Micro Focus

JULY 17, 2019

Digital transformation 50

Digital transformation 50

WIRED Threat Level

JULY 13, 2019

An Apple Watch bug, a hackable hair straightener, and more security news this week.

Security 101

Security 101

Information Management Resources

JULY 19, 2019

Ensuring the quality of data becomes increasingly important so that organizations don’t wind up making bigger mistakes.

Government 70

Government 70

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.

Cloud 269

Cloud Ransomware Access Cybersecurity 269

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Data Breach Today

JULY 16, 2019

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.

Security 257

Security Access 257

AIIM

JULY 16, 2019

I've been thinking a lot lately about the role of solution providers in the information management industry, specifically as applied to education and professional development. In this post I am focusing on the members of solution providers’ staff that are marketing to customers, selling to customers, acting as the voice of the customer, and implementing and supporting customers’ solutions.

Paper 117

Paper Education Marketing IT 117

Krebs on Security

JULY 15, 2019

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “ REvil ,” “ Sodin ,” and “ Sodinokibi.” “We are getting a well-deserv

Ransomware 210

Ransomware Encryption IT Security 210

Data Breach Today

JULY 15, 2019

Fraud Fighters Also See Spikes in ATM Malware, Card Enrollment as a Service Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.

236

236

Security Affairs

JULY 13, 2019

The Magecart continues to target websites worldwide, it infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. . The Magecart gang made the headlines again, according to a new report published by RiskIQ , it has infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. . A few days ago, security experts at Sanguine Security have uncovered a new large-scale payment card skimming campaign that already hacked 962 online stores running on the Magento

CMS 110

CMS Security Cloud IT 110

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

AIIM

JULY 19, 2019

Capture? Haven’t we been doing this for years and years? Well…yes and no. Yes, organizations have been scanning paper into digital archives for a long time. And for 72% of organizations, scanning paper is still the most important part of their information capture strategy. The continued importance of simply getting rid of the paper is not just a function of laggard organizations; the struggle to get rid of paper is consistent across all levels of overall competence.

Information capture 111

Information capture Digital transformation Paper Archiving 111

Krebs on Security

JULY 17, 2019

“It takes a certain kind of man with a certain reputation. To alleviate the cash from a whole entire nation…” KrebsOnSecurity has seen some creative yet truly bizarre ads for dodgy services in the cybercrime underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake. The name of this particular card shop won’t be mentioned here, and its various domain names featured in the video have been pixelated so as not to further

Cybersecurity 204

Cybersecurity Security IT 204

Data Breach Today

JULY 19, 2019

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense.

Phishing 209

Phishing Access Security 209

Security Affairs

JULY 19, 2019

The former NSA contractor who pled guilty to stealing over 50TB of data from the Agency, was sentenced to nine years in prison. The former National Security Agency contractor Harold Thomas Martin III , who was accused and subsequently pled guilty to stealing over 50TB of classified NSA data, was sentenced to nine years in prison. The man was arrested by the FBI in October 2016 , the US DoJ charged Harold Thomas Martin with theft of secret documents and highly classified government material.

Government 107

Government Data breaches Security IT 107

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

TAB OnRecord

JULY 15, 2019

In the first of a four-part blog series, we’ll focus our attention on the “lowly” color-coded folder. A staple of the records management world for many years, color coding has traditionally been used for a very specific function: helping to spot misfiled folders. However, as we’ll reveal in this blog series, color coding can be used in some unexpected ways to solve many more RIM challenges… Read More.

Records Management 99

Records Management 99

Thales Cloud Protection & Licensing

JULY 17, 2019

If the vast majority of the people in your office knew they would contract the flu today, it’s safe to say most chairs would remain empty. Anyone who actually came to work would avoid others, sanitize drawer handles, wash their hands, and/or wear a mask. There would be an obvious flurry of activity as people attempted to be part of the fortunate 30 percent that wouldn’t get sick.

Encryption 101

Encryption Authentication Data breaches IT 101

Data Breach Today

JULY 19, 2019

Over 800,000 Windows Devices Remain Vulnerable, Analysts Say Weeks after Microsoft issued a patch for the BlueKeep vulnerability, which threatens devices running older versions of Windows, many organizations worldwide have yet to install patches despite alerts from the software giant, government agencies and cybersecurity companies, according to researchers at BitSight.

Cybersecurity 197

Cybersecurity Government 197

Security Affairs

JULY 19, 2019

Poland and Lithuania are probing the potential privacy and security risks of using a Russian-made app FaceApp. Millions of people recently downloaded the FaceApp app and are taking part in the “ #FaceApp Challenge ” to show friends how they can look like when they will be old and grey. Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp.

Data collection 108

Data collection Privacy Risk Personal data 108

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

DLA Piper Privacy Matters

JULY 16, 2019

Today, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , “ Dutch DPA “) issued its first GDPR-fine of EUR 460,000. The fine is imposed on the Dutch Haga Hospital for having an insufficient internal security of patient records. The fact that the first GDPR-fine was imposed on a hospital isn’t a complete surprise, as already in December 2018, the Dutch DPA already announced that it would focus its enforcement actions on the public and health sector.

GDPR 104

GDPR Authentication Information Security Security 104

WIRED Threat Level

JULY 16, 2019

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be.

Marketing 110

Marketing IT Security 110

Data Breach Today

JULY 19, 2019

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from former federal advisers Richard Clarke and Robert Knake on cyber resilience.

Ransomware 179

Ransomware Security 179

Security Affairs

JULY 14, 2019

Security experts at Emsisoft released a new decryptor, it could be used for free by victims of the Ims00rry ransomware to decrypt their files. Thanks to the experts at Emsisoft the victims of the Ims00rry ransomware can decrypt their files for free. The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the ransomware, Ims00rry and doesn’t append an extension to the filenames of the encrypted files.

Ransomware 106

Ransomware Encryption Security IT 106

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Schneier on Security

JULY 16, 2019

The Zoom conferencing app has a vulnerability that allows someone to remotely take over the computer's camera. It's a bad vulnerability, made worse by the fact that it remains even if you uninstall the Zoom app: This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user's permission.

IT 101

IT 101

WIRED Threat Level

JULY 17, 2019

The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny.

Privacy 112

Privacy Security 112

Data Breach Today

JULY 15, 2019

Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users.

Phishing 197

Phishing 197

Security Affairs

JULY 18, 2019

Drupal developers urge users to update their installs to version 8.7.5, which addresses the CVE-2019-6342 flaw that allows hackers to take control of Drupal 8 sites. Drupal developers informed users that version 8.7.4 is affected by a critical flaw, tracked as CVE-2019-6342, that could be exploited by attackers to take control of Drupal 8 websites. Users have to update to version 8.7.5 to address the vulnerability.

CMS 105

CMS Access Security IT 105

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Schneier on Security

JULY 15, 2019

Motherboard got its hands on Palantir's Gotham user's manual, which is used by the police to get information on people: The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives. The capabilities are staggering, according to the guide: If police have a name that's associated with a license plate, they can use automatic license plate reader data to find out where they've been, and when

Access 98

Access IT FOIA Security 98

Troy Hunt

JULY 18, 2019

The very first feature I added to Have I Been Pwned after I launched it back in December 2013 was the public API. My thinking at the time was that it would make the data more easily accessible to more people to go and do awesome things; build mobile clients, integrate into security tools and surface more information to more people to enable them to do positive and constructive things with the data.

Authentication 90

Authentication IT Access Mining 90

Data Breach Today

JULY 17, 2019

Ransom Payments to Crypto-Locking Malware Extortionists Are Surging With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn. Driven also by attackers wielding Ryuk, Dharma and Phobos, ransom payments by victims have been surging.

Ransomware 180

Ransomware Security 180