Adam Levin

JANUARY 15, 2019

U.S. citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown. The two primary websites created by the government as resources for victims of identity theft, IdentityTheft.gov and FTC.gov/complaint , are currently offline as part of the partial shutdown of the Federal Trade Commission. This effectively leaves victims unable to file reports or get documentation of their stolen identities, which is typically a first step for mitigating

Government 87

Government Phishing Encryption Communications 87

Data Breach Today

JANUARY 15, 2019

Separately, Texas City's Operations Disrupted by Crypto-Locking Ransomware Ransomware attacks continue, with the city of Del Rio, Texas, saying its operations have been disrupted by crypto-locking malware. Meanwhile, CryptoMix ransomware urges victims to pay ransoms, claiming it will fund treatments for seriously ill children, while GandCrab gets distributed via malvertising attacks.

Ransomware 234

Ransomware IT 234

The Last Watchdog

JANUARY 14, 2019

Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law.

Access 153

Access Risk Systems administration Marketing 153

Krebs on Security

JANUARY 17, 2019

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of s

Passwords 54

Passwords Archiving Authentication Data breaches 54

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Weissman's World

JANUARY 14, 2019

You say you’re tired of not being able to find the information you’re looking for. You say you’re concerned the information you do find is reliable. You say you’re worried about security breaches. And you say you’re ready to do something about it. So I say it’s time you go ahead and take your first […]. The post Start Your Information Journey With A Step Backwards appeared first on Holly Group.

Security 149

Security IT Information governance Government 149

The Last Watchdog

JANUARY 18, 2019

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, reportedly occurred last October.

Encryption 157

Encryption Authentication Military Government 157

Krebs on Security

JANUARY 14, 2019

Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014.

IoT 208

IoT Sales Access Government 208

AIIM

JANUARY 15, 2019

Digital transformation means reworking business processes to take maximum advantage of data and digital content. Better, faster, and cheaper content management is one goal, but the real payoff is in automating routine tasks including customer interactions. More data and process improvement will, in turn, allow us to do more with our content, to reach new audiences and boost satisfaction and profitability, however you measure it.

Digital transformation 131

Digital transformation Analytics Computer and Electronics Artificial Intelligence 131

Data Breach Today

JANUARY 17, 2019

Vulnerability Highlights Poor Security Controls for Passenger Name Records Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.

Security 256

Security 256

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

The Last Watchdog

JANUARY 16, 2019

Kubernetes is one of many key enabling technologies of digital transformation that has tended to remain obscure to non-technical company decision makers. Related podcast: Securing software containers. Kubernetes is an administration console — an open source project from Google that makes containerized software applications easy to deploy, scale, and manage.

Security 147

Security Digital transformation Access Authentication 147

Troy Hunt

JANUARY 16, 2019

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses and link out to more detailed material for those who want to go deeper. Let's start with the raw numbers because that's the headline, then I'll drill down into where it's from and what it's composed of.

Data breaches 112

Data breaches Passwords Risk Personal data 112

AIIM

JANUARY 17, 2019

While Artificial Intelligence (AI) has the potential to be a very powerful tool in information management, the topic is so wrapped up in hyperbole and confusion that it can be challenging to cut through all the noise, causing many to fear the complexity of AI. As you may know, AIIM recently launched a new training course titled Practical AI for the Information Professional.

Artificial Intelligence 117

Artificial Intelligence Digital transformation Sales IT 117

Data Breach Today

JANUARY 14, 2019

Daniel Kaye Was Paid to Disrupt Liberia's Largest Telecommunications Firm A U.K. court has sentenced Daniel Kaye, 30, after he admitted launching DDoS attacks against Liberia's largest telecommunications company in 2015 and 2016. A rival internet services provider paid Kaye $100,000 to launch the attacks.

236

236

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

JANUARY 16, 2019

Collection #1 appears to be the biggest public breach yet, with millions of unique passwords sitting out in the open.

Passwords 111

Passwords Security 111

Security Affairs

JANUARY 18, 2019

Experts at Malwarebytes have reported that the code for the recently discovered Flash zero-day flaw was added to the Fallout Exploit kit. Experts at Malwarebytes observed a new version of the Fallout Exploit kit that include the code to exploit a recently discovered Flash zero-day vulnerability. The Fallout Exploit kit was discovered at the end of August by the threat analyst nao_sec , at the time it was used to distribute the GandCrab ransomware and other malicious codes, including droppers and

Ransomware 111

Ransomware Security IT 111

Collaboration 2.0

JANUARY 16, 2019

The hand off of perceived account irregularities from Revolut’s AI driven compliance systems and algorithms to their support and partners is when the account freeze ups appear to start, and customers are suffering

Compliance 100

Compliance 100

Data Breach Today

JANUARY 17, 2019

2.7 Billion Email/Password Combo List Available for Credential Stuffing, Troy Hunt Warns Australian security expert Troy Hunt says an 87 GB compilation of username and password combinations - drawn from more than 2,000 databases - includes 773 million unique email addresses for apparent use in credential-stuffing attacks. Takeaway: Use a unique password for every site, or else.

Data breaches 232

Data breaches Passwords Security 232

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection 112

Data collection IT Security 112

Security Affairs

JANUARY 12, 2019

Rapid7 announced the release of Metasploit 5.0, the latest version of the popular penetration testing framework that promises to be very easy to use. Rapid7 announced the release of Metasploit 5.0 , the new version includes several new important features and, the company believes it will easier to use and more powerful. Most important changes introduced in the Metasploit 5.0 include new database and automation APIs, evasion modules and libraries, language support, improved performance.

Libraries 112

Libraries Security IT 112

Dark Reading

JANUARY 15, 2019

When it comes to privacy, it's the little things that can lead to big mishaps.

Privacy 99

Privacy Security IT 99

Data Breach Today

JANUARY 16, 2019

Trend Micro Says It Moved Cranes Using RF Software Flaws Radio controllers used in the construction, mining and shipping industries are dangerously vulnerable to hackers, Trend Micro says in a new report. To address the issue, manufacturers need to move away from proprietary communication protocols and embrace secure standards, such as Bluetooth Low Energy.

Mining 222

Mining Manufacturing Security Communications 222

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

WIRED Threat Level

JANUARY 15, 2019

Opinion: GPS-monitored violent offenders are 95 percent less likely to commit a new crime. We need to implement an integrated, nationwide domestic violence program that tracks domestic abusers.

Security 91

Security 91

Security Affairs

JANUARY 12, 2019

The American hacktivist Martin Gottesfeld (34) has been sentenced to 10 years in prison for carrying out DDoS attacks against two healthcare organizations in the US in 2014. The alleged Anonymous member, Martin Gottesfeld, was accused of launching DDoS attacks against the two US healthcare organizations in 2014, the Boston Children’s Hospital and the Wayside Youth and Family Support Network.

IT 111

IT Security 111

Dark Reading

JANUARY 17, 2019

Data appears to be from multiple breaches over past few years, says researcher who discovered it.

Passwords 91

Passwords Sales IT 91

Data Breach Today

JANUARY 18, 2019

Fallout Exploit Kit Has Also Reappeared, Distributing GandCrab Ransomware Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.

Ransomware 217

Ransomware 217

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Matters

JANUARY 17, 2019

Under Article 35(3) of the EU General Data Protection Regulation (GDPR), organisations are required to conduct a data protection impact assessment (DPIA) where they: (i) engage in a systematic and extensive evaluation of personal aspects of individuals, based on automated processing, and on which decisions are based that produce legal or other effects that concern the individual, or (ii) process special categories of personal data (e.g. health data) on a large scale or personal data relating to

GDPR 90

GDPR Personal data Risk Privacy 90

Security Affairs

JANUARY 12, 2019

Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients. Microsoft recently fixed a vulnerability in Office 365 that was exploited by attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes.

Phishing 111

Phishing Cloud Security IT 111

IT Governance

JANUARY 15, 2019

Information Security 90

Information Security Security 90