The Last Watchdog

OCTOBER 15, 2018

It is disheartening, but not at all surprising, that hackers continue to pull off successful breaches of well-defended U.S. government strategic systems. Related podcast: Cyber attacks on critical systems have only just begun. On Friday, Oct. 12, the Pentagon disclosed that intruders breached Defense Department travel records and compromised the personal information and credit card data of U.S. military and civilian personnel.

Military 133

Military Risk Passwords Government 133

Security Affairs

OCTOBER 16, 2018

Free Wi-Fi is convenient, but it is also unsafe and puts users at great risk. Here’s how the cybercriminals attack user on these open networks. The free Wi-Fi is one of the catchiest things for the users in today’s world. This is the main reason why so many free public Wi-Fi can be found without much of a problem. It is not only free but convenient to use these open networks.

Honeypots 111

Honeypots Encryption Access Risk 111

IT Governance

OCTOBER 17, 2018

Every day almost 7 million data records are compromised , with no organisation or sector immune. Organisations are facing a war on data breaches, so it’s imperative that ‘know your enemy’ becomes part of their battle tactics. Data breaches come in various forms and sizes – not all incidents are caused by sophisticated cyber attacks. To help you understand what your organisation is facing, here’s a breakdown of some of the most common types of data breaches. 1.

Data breaches 104

Data breaches Ransomware Security awareness Access 104

Data Breach Today

OCTOBER 16, 2018

Regulators Say Health Insurer Failed to Take Basic Security Steps Federal regulators have smacked health insurer Anthem with a record $16 million HIPAA settlement in the wake of a cyberattack revealed in 2015, which impacted nearly 79 million individuals. What missteps does the settlement highlight?

Insurance 243

Insurance Security 243

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

OCTOBER 17, 2018

Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure. And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas. By extension these developments are yet another reminder of why constantly monitoring and proactively defending business networks must be a prime direct

Data breaches 178

Data breaches Security Military Government 178

Security Affairs

OCTOBER 17, 2018

Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks. The flaw was discovered by the Brazilian researcher Mauricio Corrêa, founder of Brazilian security company XLabs. The exploitation of this vulnerability could cause major problems on the Internet. “A proof of concept (POC) made in only one XLabs server generated a traffic of 69 gigabits per second,” Mauricio told Cibersecurity.net.br.

Systems administration 111

Systems administration Authentication Security IT 111

Data Breach Today

OCTOBER 16, 2018

Exposure Highlights Scant Protection Afforded to Voter Registration Records A batch of U.S. voter registration records from 20 states has appeared for sale online in what appears to be an illegitimate offering. While it's far from the largest-ever seen leak of voter data, the incident again highlights the lax controls too often applied to voter records.

Sales 236

Sales IT 236

WIRED Threat Level

OCTOBER 19, 2018

The latest indictment against Russian trolls shows how they sowed division in the US on wedge issues, including the investigation into their activity.

Security 111

Security 111

AIIM

OCTOBER 17, 2018

A great project development team can only be great with the right tools. Through the numerous project management methodologies and top-down inferences, there is one constant; management tools. Even the best managers can’t work efficiently without them. They range from the micro to the macro and cover all of the aspects of a project’s lifecycle. They create an atmosphere of greater cooperation and productivity.

Communications 106

Communications Marketing Manufacturing Access 106

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Security Affairs

OCTOBER 14, 2018

Security expert published the PoC exploit code for the recently fixed critical remote code execution flaw in Edge web browser tracked as CVE-2018-8495. The October 2018 Patch Tuesday addressed 50 known vulnerabilities in Microsoft’s products, 12 of them were labeled as critical. One of the issues is a critical remote code execution vulnerability in Edge web browser tracked as CVE-2018-8495. “A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka

Security 111

Security IT 111

Data Breach Today

OCTOBER 15, 2018

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.

Data breaches 235

Data breaches Military Cybersecurity 235

WIRED Threat Level

OCTOBER 13, 2018

With the exception of President Trump’s legal team, no one has been watching the Mueller investigation more closely than Garrett Graff.

Security 111

Security 111

Schneier on Security

OCTOBER 15, 2018

If you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public. Research paper : "Identity inference of genomic data using long-range familial searches." Abstract: Consumer genomics databases have reached the scale of millions of individuals.

Privacy 105

Privacy Paper 105

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

OCTOBER 17, 2018

Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take over some D-Link routers. A group of researchers from the Silesian University of Technology in Poland has discovered three vulnerabilities in some models of D-Link routers that could be chained to take full control over the devices.

Passwords 111

Passwords Authentication Access Security 111

Data Breach Today

OCTOBER 18, 2018

Launching an ICO? You're a Target, Group-IB Warns An analysis of attacks against cryptocurrency exchanges over nearly two years shows hackers have inflicted $882 million in damages, according to the Russian security firm Group-IB. The tally of losses is likely to grow next year, the company warns.

Security 222

Security 222

WIRED Threat Level

OCTOBER 19, 2018

A new report suggests that spammers, not nation states, may have been behind the Facebook hack. That could be even worse news.

Security 110

Security 110

Dark Reading

OCTOBER 15, 2018

A tractor trailer housing a Cyber Tactical Operation Center will travel throughout the US and Europe for incident response training, security support, and education.

Cybersecurity 102

Cybersecurity Education Security 102

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

OCTOBER 17, 2018

The Libssh library is affected by a severe flaw that could be exploited by attackers to completely bypass authentication and take over a vulnerable server. The Secure Shell (SSH) implementation library, the Libssh, is affected by a four-year-old severe vulnerability that could be exploited by attackers to completely bypass authentication and take over a vulnerable server without requiring a password.

Libraries 111

Libraries Authentication Passwords Security 111

Data Breach Today

OCTOBER 18, 2018

Social Network Reportedly Sees No Signs of Nation-State Hackers Facebook is eyeing spammers as being the culprits behind its recently disclosed mega-breach, The Wall Street Journal reports. Preliminary findings from Facebook's internal investigation suggest that the attackers were not affiliated with a nation-state, but rather part of a known spam ring, the newspaper reports.

IT 216

IT 216

AIIM

OCTOBER 16, 2018

Why choose certification? For me, it's about proof (to myself and to employers) of my expertise. The Certified Information Professional (CIP) started with a group of industry experts and focus groups that worked together to define the body of knowledge necessary for information professionals to be successful in the digital economy. From there, AIIM worked to build a certification exam based upon this body of knowledge - and the CIP was born.

ECM 97

ECM Information governance Government Compliance 97

Dark Reading

OCTOBER 15, 2018

New MediaPRO study also finds that management performed worse than entry- and mid-level employees in how to handle a suspected phishing email.

Risk 97

Risk Phishing Security 97

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

OCTOBER 13, 2018

Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The Pentagon revealed that the Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel.

Data breaches 111

Data breaches Military Risk Security 111

Data Breach Today

OCTOBER 16, 2018

Majority of Incidents Trace to Hostile Nation-States, NCSC Says The U.K.'s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say.

Security 210

Security 210

Schneier on Security

OCTOBER 19, 2018

This is crazy (and dangerous). West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain -- presumably because they have no idea what the security issues with voting actually are.

Blockchain 96

Blockchain Security 96

PerezBox

OCTOBER 13, 2018

As a parent, and a technologist, I struggle with creating a safe online experience at home. I’m constantly playing with different technologies – hardware and software – trying to find. Read More. The post Creating a Safe Online Experience At Home appeared first on PerezBox.

Cybersecurity 96

Cybersecurity Security 96

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

OCTOBER 18, 2018

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Security experts from ESET published a detailed analysis of a recently discovered threat actor tracked as GreyEnergy, its activity emerged in concurrence with BlackEnergy operations. ESET researchers have spotted a new strain of malware tracked as Exaramel that links the not Petya wiper to the Industroyer ICS malware.

Phishing 111

Phishing Encryption Passwords Security 111

Data Breach Today

OCTOBER 17, 2018

Initiatives in UK and California Aim to Deep-Six Poor IoT Security Practices With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.

Passwords 205

Passwords IoT Security 205

Dark Reading

OCTOBER 16, 2018

Get into their heads to find out why they're flouting your corporate cybersecurity rules.

Security 94

Security Cybersecurity 94