The Last Watchdog
AUGUST 21, 2018
DevOps has been around for a while now, accelerating the creation of leading edge business applications by blending the development side with the operations side. It should come as no surprise that security is being formally added to DevOps, resulting in an emphasis on a process being referred to as SecOps or DevSecOps. Related: How DevOps played into the Uber hack.
Data Breach Today
AUGUST 21, 2018
Tech Giant Clarifies: Pausing 'Location History' Alone Won't Stop All Tracking A lawsuit accuses Google of "the surreptitious location tracking of millions of mobile phone users." The legal action was sparked by a report demonstrating that some Google apps tracked and time-stamped users' locations even if a user deactivated the "location history" setting.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
AUGUST 22, 2018
Crippled ports. Paralyzed corporations. Frozen government agencies. How a single piece of code crashed the world.
Security Affairs
AUGUST 22, 2018
Maintainers of the Apache Struts 2 open source development framework has released security updates to address a critical remote code execution vulnerability. Security updates released this week for the Apache Struts 2 open source development framework addressed a critical RCE tracked as CVE-2018-11776. The vulnerability affects Struts versions from 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and possibly unsupported versions of the framework.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
The Last Watchdog
AUGUST 23, 2018
Remember the old adage, you can never be too thin or too rich? The software development world has its own take on that dictum—you can never be too fast. Related: Gamification training targets iGens. Business demand dictates a frenetic pace for delivering new and better technology. To perfect the process, more organizations are taking a DevOps approach—melding software development and software operations simultaneously.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
WIRED Threat Level
AUGUST 19, 2018
Your phone number is increasingly tied to your online identity. You need to do everything possible to protect it.
Security Affairs
AUGUST 24, 2018
T-Mobile today announced It has suffered a security breach that May have exposed personal information of up to 2 million T-mobile customers. According to the telco giant, the incident affected its US servers on August 20, leaked information includes customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid).
Data Breach Today
AUGUST 24, 2018
Trustwave's Brian Hussey on Creating True, Actionable Intel Too many organizations leverage advanced threat intelligence merely to detect indicators of compromise. But Brian Hussey of Trustwave wants to help them mine actionable threat intelligence to truly bolster enterprise defenses.
Krebs on Security
AUGUST 22, 2018
Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies. The arrest is the third known law enforcement action this month targeting “SIM swappers,” individuals who specialize in stealing wireless phone numbers and hijacking online financial and social media accounts tied to those numbers.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
The Last Watchdog
AUGUST 20, 2018
More businesses than ever before are choosing to move their IT infrastructure and systems to cloud solutions such as Amazon Web Services and Microsoft Azure. There are many reasons to choose a cloud solution including increased flexibility and scalability, as well as reduced cost. In fact, a recent study of nearly 200 businesses and entrepreneurs found that 76% are looking to cloud solutions in order to increase the efficiency of their business.
Security Affairs
AUGUST 18, 2018
Security experts have observed increasing cyber espionage activity related to China’s Belt and Road Initiative ( BRI ). The alarm was launched by the experts from cybersecurity firms FireEye and Recorded Future. China’s Belt and Road Initiative (BRI) is a development project for the building of an infrastructure connecting countries in Southeast Asia, Central Asia, the Middle East, Europe, and Africa.
Data Breach Today
AUGUST 23, 2018
Some Security Experts Recommend Replacing Struts Altogether Due to Breach Risk Apache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response experts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.
WIRED Threat Level
AUGUST 23, 2018
Researchers have demonstrated that they can discern individual letters on a display based only on the ultrasonic whine it emits.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Thales Cloud Protection & Licensing
AUGUST 21, 2018
The enactment of the European Union’s General Data Protection Regulation (GDPR) is a significant milestone for virtually every international business. Under the standard, organizations need to comply withan extensive set of requirements—or potentially face significant fines for failing to do so. Thales eSecurity and DataStax have come together to draft “Aligning GDPR Requirements with Today’s Hybrid-Cloud Realities,” which outlines a number of the issues organizations need to address to be GDPR
Security Affairs
AUGUST 19, 2018
Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign i s the unusual use of a Microsoft Office Publisher file to infect victims’ systems. Experts noticed an anomalous spike in the number of emails with a Microsoft Office Publisher file (a.pub attachment) and the subject line, “Payment Advice,” that was sent to domains belonging to banks.
Data Breach Today
AUGUST 23, 2018
Facebook's Ex-CSO Says That Ship Has Sailed; Look to 2020 With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebooks's CSO, says there isn't time to properly safeguard this year's elections. But here's how the company can get its act together in time for 2020.
WIRED Threat Level
AUGUST 22, 2018
Two close advisers to the president are now convicted felons. Here are six big questions about where this all goes next.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
eSecurity Planet
AUGUST 22, 2018
These IT security vendors lead the market through their innovative offerings, range of products and services, customer satisfaction and annual revenue
Security Affairs
AUGUST 20, 2018
The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many obfuscation steps and implementation languages.
Data Breach Today
AUGUST 20, 2018
But Most Victims of the Health Insurer's Data Breach Will See No Cash A federal judge in California has given final approval to a $115 million settlement involving health insurer Anthem over its 2015 data breach. The settlement is the largest ever reached in a data-breach related class action suit, but most victims will see no money.
WIRED Threat Level
AUGUST 22, 2018
Microsoft, Facebook, and others are ramping up efforts to thwart attacks on elections—making the US government look woefully underprepared in the process.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
TAB OnRecord
AUGUST 22, 2018
When it comes to effectively managing files, a functional classification system is the most efficient way to go. Whether you need to build a functional classification system from scratch or overhaul an existing system, this resource shows you how. It presents some basic principles of file classification along with practical strategies in developing and implementing the right system.
Security Affairs
AUGUST 19, 2018
The North Korea-linked Dark Hotel APT group is leveraging the recently patched CVE-2018-8373 vulnerability in the VBScript engine in attacks in the wild. The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows. The flaw could be exploited by remote attackers to take control of the vulnerable systems by tricking victims into viewing a specially crafted website through Internet Explorer.
Data Breach Today
AUGUST 21, 2018
Analyzing the Latest 'Wall of Shame' Trends About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 4.3 million.
WIRED Threat Level
AUGUST 24, 2018
For years, Iran has run its own secret infowar—running a remarkably similar playbook as Russia.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
AUGUST 21, 2018
A growing number of employees have various IoT devices in their homes - where they're also connecting to an enterprise network to do their work. And that means significant threats loom.
Security Affairs
AUGUST 21, 2018
Cybersecurity firm NCC Group has released an open source tool for penetration testers that allows carrying out DNS rebinding attacks. Security firm NCC Group has released an open source tool for penetration testing dubbed Singularity of Origin that allows carrying out DNS rebinding attacks. Singularity also aims to raise awareness on how DNS rebinding attacks work and how to protect from them.
Data Breach Today
AUGUST 22, 2018
Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.
Expert insights. Personalized for you.
145 
Let's personalize your content