Krebs on Security

NOVEMBER 13, 2018

If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers. For nearly 10 years, Portland, Ore. resident Julie Randall posted pictures for her photography business at julierandallphotos-dot-com , and used an email address at that domain to

Sales 220

Sales Access Passwords Communications 220

Troy Hunt

NOVEMBER 14, 2018

Last week I wrote a couple of different pieces on passwords, firstly about why we're going to be stuck with them for a long time yet and then secondly, about how we all bear some responsibility for making good password choices. A few people took some of the points I made in those posts as being contentious, although on reflection I suspect it was more a case of lamenting that we shouldn't be in a position where we're still dependent on passwords and people needing to understand good password man

Passwords 102

Passwords Authentication Phishing Access 102

Schneier on Security

NOVEMBER 13, 2018

Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ -- from toys to lightbulbs to major appliances­ -- to the internet at breakneck speeds. This is the Internet of Things, and it's a security nightmare. The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon's Alexa, which not only answers questions and plays music but allows you to control your home's lights and thermostat.

IoT 92

IoT Security Manufacturing Marketing 92

Data Breach Today

NOVEMBER 13, 2018

Card-Scraping Code Has Infiltrated Over 100,000 E-Commerce Sites Over the past year, there's been a surge in so-called Magecart attacks, involving payment card data being stolen from e-commerce sites via injected attack code. Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting.

225

225

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

NOVEMBER 14, 2018

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player , Acrobat and Reader users. As per usual, most of the critical flaws — those that can be exploited by malware or miscreants without any help from users — reside in Microsoft’s Web browsers Edge and Internet Explorer.

Encryption 212

Encryption Passwords Security IT 212

Weissman's World

NOVEMBER 15, 2018

Information capture has come a long way, baby! From stuffing paper through a scanner to taking pictures in the literal blink of an eye, it’s so much more than what we grew up with. Here, the illustrious Bob Larrivee and I talk about the “latest-and-greatest” in the world of capture, and the need to update […]. The post Speaking Of: (Not Your Father’s) Capture appeared first on Holly Group.

Information capture 120

Information capture Paper Information governance Government 120

Data Breach Today

NOVEMBER 15, 2018

Former Taxi Driver Receives Conditional Release From Prison in Romania The notorious Romanian hacker known as Guccifer, who revealed the existence of Hillary Clinton's private email server and admitted to hacking numerous email and social media accounts, has reportedly been extradited from Romania to begin serving his 52-month U.S. prison sentence.

228

228

AIIM

NOVEMBER 13, 2018

Social media marketing is a great way to help launch your startup. It’s cheap and effective -- if you have a strategy. Where do you start? How do you attract customers through platforms like Twitter and Instagram? This guide will help you answer these questions and more. Here are 8 essential tips to help your social media marketing efforts: 1. Do your market research.

Marketing 125

Marketing Communications IT 125

The Last Watchdog

NOVEMBER 13, 2018

Cyber criminals are deploying the very latest in automated weaponry, namely botnets, to financially plunder corporate networks. The attackers have a vast, pliable attack surface to bombard: essentially all of the externally-facing web apps, mobile apps and API services that organizations are increasingly embracing, in order to stay in step with digital transformation.

Security 140

Security Digital transformation B2C Cloud 140

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

IT Governance

NOVEMBER 16, 2018

Comprehensive BCM (business continuity management) measures are essential for responding effectively to a disruption and providing a minimum acceptable service during a disaster. A crucial aspect of BCM is the development of an effective BCP (business continuity plan). What is a business continuity plan? A BCP consists of the processes and procedures an organisation needs in order to continue operating during a disaster and recover as quickly as possible.

Communications 108

Communications Risk Government Access 108

Data Breach Today

NOVEMBER 16, 2018

States Shouldn't Serve Up on a Platter Voters' Email Addresses and Phone Numbers Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible.

Privacy 232

Privacy Personal data IT 232

AIIM

NOVEMBER 13, 2018

Social media marketing is a great way to help launch your startup. It’s cheap and effective -- if you have a strategy. Where do you start? How do you attract customers through platforms like Twitter and Instagram? This guide will help you answer these questions and more. Here are 8 essential tips to help your social media marketing efforts: 1. Do your market research.

Marketing 111

Marketing Communications IT 111

The Last Watchdog

NOVEMBER 12, 2018

A security-first mindset is beginning to seep into the ground floor of the IT departments of small and mid-sized companies across the land. Senior executives at these SMBs are finally acknowledging that a check-box approach to security isn’t enough, and that instilling a security mindset pervasively throughout their IT departments has become the ground stakes.

IT 133

IT Security Cybersecurity Privacy 133

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

NOVEMBER 10, 2018

Nginx developers released security updates to address several denial-of-service (DoS) vulnerabilities affecting the nginx web server. nginx is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, it is used by 25.28% busiest sites in October 2018. Nginx development team released versions 1.15.6 and 1.14.1 to address two HTTP/2 implementation vulnerabilities that can cause a DoS condition in Nginx versions 1.9.5 through 1.15.5.

Security 112

Security IT 112

Data Breach Today

NOVEMBER 16, 2018

Free Decryptor Combats 'Aggressive' Ransomware-as-a-Service Provider A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.

Ransomware 195

Ransomware Marketing IT 195

Schneier on Security

NOVEMBER 15, 2018

A new study finds that credit card fraud has not declined since the introduction of chip cards in the US. The majority of stolen card information comes from hacked point-of-sale terminals. The reasons seem to be twofold. One, the US uses chip-and-signature instead of chip-and-PIN, obviating the most critical security benefit of the chip. And two, US merchants still accept magnetic stripe cards, meaning that thieves can steal credentials from a chip card and create a working cloned mag stripe car

Sales 104

Sales Security 104

AIIM

NOVEMBER 14, 2018

Disruptive Technologies are changing existing landscapes. Technology has had a profound impact on the business world. Simply walk into any business, no matter the size, and you will see the prolific adoption of technology. Digital project boards, virtual teams scattered across the globe; are all indicators of business reliance on this “fourth industrial revolution.

Artificial Intelligence 80

Artificial Intelligence Agriculture IT IoT 80

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

NOVEMBER 10, 2018

North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan , that was used by the Lazarus APT Group , in a string of attacks against ATMs. The ATP group has been using this malware at least since 2016 to siphon millions of dollars from ATMs of small and midsize banks in Asia and Africa.

Ransomware 111

Ransomware Security IT 111

Data Breach Today

NOVEMBER 16, 2018

Altus Baytown Hospital Among Latest Healthcare Cyberattack Victims An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector?

Ransomware 203

Ransomware Data breaches 203

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. This article explains what those roles involve and helps you understand if you are a controller, processor or both. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised.

GDPR 96

GDPR Retail Data collection Personal data 96

Data Matters

NOVEMBER 13, 2018

European Digital Rights (EDRi), a digital user rights non-for-profit organisation, on 25 October 2018, launched an online platform, ‘ GDPR Today ’. In its first edition of the GDPR Today , the EDRi published statistics collected from eight EU Member States (France, Germany, Ireland, Italy, Poland, Romania, Sweden and the United Kingdom). The statistics show that since the GDPR’s entry into force on 25 May 2018, data protection authorities (DPAs) have received thousands of complaints from EU indi

GDPR 87

GDPR Data breaches Privacy IT 87

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

NOVEMBER 16, 2018

Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper. Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. Microsoft Excel embedding macros or Microsoft Word with user actions (like links or external OLE objects) are the main players in this “Office Dropping Arena” When I figured out that a Microsoft Powerpoint was used to drop and to execute a Malicious payload I

Computer and Electronics 111

Computer and Electronics File names Security IT 111

Data Breach Today

NOVEMBER 14, 2018

Breach Exposed Social Security Numbers, Birthdates, Salaries, Bank Account Data The department store chain Nordstrom says it doesn't believe that employees' personal and financial data, which was exposed in an October data breach due to a contractor's error, has been misused. The retailer says the breach exposed no customer data.

Retail 186

Retail Data breaches Security IT 186

WIRED Threat Level

NOVEMBER 16, 2018

When we're being watched, we conform. We don't speak freely or try new things. But social progress happens in the gap between what’s legal and what’s moral.

Security 104

Security 104

IT Governance

NOVEMBER 16, 2018

Last month, cross-Channel rail service Eurostar discovered that it had suffered a hacking attempt between 15 and 19 October 2018. However, unlike other players in the travel industry that recently suffered breaches, such as BA and Cathay Pacific , Eurostar has emerged relatively unscathed. Once Eurostar realised it had suffered a data breach, it: Identified the timing and the scale of the breach; Blocked access; Emailed customers alerting them to the situation and advising them to reset password

Data breaches 93

Data breaches Passwords GDPR Access 93

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

NOVEMBER 15, 2018

Group-IB has detected massive campaigns targeting Russian financial institutions posing as the Central Bank of Russia. The emails were disguised to look as if they come from the Central Bank of Russia and FinCERT, the Financial Sector Computer Emergency Response Team. Group-IB experts have discovered that the attack on 15 November could have been carried out by the hacker group Silence , and the one on 23 October by MoneyTaker.

Phishing 111

Phishing Computer and Electronics Data collection Security 111

Data Breach Today

NOVEMBER 14, 2018

Bill Creating Cybersecurity and Infrastructure Security Agency Awaits President's Signature The United States will soon officially have a single agency that takes the lead role for cybersecurity. The new Cybersecurity and Infrastructure Security Agency will have the same stature as other units within DHS.

Cybersecurity 198

Cybersecurity Security 198

Dark Reading

NOVEMBER 15, 2018

Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.

Cybersecurity 97

Cybersecurity Education 97