IT Governance

SEPTEMBER 19, 2018

If you’re among the seemingly small number of organisations that hasn’t yet suffered a data breach, you should be preparing for the inevitable. You can’t count on your cyber security defences to continue repelling attacks, because even the most secure systems contain vulnerabilities. Criminals are constantly looking for new opportunities, and it’s only a matter of time before they exploit even the smallest crack in your organisation.

Data breaches 84

Data breaches Personal data Security Government 84

Thales Cloud Protection & Licensing

SEPTEMBER 20, 2018

Now in its 13 th year, our Global Encryption Trends Study that is performed by the Ponemon Institute reveals interesting findings that span a dozen different geographies. This year, we found that multi-cloud use as well as compliance requirements have encouraged organizations around the globe to embrace a more extensive encryption strategy. Our study also found that these two key drivers along with protection of information against specific, identified threats are ushering in a new era of encryp

Encryption 70

Encryption Cloud Compliance Security 70

The Last Watchdog

SEPTEMBER 18, 2018

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.”. One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s high time to protect unstructured data. Ironically, many victimized companies are paying hefty ransoms to decrypt unstructured data that may not be all that sensitive or mission critical.

Unstructured data 194

Unstructured data Ransomware Mining Encryption 194

Krebs on Security

SEPTEMBER 21, 2018

It is now free in every U.S. state to freeze and unfreeze your credit file and that of your dependents, a process that blocks identity thieves and others from looking at private details in your consumer credit history. If you’ve been holding out because you’re not particularly worried about ID theft, here’s another reason to reconsider: The credit bureaus profit from selling copies of your file to others, so freezing your file also lets you deny these dinosaurs a valuable reven

Insurance 279

Insurance Marketing Security Military 279

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

SEPTEMBER 20, 2018

'Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.

Privacy 242

Privacy Data breaches GDPR Security 242

The Last Watchdog

SEPTEMBER 21, 2018

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies. Related: How DevOps enabled the hacking of Uber. DevOps is a process designed to foster intensive collaboration between software developers and the IT operations team, two disciplines that traditionally have functioned as isolated silos with the technology department.

Cloud 203

Cloud Security Mining Financial Services 203

Krebs on Security

SEPTEMBER 17, 2018

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Government 248

Government Access Encryption Passwords 248

Data Breach Today

SEPTEMBER 20, 2018

E-Commerce Site Investigates Malware Attack and Payment Card Data Theft Online retailer Newegg is investigating a malware attack that may have stolen customers' payment card details for more than a month. Security firms have traced the heist to Magecart, a loose affiliation of cybercrime gangs also tied to payment card data breaches at British Airways and Ticketmaster.

Retail 203

Retail Data breaches Security 203

Troy Hunt

SEPTEMBER 17, 2018

That's it - I'm calling it - extended validation certificates are dead. Sure, you can still buy them (and there are companies out there that would just love to sell them to you!), but their usefulness has now descended from "barely there" to "as good as non-existent" This change has come via a combination of factors including increasing use of mobile devices, removal of the EV visual indicator by browser vendors and as of today, removal from Safari on iOS (it'll also be gone in M

Marketing 109

Marketing Phishing Encryption IT 109

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

SEPTEMBER 18, 2018

According to Avira, hundreds of thousands of unpatched Windows systems are serially infected with EternalBlue exploit code. The EternalBlue , is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. The malicious code was leaked online by the Shadow Brokers hacking group that stole it from the arsenal of the NSA-linked Equation Group.

Ransomware 111

Ransomware Security IT 111

Krebs on Security

SEPTEMBER 19, 2018

Citing “extraordinary cooperation” with the government, a court in Alaska on Tuesday sentenced three men to probation, community service and fines for their admitted roles in authoring and using “ Mirai ,” a potent malware strain used in countless attacks designed to knock Web sites offline — including an enormously powerful attack in 2016 that sidelined this Web site for nearly four days.

IoT 204

IoT Government Cybersecurity Security 204

Data Breach Today

SEPTEMBER 17, 2018

Two Syrians Accused of Buying Stolen Corporate Card Data to Mask Activities Coordinated police raids in Germany and Sweden have resulted in the arrest of two Syrian nationals suspected of running a cyber fraud operation that purchased stolen card data to book hundreds of airline and train tickets to help smuggle people from the Middle East into Europe.

196

196

TAB OnRecord

SEPTEMBER 19, 2018

Could you be using you space more effectively? Are you spending too much on storage? Is your storage enhancing your workflow? Is it designed to enhance retrieval time and speed information access? With filing systems taking up 20 percent of office space on average, the volume of paper records increasing every year, and the cost of real estate square footage rising almost everywhere, these are questions records and facilities managers need to be asking themselves.

Records Management 92

Records Management Paper Access IT 92

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

SEPTEMBER 16, 2018

The Bristol Airport was hit by a cyber attack that caused problems with operations, flight display screens were taken offline for two days. The Bristol Airport was hit by a ransomware-based attack that caused problems to the flight display screens for two entire days. The news reported by the BBC and was confirmed by an airport spokesman that explained that the information screens were taken offline early on Friday in response to a “ransomware” based attack. “Bristol Airport ha

Ransomware 110

Ransomware Security Risk IT 110

Schneier on Security

SEPTEMBER 21, 2018

NIST has released a new study concluding that the AES encryption standard has resulted in a $250 billion world-wide economic benefit over the past twenty years. I have no idea how to even begin to assess the quality of the study and its conclusions -- it's all in the 150-page report, though -- but I do like the pretty block diagram of AES on the report's cover.

Encryption 96

Encryption IT 96

Data Breach Today

SEPTEMBER 17, 2018

Luckily, Firm Was Only Infected With Cryptocurrency-Mining Malware Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year ago. One major U.S. business was reportedly a recent victim, as part of a cryptocurrency-mining malware campaign.

Mining 207

Mining 207

John Battelle's Searchblog

SEPTEMBER 19, 2018

So far, it’s mostly s**t. Seven or so years ago, a famous VC penned a manifesto of sorts. Writing at a time the world was still skeptical of the dominance to which his industry has now ascended (to think, such a time existed, and so few years ago!), Marc Andreessen had a message for the doubters, the naysayers, and the Wall St. analysts who were (credibly!

Marketing 92

Marketing IT 92

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

SEPTEMBER 20, 2018

Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). Everybody knows Monero cryptocurrency and probably everybody knows that it has built upon privacy, by meaning It’s not that simple to figure out Monero wallet balance.

Computer and Electronics 110

Computer and Electronics Mining IoT Security 110

Schneier on Security

SEPTEMBER 20, 2018

Of course the ESS ExpressVote voting computer will have lots of security vulnerabilities. It's a computer, and computers have lots of vulnerabilities. This particular vulnerability is particularly interesting because it's the result of a security mistake in the design process. Someone didn't think the security through, and the result is a voter-verifiable paper audit trail that doesn't provide the security it promises.

Computer and Electronics 95

Computer and Electronics Paper Security Privacy 95

Data Breach Today

SEPTEMBER 17, 2018

Kelihos Bot Herder Offered Bargain Spam Campaign Pricing More evidence that running cybercrime schemes remains inexpensive and accessible to anyone with criminal intent: To send spam emails, admitted botnet herder Peter Levashov quoted customers $500 for 1 million emails. And that was just his 2016 pricing.

Access 193

Access 193

Dark Reading

SEPTEMBER 21, 2018

How Park Jin Hyok - charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks - inadvertently blew his cover via email accounts.

Government 90

Government 90

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers. Xbash was developed using Python, then the authors converted into self-contained Linux ELF executables by abusing the legitimate tool PyInstaller for distribution.

Ransomware 109

Ransomware Mining Passwords Security 109

Schneier on Security

SEPTEMBER 17, 2018

A 2006 document from the Snowden archives outlines successful NSA operations against "a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems.". It's hard to believe that many of the Snowden documents are now more than a decade old.

Military 95

Military Archiving IT 95

Data Breach Today

SEPTEMBER 21, 2018

Payment Card Theft, Ransomware Facilitated by Cybercrime-as-a-Service Offerings One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.

Marketing 211

Marketing Access Ransomware 211

Dark Reading

SEPTEMBER 20, 2018

Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.

Cybersecurity 103

Cybersecurity Security 103

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

SEPTEMBER 19, 2018

Security experts at Flashpoint discovered the availability of the access to over 3,000 compromised sites sold on Russian black marketplace MagBo. A new report published by researchers at Flashpoint revealed the availability on an underground hacking forum for Russian-speaking users of access to over 3,000 breached websites. “Access to approximately 3,000 breached websites has been discovered for sale on a Russian-speaking underground marketplace called MagBo.

Access 108

Access Mining Insurance Sales 108

Schneier on Security

SEPTEMBER 21, 2018

Lots of people are e-mailing me about this new result on the distribution of prime numbers. While interesting, it has nothing to do with cryptography. Cryptographers aren't interested in how to find prime numbers, or even in the distribution of prime numbers. Public-key cryptography algorithms like RSA get their security from the difficulty of factoring large composite numbers that are the product of two prime numbers.

Security 92

Security IT 92

Data Breach Today

SEPTEMBER 18, 2018

$47 Million Settlement Agreement to be Submitted to Court in Next 45 Days Lawsuits sparked by massive data breaches at Yahoo - and the company's failure to report those breaches to investors in a timely manner - could soon be resolved. Plaintiffs and defendants say they have committed to a $47 million deal that they expect to submit for court approval within 45 days.

Data breaches 175

Data breaches 175