Trending Articles

What You Should Know About the Equifax Data Breach Settlement

Krebs on Security

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans.

Equifax Negotiates Potential $700 Million Breach Settlement

Data Breach Today

Deal Prepped With Feds and State Attorneys General Includes Victim Compensation Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit.

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects.

Hackers Expose Russian FSB Cyberattack Projects

Schneier on Security

More nation-state activity in cyberspace, this time from Russia : Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Think FaceApp Is Scary? Wait Till You Hear About Facebook

WIRED Threat Level

The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny. Security Security / Privacy

More Trending

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

New APT34 campaign uses LinkedIn to deliver fresh malware

Security Affairs

The APT24 group continues its cyber espionage activity, its members were posing as a researcher from Cambridge to infect victims with three new malware. Experts at FireEye have uncovered a new espionage campaign carried out by APT34 APT group ( OilRig , and HelixKitten. Greenbug ) through LinkedIn.

Authentication and the Have I Been Pwned API

Troy Hunt

The very first feature I added to Have I Been Pwned after I launched it back in December 2013 was the public API.

Hackers Made an App That Kills to Prove a Point

WIRED Threat Level

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be. Security Security / Cyberattacks and Hacks

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Party Like a Russian, Carder’s Edition

Krebs on Security

“It takes a certain kind of man with a certain reputation.

Video 210

Despite BlueKeep Warnings, Many Organizations Fail to Patch

Data Breach Today

Emsisoft releases a second decryptor in a few days, this time for ZeroFucks ransomware

Security Affairs

Security experts at Emsisoft released a second decryptor in a few days, this time announced a free decryptor for the ZeroFucks ransomware.

NEW TECH: Early adopters find smart ‘Zero Trust’ access improves security without stifling innovation

The Last Watchdog

As we approach the close of the second decade of the 21 st century, it’s stunning, though perhaps not terribly surprising, that abused logon credentials continue to fuel the never-ending escalation of cyber attacks. Related: Third-party risks exacerbated by the ‘gig economy’ Dare we anticipate a slowing — and ultimately the reversal – of this trend? Yes, I believe that’s now in order.

Access 117

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Palantir's Surveillance Service for Law Enforcement

Schneier on Security

Motherboard got its hands on Palantir's Gotham user's manual, which is used by the police to get information on people: The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives.

FOIA 103

Is ‘REvil’ the New GandCrab Ransomware?

Krebs on Security

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims.

Payment Fraud: Criminals Enroll Stolen Cards on Apple Pay

Data Breach Today

Fraud Fighters Also See Spikes in ATM Malware, Card Enrollment as a Service Fraudsters continue to get new tricks up their sleeves.

235
235

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Security Affairs

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate.

Browser Extensions Scraped Data From Millions of People

WIRED Threat Level

Slack passwords, NSO spyware, and more of the week's top security news. Security Security / Security News

Bring your own identity (BYOI): New models of digital identity

Information Management Resources

As digital business grows across all industries, and data privacy continues to pose a significant risk to enterprises, the growing need for security includes a reliance on trust in digital identities. Digital ID Personally identifiable information Data types

Risk 106

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

Phishing Scheme Targets Amex Cardholders

Data Breach Today

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

Poland and Lithuania are probing the potential privacy and security risks of using a Russian-made app FaceApp. Millions of people recently downloaded the FaceApp app and are taking part in the “ #FaceApp Challenge ” to show friends how they can look like when they will be old and grey.

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders.

Zoom Vulnerability

Schneier on Security

The Zoom conferencing app has a vulnerability that allows someone to remotely take over the computer's camera.

Data governance in the age of AI: Beyond the basics

Information Management Resources

Ensuring the quality of data becomes increasingly important so that organizations don’t wind up making bigger mistakes. Data governance Data management Data strategy

Patient Record Snooping Incident Leads to GDPR Fine

Data Breach Today

GDPR 205

Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

Security Affairs

Hackers breached at least 62 college and university networks exploiting a flaw in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP.

$700 Million Equifax Fine Is Still Too Little, Too Late

WIRED Threat Level

For failing to safeguard Social Security numbers, credit card numbers, and more, Equifax will pay up—but not enough, experts say. Security Security / Security News

John Paul Stevens Was a Cryptographer

Schneier on Security

I didn't know that Supreme Court Justice John Paul Stevens "was also a cryptographer for the Navy during World War II." He was a proponent of individual privacy. courts cryptography historyofcryptography privacy surveillance

Understanding the role of governance in data lakes and warehouses

Information Management Resources

While they have innate differences, and serve organizations differently, there is a universal thread that runs through both, without which, would render them useless. Data lakes Data warehouses Data governance

Phishing Campaign Tied to Amazon Prime Day

Data Breach Today

Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users