Dark Reading

OCTOBER 16, 2019

In part one of this two-part series, we start with the basics - getting everyone to understand what's at stake - and then look at lessons from the trenches.

Cybersecurity 60

Cybersecurity 60

Data Breach Today

OCTOBER 17, 2019

With 18 Vendors on Board, Experts Assess New Group's Chances for Success Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications. But some observers say getting all players to agree on a common platform will be challenging.

Cybersecurity 124

Cybersecurity 124

erwin

OCTOBER 17, 2019

Architect Everything: New use cases for enterprise architecture are increasing enterprise architect’s stock in data-driven business. As enterprise architecture has evolved, so to have the use cases for enterprise architecture. Analyst firm Ovum recently released a new report titled Ovum Market Radar: Enterprise Architecture. In it, they make the case that enterprise architecture (EA) is becoming AE – or “architect everything” The transition highlights enterprise architect

Digital transformation 106

Digital transformation Compliance Government Risk 106

The Last Watchdog

OCTOBER 16, 2019

A pair of malicious activities have become a stunning example of digital transformation – unfortunately on the darknet. Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports.

Big data 164

Big data Passwords Digital transformation Data breaches 164

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Security Affairs

OCTOBER 15, 2019

Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287. The vulnerability could be exploited by an ill-intentioned user or a malicious program to execute arbitrary commands as root on a targeted Linux system, even if the “ sudoers configuration”

Passwords 279

Passwords Authentication Access Security 279

WIRED Threat Level

OCTOBER 17, 2019

The untold story of how digital detectives unraveled the mystery of Olympic Destroyer—and why the next big cyberattack will be even harder to crack.

Security 187

Security 187

The Last Watchdog

OCTOBER 16, 2019

Digital commerce has come to revolve around two types of identities: human and machine. Great effort has gone into protecting the former, and yet human identities continue to get widely abused by cyber criminals. By comparison, scant effort has gone into securing the latter. This is so in spite of the fact that machine identities are exploding in numbers and have come to saturate digital transformation.

Digital transformation 195

Digital transformation Authentication IoT Cloud 195

Security Affairs

OCTOBER 16, 2019

Security expert Pasquale Fiorillo demonstrates how to hack n RFID/NFC Vending Machine. The affected vendor did not answer to my responsible disclosure request, so I’m here to disclose this “hack” without revealing the name of the vendor itself. The target vending machine uses an insecure NFC Card, MIFARE Classic 1k , that has been affected by multiple vulnerabilities so should not be used in important application.

Manufacturing 273

Manufacturing Encryption Access Security 273

Data Breach Today

OCTOBER 14, 2019

Officials Attempt to Clarify Complex California Law's Requirements Gov. Gavin Newsom has signed into law six amendments to the California Consumer Privacy Act as well as another bill updating the state's long-standing data breach law. Meanwhile, draft CCPA implementation regulations have been unveiled.

Data breaches 187

Data breaches Privacy 187

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

WIRED Threat Level

OCTOBER 13, 2019

The latest macOS update is chock-full of ways to better safeguard your data.

Privacy 173

Privacy Security 173

The Last Watchdog

OCTOBER 15, 2019

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. Compromised logins continue to facilitate cyber attacks at all levels, from phishing ruses to credential stuffing to enabling hackers to probe deep inside of a breached network.

Passwords 164

Passwords Authentication Data breaches B2B 164

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Security experts at ESET revealed that Winnti Group continues to update its arsenal, they observed that the China-linked APT group using a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer.

Manufacturing 269

Manufacturing Paper Communications IT 269

Data Breach Today

OCTOBER 14, 2019

Sophos Board Will 'Unanimously Recommend' Deal to Shareholders Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.

Sales 183

Sales Cybersecurity Security 183

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

WIRED Threat Level

OCTOBER 17, 2019

Largely out of the spotlight since 2016, Cozy Bear hackers have been caught perpetrating a years-long campaign.

Security 162

Security 162

Krebs on Security

OCTOBER 16, 2019

Cybercrime forums have been abuzz this week over news that BriansClub — one of the underground’s largest shops for stolen credit and debit cards — has been hacked, and its inventory of 26 million cards shared with security contacts in the banking industry. Now it appears this brazen heist may have been the result of one of BriansClub’s longtime competitors trying to knock out a rival.

Sales 137

Sales Marketing IT Security 137

Security Affairs

OCTOBER 14, 2019

Cybercrime gang behind the Emotet malware is targeting organization with external SOC with emails claiming to deliver a SOC “weekly report.”. Introduction. The group behind Emotet malware is getting smarter and smarter in the way the y deliver such a Malware. While the infection schema looks alike from years; the way the group tries to infect victims improves from day to day.

Computer and Electronics 267

Computer and Electronics Security Encryption IT 267

Data Breach Today

OCTOBER 16, 2019

GlobeImposter 2.0 and Sodinokibi Strikes Also Common, Researchers Find Ransomware is once again the most common illicit profit-making tool in online attackers' arsenal, police warn. Security firm Emsisoft says the most-seen strains in recent months include STOP, Dharma.cezar, Phobos, GlobeImposter 2.0 and Sodinokibi. Less widely seen Ryuk also continues to generate big profits.

Ransomware 178

Ransomware Security 178

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

OCTOBER 14, 2019

The digital footprints of U.S. consumers’ have long been up for grabs. No one stops the tech giants, media conglomerates and online advertisers from intensively monetizing consumers’ online behaviors, largely without meaningful disclosure. Related: The state of ransomware Who knew that much the same thing routinely happens to enterprises? A recent report by network detection and response vendor ExtraHop details how third-party security and analytics tools routinely “ phone home ” in order to exf

Cloud 133

Cloud Analytics Cybersecurity Digital transformation 133

WIRED Threat Level

OCTOBER 17, 2019

As pro-democracy protests continue in Hong Kong, the tech giant’s troubling relationship with an authoritarian regime has come into focus.

Privacy 129

Privacy Security 129

Security Affairs

OCTOBER 15, 2019

The global shipping and mailing services company Pitney Bowes suffered a partial outage of its service caused by a ransomware attack. The Pitney Bowes company announced that a ransomware attack infected its systems and cause a partial system outage that made some of its service unavailable for some customers. Pitney Bowes is a global technology company that provides commerce solutions in the areas of ecommerce, shipping, mailing, data and financial services. “Pitney Bowes was affected by a

Ransomware 266

Ransomware Financial Services Access Encryption 266

Data Breach Today

OCTOBER 16, 2019

Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. and Europe in an attempt to steal intellectual property, according to the security firm Proofpoint.

Phishing 174

Phishing Government Security IT 174

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

Thales Cloud Protection & Licensing

OCTOBER 15, 2019

It is the year 2030, and you have had another busy day. As you finish what you thought would be your last espresso and grab your laptop to leave work, your colleague tells you that you need to stay late for an urgent meeting. Panic sets in, but you push past it and put a plan into motion. To pick your daughter up from school, you call a driverless car.

Security 113

Security Encryption Systems administration Access 113

WIRED Threat Level

OCTOBER 12, 2019

FBI overreach, hacker payback, and more of the week's top security news.

Ransomware 126

Ransomware Security 126

Security Affairs

OCTOBER 13, 2019

Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan. “Malicious ads redirect victims to sites showing popups peddling software updates, mainly Adobe Flash Player updates, that once executed will install first install the OSX/ Shlayer MacOS malware , which t

Encryption 266

Encryption Security IT Information Security 266

Data Breach Today

OCTOBER 17, 2019

What Steps Should Entities Take to Battle Back? Data breaches involving phishing and related email compromises persist as a top challenge for healthcare providers. So, what are some of the top trends emerging from these incidents?

Data breaches 170

Data breaches Phishing 170

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

OCTOBER 17, 2019

You're interested in an information management certification, and you've narrowed it down to two; the Certified Information Professional (CIP) vs. the Certified Records Manager (CRM). Both certifications are well-known, respected credentials in the information management industry. So what's the difference and which is right for you? The honest answer is that it depends a lot on what you're looking for.

Records Management 106

Records Management Education IT 106

WIRED Threat Level

OCTOBER 15, 2019

The company is turbocharging its bug bounty to try to stop the next data leak before it happens.

Security 116

Security IT 116

Security Affairs

OCTOBER 15, 2019

Click2Mail.com, a US Postal Service affiliate partner, has suffered a data breach that exposed the personal information of its users. The US Postal Service affiliate partner Click2Mail has suffered a data breach that exposed the personal information of its users. The company allows its users to professionally print letters, flyers or postcards and deliver them in a business day at low prices.

Data breaches 261

Data breaches Communications Security IT 261