Trending Articles

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents.

DHS Issues More Urgent Warning on DNS Hijacking

Data Breach Today

Government Agencies Should Audit DNS Settings Within 10 Days The U.S. Department of Homeland Security says executive branch agencies are being targeted by attacks aimed at modifying Domain Name System records, which are critical for locating websites and services.

France Hits Google with $57 Million GDPR Fine

Data Breach Today

Record Privacy Fine Sends Strong Signal to Data-Processing Technology Companies France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation.

GDPR 225

MY TAKE: US cyber adversaries take cue from shutdown to accelerate malware deployment

The Last Watchdog

One profound consequence of Donald Trump’s shutdown of the federal government, now in day 33, is what a boon it is to US cyber adversaries. And moving forward, the long run ramifications are likely to be dire, indeed. Related: Welcome to the ‘golden age’ of cyber espionage.

Google fined £44 million in landmark GDPR ruling

IT Governance

Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). .

GDPR 103

Clever Smartphone Malware Concealment Technique

Schneier on Security

This is clever : Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks.

More Trending

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

GUEST POST: Six tangible ways ‘SOAR’ can help narrow the cybersecurity skills gap

The Last Watchdog

The cybersecurity talent shortage is here to stay. With an estimated 1.5-2 million unfulfilled cybersecurity positions, organizations are coming to terms with the fact that no amount of creative hiring initiatives will rid them of the need of figuring out how to protect their organizations despite being short staffed. Related: Addressing the cyber skills gap. This does not mean the creative staffing solutions do not serve their purpose.

Collection #1 Mega Breach Leaks 773 Million Email Accounts

Adam Levin

A gigantic trove of email addresses and passwords containing over 2 billion records has been discovered online. The breached data, dubbed “Collection #1” by cybersecurity expert Troy Hunt , is more than 87 gigabytes and contains roughly 773 million email address and 21 million unique passwords.

Evaluating the GCHQ Exceptional Access Proposal

Schneier on Security

The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the U.K.,

Access 108

Securing data in the hybrid cloud

Thales Data Security

IDG’s 2018 Cloud Computing Study tells us: Seventy-three percent of organizations have at least one application, or a portion of their computing infrastructure already in the cloud – 17% plan to do so within the next 12 months.

Cloud 82

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, reportedly occurred last October.

How to Find Your Netflix Freeloaders—and Kick Them Out

WIRED Threat Level

Sharing is caring. But it's worth checking if your streaming accounts have picked up any suspicious stragglers along the way. Security

Prices for Zero-Day Exploits Are Rising

Schneier on Security

Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would pay up to $2 million for zero-click jailbreaks of Apple's iOS, $1.5

Emotet Malware Returns to Work After Holiday Break

Data Breach Today

Fallout Exploit Kit Has Also Reappeared, Distributing GandCrab Ransomware Cybercrime outfits appeared to take a vacation around the December holidays.

Encryption trends and predictions over 50 years

Thales Data Security

Modern encryption can trace its root back to before WWII when Alan Turing built a modern computer in order to break the Enigma. Much has changed since then but the core goals remain the same: limit who has access to certain information and prove the authenticity of who sent a message.

GUEST ESSAY: What your company should know about addressing Kubernetes security

The Last Watchdog

Kubernetes is one of many key enabling technologies of digital transformation that has tended to remain obscure to non-technical company decision makers. Related podcast: Securing software containers. Kubernetes is an administration console — an open source project from Google that makes containerized software applications easy to deploy, scale, and manage.

Trump Must Be a Russian Agent; the Alternative Is Too Awful

WIRED Threat Level

We know a lot about the “what” of the Mueller probe’s findings. The crucial questions now focus on the “why.”. Security

The Evolution of Darknets

Schneier on Security

Sales 76

Your Garage Opener Is More Secure Than Industrial Remotes

Data Breach Today

Trend Micro Says It Moved Cranes Using RF Software Flaws Radio controllers used in the construction, mining and shipping industries are dangerously vulnerable to hackers, Trend Micro says in a new report.

How Cybercriminals Clean Their Dirty Money

Dark Reading

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning

103
103

What is an ISMS and 8 reasons why you should implement one

IT Governance

An ISMS (information security management system) is a centrally managed framework for keeping an organisation’s information secure. It contains a set of policies, procedures and controls for protecting the confidentiality, integrity and availability of information.

An Astonishing 773 Million Records Exposed in Monster Breach

WIRED Threat Level

Collection #1 appears to be the biggest public breach yet, with millions of unique passwords sitting out in the open. Security

Hacking Construction Cranes

Schneier on Security

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories.

5 Malware Trends: Emotet is Hot, Cryptominers Decline

Data Breach Today

Attackers Dig Deeper Into Businesses as WannaCry Lingers, Ransomware Lives On As the value of cryptocurrency has plummeted, so too have the number of cryptomining infections being seen in the wild, reports security firm Malwarebytes.

Trends 168

A flaw in MySQL could allow rogue servers to steal files from clients

Security Affairs

A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS).

How to choose the best B2B Integration software & cloud solutions in 2019

OpenText Information Management

This is the 21st century. We can do incredible things with digital technologies. It’s transforming almost every part of business. Yet, research has shown that over 50% of information exchanged between business partners still travels by fax, email or phone rather than B2B integration technologies.

B2B 61

If Trump Told Cohen to Lie, Impeachment Is Coming

WIRED Threat Level

An explosive new report from Buzzfeed News makes the impeachment of Donald Trump not just possible, but likely. Security

El Chapo's Encryption Defeated by Turning His IT Consultant

Schneier on Security

Impressive police work : In a daring move that placed his life in danger, the I.T. consultant eventually gave the F.B.I. his system's secret encryption keys in 2011 after he had moved the network's servers from Canada to the Netherlands during what he told the cartel's leaders was a routine upgrade.

Dharma Gang Pushes Phobos Crypto-Locking Ransomware

Data Breach Today

Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack

Security Affairs

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device.

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1".

How the Feds Failed to Track Thousands of Separated Children

WIRED Threat Level

Ad-hoc systems and haphazard databases made the Trump administration’s cruel border separation policies somehow even worse. Security

Brexit uncertainty and the DPA 2018

IT Governance

On 29 January, MPs will vote on Theresa May’s revised Brexit deal, in what may well be the final attempt to prevent the UK leaving the EU without a formal agreement. As it stands, the prospect of a deal doesn’t look good.

GDPR 60