Security Affairs

OCTOBER 10, 2018

Hackers can compromise your WhatsApp account by tricking you into answering a video call, the company fixed the flaw in September. WhatsApp has addressed a vulnerability in the mobile applications that could have been exploited by attackers to crash victims instant messaging app simply by placing a call. The vulnerability is a memory heap overflow issue that was discovered by Google Project Zero white hat hacker Natalie Silvanovich in August.

Security 104

Security IT Privacy 104

The Last Watchdog

OCTOBER 8, 2018

“May you live in interesting times.” The old Chinese proverb–some consider it a blessing and others a curse–certainly describes the modern-day cyber landscape. Related: 7 attacks that put us at the brink of cyber war. In today’s geopolitical terrain, nation-state backed cyber criminals are widening their targets and starting to zero in on their adversaries’ business and industrial sectors, using more and more sophisticated weaponry to do so.

Military 147

Military Healthcare Phishing Security 147

Adam Levin

OCTOBER 8, 2018

Amazon revealed a breach of customer data last week, but it wasn’t a data breach of the usual variety. Rather than falling prey to a cyberattack or having hackers exploit unsecured code, customer emailed addresses were leaked by an employee to an online reseller in exchange for money. What you need to know: 1.) A crime was committed, and 2.) It still counts as a data compromise.

Sales 83

Sales Data breaches Access IT 83

Adam Levin

OCTOBER 10, 2018

High-profile Instagram accounts are being targeted by ransomware attacks and phishing schemes, with evidence suggesting that many account holders are paying the attackers. According to a Motherboard report, hackers are infiltrating and gaining access to Instagram accounts by posing as representatives from branding giants to purport a proposed partnership with the victim.

Ransomware 78

Ransomware Phishing Authentication Access 78

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

OCTOBER 12, 2018

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We talked at length about many issues, including supply chain security, and I asked Sager whether he’d heard anything about rumors that Supermicro — a high tech firm in San Jose, Calif. — had allegedly inserted hardware backdoors in technology s

Security 210

Security Computer and Electronics IoT Cloud 210

AIIM

OCTOBER 9, 2018

The venerable template allows structured form data to be accurately extracted. In the document capture industry , the concept of templates where you specify the location of each data element is a tried-and-true strategy for structured forms. If the form is standardized, giving the software the precise place to look for data will almost always result in better performance over alternatives such as rules-based approaches using keywords or patterns.

Unstructured data 100

Unstructured data Marketing Digital transformation IT 100

IT Governance

OCTOBER 8, 2018

There are few things organisations fear more than data breaches. They cause immediate delays, cost money to put right and could lead to long-term reputational damage. The stakes were raised with the introduction of the EU GDPR (General Data Protection Regulation) in May 2018. It outlines the best practices for preventing a data breach and has been widely publicised – as has the potential to levy large fines against non-compliant organisations.

Data breaches 104

Data breaches GDPR Information Security Risk 104

Krebs on Security

OCTOBER 9, 2018

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

Computer and Electronics 210

Computer and Electronics IoT Passwords Marketing 210

Data Breach Today

OCTOBER 12, 2018

FDA Announces 'Voluntary Recall' Related to Vulnerabilities The FDA has announced a "voluntary recall" by Medtronic of certain internet-connected programmers for implantable cardiac devices due to cybersecurity vulnerabilities. Some security experts are hopeful that this will serve as a wake-up call for more manufacturers to take action on addressing cybersecurity issues.

Manufacturing 185

Manufacturing Cybersecurity Security 185

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

AIIM

OCTOBER 12, 2018

Virtual reality has a truly astounding trajectory. The VR hardware and software market has already tripled in size in only two years. In a few short years, Statista predicts that the market size for virtual reality software and hardware will expand to over $40 billion. Only a decade ago, virtual reality seemed like a distant dream. Now it seems that VR is more than an outlet for escapism, entertainment, and media.

Marketing 91

Marketing Retail Education Communications 91

Security Affairs

OCTOBER 10, 2018

A Windows zero-day flaw addressed by Microsoft with its latest Patch Tuesday updates is exploited by an APT group in attacks aimed at entities in the Middle East. The Windows zero-day vulnerability tracked as CVE-2018-8453 is a privilege escalation flaw that was exploited by an APT group in attacks against entities in the Middle East. The flaw, tracked as CVE-2018-8453, affects the Win32k component of Windows handles objects in memory.

Authentication 111

Authentication Government Security Access 111

Krebs on Security

OCTOBER 11, 2018

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available. The zero-day bug — CVE-2018-8453 — affects Windows versions 7, 8.1, 10 and Server 2008, 2012, 2016 and 2019.

Security 200

Security Access IT 200

Data Breach Today

OCTOBER 12, 2018

30 Million Affected; 14 Million Had Extensive Information Exposed Facebook now says that 20 million fewer accounts were breached than it originally believed, but the attackers accessed extensive sensitive personal information on nearly half of those affected.

Data breaches 204

Data breaches Access IT 204

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

AIIM

OCTOBER 10, 2018

For me, "Artificial Intelligence" used to conjure up images of the latest Sci-Fi movie or things like the talking car KITT from the 80's TV show Knight Rider. It wasn't until fairly recently that I began to see this shift from Sci-Fi movie topic to business value. Techopedia defines Artificial intelligence (AI) as: An area of computer science that emphasizes the creation of intelligent machines that work and react like humans.

Artificial Intelligence 81

Artificial Intelligence Libraries Information governance Government 81

Security Affairs

OCTOBER 9, 2018

Security researchers who devised last year the Key Reinstallation Attack, aka KRACK attack, have disclosed new variants of the attack. Security researchers Mathy Vanhoef and Frank Piessens who devised last year the Key Reinstallation Attack against WPA, aka KRACK attack, have disclosed new variants of the attack. Last year, boffins discovered several key management flaws in the core of Wi-Fi Protected Access II (WPA2) protocol that could be exploited by an attacker to hack into Wi-Fi network

Paper 111

Paper Passwords Communications Encryption 111

Dark Reading

OCTOBER 12, 2018

There's no excuse for not knowing your exposure. These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program.

Security 97

Security 97

Data Breach Today

OCTOBER 8, 2018

Government Agencies Have 'No Reason to Doubt' Supply Chain Tampering Refutation U.S. and U.K. government agencies have said they have "no reason to doubt" strong denials issued by Amazon and Apple that hardware hackers had successfully implanted tiny chips in their servers that provided a backdoor for Chinese spies.

Government 181

Government 181

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

WIRED Threat Level

OCTOBER 11, 2018

For years, China has systematically looted American trade secrets. Here's the messy inside story of how DC got Beijing to clean up its act for a while.

IT 104

IT Security 104

Security Affairs

OCTOBER 7, 2018

The Git Project released a new version of the Git client, Github Desktop, or Atom. that addressed a critical remote code execution vulnerability in the Git. The Git Project addressed a critical remote code execution vulnerability in the Git command line client, Git Desktop, and Atom. The flaw tracked as CVE-2018-17456 could be exploited by malicious repositories to remotely execute commands on a vulnerable system.

Security 110

Security IT 110

John Battelle's Searchblog

OCTOBER 10, 2018

Yesterday, I lost it over a hangnail and a two-dollar bottle of hydrogen peroxide. You know when a hangnail gets angry, and a tiny red ball of pain settles in for a party on the side of your finger? Well, yeah. That was me last night. My usual solution is to stick said finger into a bottle of peroxide for a good long soak. But we were out of the stuff, so, as has become my habit, I turned to Amazon.

IT 93

IT Insurance 93

Data Breach Today

OCTOBER 12, 2018

An in-depth report on the exposure of personal details for 500,00 Google+ accounts leads the latest edition of the ISMG Security Report. Also featured: an update on mitigating the risk of business email compromises and tips for protecting critical infrastructure.

Risk 172

Risk Security 172

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Schneier on Security

OCTOBER 10, 2018

The US Government Accounting Office just published a new report: " Weapons Systems Cyber Security: DOD Just Beginning to Grapple with Scale of Vulnerabilities " (summary here ). The upshot won't be a surprise to any of my regular readers: they're vulnerable. From the summary: Automation and connectivity are fundamental enablers of DOD's modern military capabilities.

Security 93

Security Military Passwords Cybersecurity 93

Security Affairs

OCTOBER 6, 2018

Experts at FortiGuard Labs team discovered three vulnerabilities in eight Sony Bravia smart TVs, one of them rated as critical. Patch management is a crucial aspect for IoT devices, smart objects are surrounding us and represent a privileged target for hackers. Experts at FortiGuard Labs team discovered three vulnerabilities (a stack buffer overflow, a directory traversal, and a command-injection issue) in eight Sony Bravia smart TVs, one of them rated as critical.

File names 109

File names IoT Security IT 109

eSecurity Planet

OCTOBER 8, 2018

This new IT security testing technology continually monitors networks and systems to help organizations determine how secure their environment is.

Security 103

Security IT 103

Data Breach Today

OCTOBER 9, 2018

Consumer Google+ Set For Shutdown; Google Hid the Data-Exposing Bug Google blames a bug in an API for its Google+ social networking service for exposing personal details for about 500,000 users' accounts, but says it doesn't believe the information was misused. The company was forced to acknowledge the March incident after it was reported by The Wall Street Journal.

IT 193

IT 193

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Schneier on Security

OCTOBER 12, 2018

It's no secret that computers are insecure. Stories like the recent Facebook hack , the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they're just the newsworthy tip of a very large iceberg. The risks are about to get worse, because computers are being embedded into physical devices and will affect lives, not just our data.

Security 93

Security Government Marketing Manufacturing 93

Security Affairs

OCTOBER 6, 2018

Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update. Many Windows users are reporting problems after the installation of Windows 10 October 2018 Update, a few days ago a Reddit user discovered the Task Manager tool was showing inaccurate CPU usage after the upgrade.

Security 108

Security IT 108

WIRED Threat Level

OCTOBER 10, 2018

A new report says the Department of Defense "likely has an entire generation of systems that were designed and built without adequately considering cybersecurity.".

Cybersecurity 95

Cybersecurity Security 95