Micro Focus

JULY 17, 2019

Digital transformation 50

Digital transformation 50

WIRED Threat Level

JULY 13, 2019

An Apple Watch bug, a hackable hair straightener, and more security news this week.

Security 200

Security 200

Information Management Resources

JULY 19, 2019

Ensuring the quality of data becomes increasingly important so that organizations don’t wind up making bigger mistakes.

Government 70

Government 70

Security Affairs

JULY 13, 2019

The Magecart continues to target websites worldwide, it infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. . The Magecart gang made the headlines again, according to a new report published by RiskIQ , it has infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. . A few days ago, security experts at Sanguine Security have uncovered a new large-scale payment card skimming campaign that already hacked 962 online stores running on the Magento

CMS 279

CMS Security Cloud IT 279

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.

Cloud 278

Cloud Ransomware Access Cybersecurity 278

Data Breach Today

JULY 16, 2019

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.

Security 268

Security Access 268

Security Affairs

JULY 19, 2019

The former NSA contractor who pled guilty to stealing over 50TB of data from the Agency, was sentenced to nine years in prison. The former National Security Agency contractor Harold Thomas Martin III , who was accused and subsequently pled guilty to stealing over 50TB of classified NSA data, was sentenced to nine years in prison. The man was arrested by the FBI in October 2016 , the US DoJ charged Harold Thomas Martin with theft of secret documents and highly classified government material.

Government 277

Government Data breaches Security IT 277

Krebs on Security

JULY 15, 2019

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “ REvil ,” “ Sodin ,” and “ Sodinokibi.” “We are getting a well-deserv

Ransomware 232

Ransomware Encryption IT Security 232

WIRED Threat Level

JULY 16, 2019

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be.

Marketing 245

Marketing IT Security 245

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

Data Breach Today

JULY 15, 2019

Fraud Fighters Also See Spikes in ATM Malware, Card Enrollment as a Service Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.

242

242

Security Affairs

JULY 19, 2019

Poland and Lithuania are probing the potential privacy and security risks of using a Russian-made app FaceApp. Millions of people recently downloaded the FaceApp app and are taking part in the “ #FaceApp Challenge ” to show friends how they can look like when they will be old and grey. Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp.

Data collection 276

Data collection Privacy Risk Personal data 276

Krebs on Security

JULY 17, 2019

“It takes a certain kind of man with a certain reputation. To alleviate the cash from a whole entire nation…” KrebsOnSecurity has seen some creative yet truly bizarre ads for dodgy services in the cybercrime underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake. The name of this particular card shop won’t be mentioned here, and its various domain names featured in the video have been pixelated so as not to further

Cybersecurity 217

Cybersecurity Security IT 217

WIRED Threat Level

JULY 14, 2019

All those services you signed up for but forgot about? They're a security risk. Here's how to get rid of them.

Risk 197

Risk Security 197

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Data Breach Today

JULY 19, 2019

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense.

Phishing 225

Phishing Access Security 225

Security Affairs

JULY 14, 2019

Security experts at Emsisoft released a new decryptor, it could be used for free by victims of the Ims00rry ransomware to decrypt their files. Thanks to the experts at Emsisoft the victims of the Ims00rry ransomware can decrypt their files for free. The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the ransomware, Ims00rry and doesn’t append an extension to the filenames of the encrypted files.

Ransomware 276

Ransomware Encryption Security IT 276

AIIM

JULY 19, 2019

Capture? Haven’t we been doing this for years and years? Well…yes and no. Yes, organizations have been scanning paper into digital archives for a long time. And for 72% of organizations, scanning paper is still the most important part of their information capture strategy. The continued importance of simply getting rid of the paper is not just a function of laggard organizations; the struggle to get rid of paper is consistent across all levels of overall competence.

Information capture 151

Information capture Digital transformation Paper Archiving 151

The Last Watchdog

JULY 15, 2019

Cyber crime can be extremely financially damaging to businesses. However, if you believe that money is the only thing that a cyber-attack costs your organization, you would be wrong. In fact, a recent academic analysis identified 57 specific individual negative factors that result from a cyber-attack against a business. Here are six ways, worth considering, that a attack can affect your organization.

Data breaches 127

Data breaches Compliance GDPR IT 127

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

JULY 19, 2019

Over 800,000 Windows Devices Remain Vulnerable, Analysts Say Weeks after Microsoft issued a patch for the BlueKeep vulnerability, which threatens devices running older versions of Windows, many organizations worldwide have yet to install patches despite alerts from the software giant, government agencies and cybersecurity companies, according to researchers at BitSight.

Cybersecurity 222

Cybersecurity Government 222

Security Affairs

JULY 18, 2019

Drupal developers urge users to update their installs to version 8.7.5, which addresses the CVE-2019-6342 flaw that allows hackers to take control of Drupal 8 sites. Drupal developers informed users that version 8.7.4 is affected by a critical flaw, tracked as CVE-2019-6342, that could be exploited by attackers to take control of Drupal 8 websites. Users have to update to version 8.7.5 to address the vulnerability.

CMS 274

CMS Access Security IT 274

AIIM

JULY 16, 2019

I've been thinking a lot lately about the role of solution providers in the information management industry, specifically as applied to education and professional development. In this post I am focusing on the members of solution providers’ staff that are marketing to customers, selling to customers, acting as the voice of the customer, and implementing and supporting customers’ solutions.

Paper 144

Paper Education Marketing IT 144

WIRED Threat Level

JULY 19, 2019

Catch up on the most important news from today in two minutes or less.

Insurance 125

Insurance Privacy Security 125

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

Data Breach Today

JULY 15, 2019

Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users.

Phishing 213

Phishing 213

Security Affairs

JULY 18, 2019

Experts at Intezer discovered a new backdoor, dubbed EvilGnome, that is targeting Linux systems for cyber espionage purpose. Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment o

Metadata 274

Metadata Archiving Phishing Encryption 274

Schneier on Security

JULY 16, 2019

The Zoom conferencing app has a vulnerability that allows someone to remotely take over the computer's camera. It's a bad vulnerability, made worse by the fact that it remains even if you uninstall the Zoom app: This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user's permission.

IT 111

IT 111

WIRED Threat Level

JULY 17, 2019

Microsoft's critical vulnerability remains unpatched in hundreds of thousands of computers, and may already be exploited in secret.

Security 114

Security 114

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Data Breach Today

JULY 19, 2019

Hospital in The Netherlands Slapped With Fine; May Face Additional Penalties Authorities in the Netherlands recently levied a $516,000 fine under the General Data Protection Regulation against a hospital in the Hague in connection with a data breach involving "dozens" of staffers who snooped on the electronic medical records of a celebrity.

GDPR 206

GDPR Data breaches 206

Security Affairs

JULY 15, 2019

Instagram has recently addressed a critical flaw that could have allowed hackers to take over any Instagram account without any user interaction. Instagram has recently addressed a critical vulnerability that could have allowed attackers to completely take over any account without user interaction. The news was first reported by TheHackerNews, the issue was reported to the Facebook-owned photo-sharing service by the Indian security expert Laxman Muthiyah.

Passwords 271

Passwords Cloud Security IT 271

Schneier on Security

JULY 15, 2019

Motherboard got its hands on Palantir's Gotham user's manual, which is used by the police to get information on people: The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives. The capabilities are staggering, according to the guide: If police have a name that's associated with a license plate, they can use automatic license plate reader data to find out where they've been, and when

Access 110

Access IT FOIA Security 110