Trending Articles

Anthem Mega-Breach: Record $16 Million HIPAA Settlement

Data Breach Today

Regulators Say Health Insurer Failed to Take Basic Security Steps Federal regulators have smacked health insurer Anthem with a record $16 million HIPAA settlement in the wake of a cyberattack revealed in 2015, which impacted nearly 79 million individuals. What missteps does the settlement highlight

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

The Last Watchdog

Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure. And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas.

Supply Chain Security 101: An Expert’s View

Krebs on Security

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency.

How DNA Databases Violate Everyone's Privacy

Schneier on Security

If you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public.

Expert released PoC Code Microsoft Edge Remote Code Execution flaw

Security Affairs

Security expert published the PoC exploit code for the recently fixed critical remote code execution flaw in Edge web browser tracked as CVE-2018-8495. The October 2018 Patch Tuesday addressed 50 known vulnerabilities in Microsoft’s products, 12 of them were labeled as critical.

Trends 111

Pentagon Travel Provider Data Breach Counts 30,000 Victims

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel.

30k+ Pentagon Employees Compromised in Data Breach

Adam Levin

The credit card data and travel records of roughly 30,000 employees of the U.S. Defense Department have been compromised in a data breach. The hack was first detected on October 4th, but may have occurred months ago and could have affected more accounts than initially reported.

More Trending

How to detect a data breach

IT Governance

The need for speed. Data breaches can have serious financial consequences for organisations of all sizes. The faster a breach can be detected and contained, the lower the costs for the organisation.

How Cybercriminals are Targeting free Wi-Fi Users?

Security Affairs

Free Wi-Fi is convenient, but it is also unsafe and puts users at great risk. Here’s how the cybercriminals attack user on these open networks. The free Wi-Fi is one of the catchiest things for the users in today’s world.

Facebook Clarifies Extent of Data Breach

Data Breach Today

30 Million Affected; 14 Million Had Extensive Information Exposed Facebook now says that 20 million fewer accounts were breached than it originally believed, but the attackers accessed extensive sensitive personal information on nearly half of those affected

CINRA Act Looks to Standardize Breach Notification

Adam Levin

A bill seeking to standardize data breach notifications for the financial industry at the federal level was passed this week by the House Financial Services Committee. Bill H.R.

Security in a World of Physically Capable Computers

Schneier on Security

It's no secret that computers are insecure. Stories like the recent Facebook hack , the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they're just the newsworthy tip of a very large iceberg.

Know your enemy – understanding the 7 different types of data breaches

IT Governance

Every day almost 7 million data records are compromised , with no organisation or sector immune. Organisations are facing a war on data breaches, so it’s imperative that ‘know your enemy’ becomes part of their battle tactics.

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks. The flaw was discovered by the Brazilian researcher Mauricio Corrêa, founder of Brazilian security company XLabs.

Medtronic Cardiac Devices Recalled Due to Cyber Concerns

Data Breach Today

FDA Announces 'Voluntary Recall' Related to Vulnerabilities The FDA has announced a "voluntary recall" by Medtronic of certain internet-connected programmers for implantable cardiac devices due to cybersecurity vulnerabilities.

Weekly Update 108

Troy Hunt

I'm in Texas! And I've had enough BBQ to last me a very long time. I'm here doing a couple of speaking events and other related things as well as taking some time out with my wife to see the sites.

Cybersecurity Awareness Month Blog Series: It’s Cybersecurity Awareness Month – advice to SMBs

Thales Data Security

This October marks the 15 th year of Cybersecurity Awareness Month.

Why is the GDPR still something I should be concerned about?

IT Governance

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018.

GDPR 86

Pentagon Defense Department travel records data breach

Security Affairs

Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel.

10 Cyberattacks Investigated Weekly by UK

Data Breach Today

Majority of Incidents Trace to Hostile Nation-States, NCSC Says The U.K.'s s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say

CIP Spotlight: Devon McCollum is Serious About the Information Industry

AIIM

Why choose certification? For me, it's about proof (to myself and to employers) of my expertise.

Gimmal Extends its DoD 5015.2 Certified Records Management Certification to SharePoint 2016

Gimmal

Gimmal, the world’s leading provider of records management and information governance software, is excited to announce that Gimmal Records Management , which already provides DoD 5015.2-certified for Microsoft SharePoint 2010 and 2013, is now extending its certification to Microsoft 2016.

Government Perspective on Supply Chain Security

Schneier on Security

This is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now. cybersecurity infrastructure internetofthings nationalsecuritypolicy nsa

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Security Affairs

A group of hackers is targeting Drupal vulnerabilities, including Drupalgeddon2, patched earlier this year to install a backdoor on compromised servers.

Mining 100

HHS Updates Security Risk Assessment Tool

Data Breach Today

But Why Is Conducting a Risk Analysis So Challenging for So Many Organizations? The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Risk 179

How to Check If Your Facebook Account Got Hacked—And How Badly

WIRED Threat Level

Facebook Friday offered more details about its recent breach. Here's how to see if you were affected. Security

Are Data Breaches the New Reality for Retail?

Thales Data Security

As digital transformation takes hold, the retail industry is under siege from cyber criminals and nation states attempting to steal consumers’ personal information, credit card data and banking information. Lines are now blurred between physical and digital experiences.

Kanye’s Password

Roger's Information Security

Everyone and his brother, inside of infosec and outside has been chortling at Kanye’s iPhone password. Its 00000. Not everyone is in on the joke. Some express OUTRAGE. “how how dare you share that man’s password” (it was on CNN, its out there now).

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware.

Aetna Hit With More Penalties for Two Breaches

Data Breach Today

Cases Involved Mailings That Potentially Exposed Sensitive Health Information Health insurer Aetna is still paying the price for two 2017 privacy breaches involving mailings that potentially exposed HIV and cardiac condition information about thousands of individuals. Here's the latest update

Robert Mueller Has Already Told You Everything You Need To Know

WIRED Threat Level

With the exception of President Trump’s legal team, no one has been watching the Mueller investigation more closely than Garrett Graff. Security

Privacy for Tigers

Schneier on Security

Ross Anderson has some new work : As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching. Wildlife crime syndicates can not only coordinate better but can mine growing public data sets, often of geotagged images.

WannaCry Ransomware attack costs £92 million

IT Governance

The Department of Health and Social Care has estimated that the WannaCry ransomware attack , which disrupted more than 80 trusts and hundreds of GP practices last year, cost £92 million.

Ex-NASA contractor pleaded guilty for cyberstalking crimes

Security Affairs

A former NASA contractor has pleaded guilty for a cyberstalking scheme, the man blackmailed seven women threatening to publish their nude pictures.

Report: Cryptocurrency Exchanges Lost $882 Million to Hackers

Data Breach Today

Launching an ICO? You're a Target, Group-IB Warns An analysis of attacks against cryptocurrency exchanges over nearly two years shows hackers have inflicted $882 million in damages, according to the Russian security firm Group-IB. The tally of losses is likely to grow next year, the company warns

Groups 165

Top 4 Project Management Tools

AIIM

A great project development team can only be great with the right tools. Through the numerous project management methodologies and top-down inferences, there is one constant; management tools. Even the best managers can’t work efficiently without them.

Tools 67

Developing a PaaS Migration Strategy

Perficient Data & Analytics

In the post “The Business Case Justification for PaaS” we looked at the benefits and a business case for PaaS. In this blog we will look at the steps to create a migration strategy to PaaS including re-platforming legacy applications.