Trending Articles

Update: More Alerts About Medical Device Security Flaws

Data Breach Today

Latest Advisories a Reminder of Legacy Product Risks Several recent advisories from federal regulators concerning newly identified vulnerabilities in certain medical devices serve as the latest reminders of the risk management challenges involved

Risk 130

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

SHARED INTEL: What can be done — today — to keep quantum computing from killing encryption

The Last Watchdog

There’s little doubt that the shift to quantum computing will open new horizons of digital commerce. But it’s also plain as day that the mainstreaming of quantum processing power will profoundly exacerbate cybersecurity exposures. Related: The ‘post quantum crytpo’ race is on This isn’t coming as any surprise to IT department heads.

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Thales eSecurity

In the modern era of a global information economy, every single day, enormous amounts of information are transmitted, stored and collected worldwide.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Security Affairs

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware.

More Trending

Patch Tuesday, November 2019 Edition

Krebs on Security

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and programs that run on top of it.

IT 130

Steps to Take for Preventing Hipaa Violations

Record Nations

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that provides minimum requirements for protecting certain health information. For anyone who handles medical records or works with patient data, an understanding of the basic HIPAA requirements is crucial.

146 New Android Bugs, an Audio Porn Streaming Site, and More News

WIRED Threat Level

Catch up on the most important news from today in two minutes or less. Security Security / Cyberattacks and Hacks

Checkra1n, a working iPhone Jailbreak, was released

Security Affairs

A working exploit for the checkm8 BootROM vulnerability is now available and security experts fear that threat actors could use is in attacks in the wild.

Risk 52

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Roger Stone Found Guilty on All 7 Counts

Data Breach Today

Case Stems From Mueller's Investigation of Russian Election Interference Roger J. Stone, Jr.,

130
130

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Krebs on Security

Friday Squid Blogging: Planctotuethis Squid

Schneier on Security

Neat video , and an impressive-looking squid. I can't figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here. squid video

10-18-2019

Document Imaging Report

DIR 10-18-2019.

52

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

DDoS-for-Hire Services operator sentenced to 13 months in prison

Security Affairs

Sergiy P. , the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P.

7 Takeaways: Insider Breach at Twitter

Data Breach Today

Bribing Employees Easier Than Hacking Silicon Valley, Security Experts Say Why try to hack Silicon Valley firms if you can buy off their employees instead?

Documentation Theory for Information Governance

ARMA International

This article is part of a collaboration between ARMA and AIEF and is included in Information Management Magazine, ARMA-AIEF Special Edition , which will be available for download in November. A printed version of the special issue will be available as well, for a nominal fee.

TPM-Fail Attacks Against Cryptographic Coprocessors

Schneier on Security

Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks , by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

#DevDay: Where modernization meets realization

Micro Focus

Introduction to the Micro Focus #DevDay 2020 series #DevDay has been running for more than five years and across more than 50 locations. So what’s new for 2020? Paula Barker, Field Marketing Manager for Application Modernization, gives us a sneak preview.

The Australian Parliament was hacked earlier this year

Security Affairs

The computer network of Australian Parliament was hacked earlier this year, and hackers exfiltrated data from the computers of several elected officials.

Phishing Campaigns Spoof Government Agencies: Report

Data Breach Today

Proofpoint Research Points to More Sophisticated Techniques A newly discovered hacking group is using an array of sophisticated spoofing and social engineering techniques to imitate government agencies, including the U.S.

146 New Vulnerabilities All Come Preinstalled on Android Phones

WIRED Threat Level

The dozens of flaws across 29 Android smartphone makers show just how insecure the devices can be, even brand-new. Security Security / Security News

Government of Nunavut returns to paper records after ransomware attack

IG Guru

Another unfortunate case of a ransomware attack on a municipality. Read more here and how they may end up paying the ransom. The post Government of Nunavut returns to paper records after ransomware attack appeared first on IG GURU.

Paper 52

Rocking the Net Promoter®. Again.

Micro Focus

Micro Focus Net Promoter Score – Latest Results Today, I’m going to take a look at the latest Micro Focus Net Promoter® Score (NPS) Competitive Benchmark Results. (a) a) NPS Results We run our competitive benchmark program quarterly using rolling data.

52

Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping

Security Affairs

On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency.

DOJ: Pair Used SIM Swapping Scam to Steal Cryptocurrency

Data Breach Today

Two Men Targeted 10 Executives Who Had Cryptocurrency Connections A pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target executives in order to steal more than $550,000 worth of cryptocurrency, the U.S.

130
130

How to write an ISO 27001-compliant risk assessment procedure

IT Governance

As part of your ISO 27001 certification project, your organisation will need to prove its compliance with appropriate documentation. ISO 27001 says that you must document your information security risk assessment process. Key elements of the ISO 27001 risk assessment procedure. Clause 6.1.2

Risk 52

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I'm speaking on " Securing a World of Physically Capable Computers " at the Indian Institute of Science in Bangalore, India on December 12, 2019. The list is maintained on this page. schneiernews