the brink of eliminating passwords altogether, once and for all. Related: CEOs quit Tweeting to protect their companies A confluence of technical and social developments points to username-and-password logons becoming obsolete over the next few years.
AIIM
NOVEMBER 10, 2020
In times of social distancing and remote work, email has become one of the primary communication lines for businesses. In fact, the average American user receives around 126 emails on a normal day. However, with so much activity going on, it’s no secret that inboxes can become cluttered quite easily. If you want to be efficient when it comes to your incoming emails and replies, here are some things you can do: 1) Limit How Often You Check Email.
Data Breach Today
NOVEMBER 13, 2020
Microsoft Says Attacks on Seven Companies Blocked Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says.
Security Affairs
NOVEMBER 10, 2020
Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and businesses in using videoconferencing solutions, and threat actors are attempting to exploit this scenario.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Schneier on Security
NOVEMBER 10, 2020
Over at Lawfare: “ 2020 Is An Election Security Success Story (So Far).” What’s more, the voting itself was remarkably smooth. It was only a few months ago that professionals and analysts who monitor election administration were alarmed at how badly unprepared the country was for voting during a pandemic. Some of the primaries were disasters.
IT Governance
NOVEMBER 13, 2020
Cyber attackers have been increasingly turning their attention to MSPs (managed service providers) in recent years, with devastating results. MSPs often work with dozens, if not hundreds, of organisations – so a single vulnerability can have far-reaching consequences. You don’t need to look any further than the ongoing damage at Blackbaud for evidence.
Data Breach Today
NOVEMBER 11, 2020
Experts Say Cybersecurity Will Be a Higher Priority Cybersecurity is poised to become a higher White House priority when President-elect Joe Biden takes office. And he's expected to renew key international relationships needed in the fight against cyberattacks.
Security Affairs
NOVEMBER 9, 2020
Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars.
Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage
When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.
Schneier on Security
NOVEMBER 12, 2020
Apple will start requiring standardized privacy labels for apps in its app store, starting in December: Apple allows data disclosure to be optional if all of the following conditions apply: if it’s not used for tracking, advertising or marketing; if it’s not shared with a data broker; if collection is infrequent, unrelated to the app’s primary function, and optional; and if the user chooses to provide the data in conjunction with clear disclosure, the user’s name or accou
WIRED Threat Level
NOVEMBER 13, 2020
Last fall, a hacker gave Glenn Greenwald a trove of damning messages between Brazil’s leaders. Some suspected the Russians. The truth was far less boring.
Data Breach Today
NOVEMBER 9, 2020
HHS Issues 10th 'Right of Access' Settlement; Will Such Actions Continue? The Department of Health and Human Services last week issued its 10th settlement involving a HIPAA "right of access" case since launching its patient records access initiative last year. But how might HIPAA enforcement priorities at HHS' Office for Civil Rights change under a Biden administration?
Security Affairs
NOVEMBER 12, 2020
Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700 , which is a management suite widely used in restaurant and hospitality sectors.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Schneier on Security
NOVEMBER 13, 2020
It seems that this election season has not gone without fraud. In New Zealand, a vote for “Bird of the Year” has been marred by fraudulent votes : More than 1,500 fraudulent votes were cast in the early hours of Monday in the country’s annual bird election, briefly pushing the Little-Spotted Kiwi to the top of the leaderboard, organizers and environmental organization Forest & Bird announced Tuesday.
Threatpost
NOVEMBER 9, 2020
A cloud misconfiguration affecting users of a popular reservation platform threatens travelers with identity theft, scams, credit-card fraud and vacation-stealing.
Data Breach Today
NOVEMBER 9, 2020
Kaspersky: Malware Goes Beyond Windows Devices Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that until now had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months.
Security Affairs
NOVEMBER 9, 2020
The e-commerce software platform X-Cart suffered a ransomware attack at the end of October, e-stores hosted by the company went down. At the end of October, the e-commerce software platform X-Cart suffered a ransomware attack, the infection brought down customers’ e-stores hosted by the company on its platform. The software and services company X-Cart was recently acquired by Seller Labs, the premier software and services provider for Amazon sellers and brands.
Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL
Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.
erwin
NOVEMBER 13, 2020
The business challenges facing organizations today emphasize the value of enterprise architecture (EA) , so the future of EA is closer than you think. Are you ready for it? See also: What Is Enterprise Architecture? . COVID-19 has forced organizations around the globe to re-examine or reimagine themselves. However, even in “normal times,” business leaders need to understand how to grow, bring new products to market through organic growth or acquisition, identify new trends and opportunities, de
Schneier on Security
NOVEMBER 13, 2020
Earlier this year, I announced that I had joined Inrupt , the company commercializing Tim Berners-Lee’s Solid specification : The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things — your computer, your phone, your IoT whatever — is written to your pod.
Data Breach Today
NOVEMBER 9, 2020
Agency Requires Comprehensive Security Program As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S. Federal Trade Commission is requiring the video conferencing provider to implement and maintain a comprehensive security program within the next 60 days.
Expert insights. Personalized for you.
363 
Let's personalize your content