Trending Articles

Trump's DNC 'Server' Conspiracy Rebutted

Data Breach Today

President Continues to Dismiss Russian Hacking Attribution, Backs Putin's Denials Asked in a press conference if he would denounce Russia for interfering in U.S. elections, President Trump responded with a conspiracy theory about a missing DNC server.

‘LuminosityLink RAT’ Author Pleads Guilty

Krebs on Security

Tools 156

The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare.

GDPR 156

Companies need CASBs now more than ever — to help secure ‘digital transformation’

The Last Watchdog

When I first wrote about Cloud Access Security Brokers in 2015, so-called CASBs were attracting venture capital by the truckloads — and winning stunning customer testimonials. CASBs (pronounced caz-bees) originally sought to resolve a fast rising security nightmare: Shadow IT. Related podcast: Web gateways emerge as crucial defense layer.

The importance of an ISO 27001 internal auditor

IT Governance

Clause 9.2 of ISO 27001 states that the purpose of an internal audit is to determine whether an organisation’s ISMS (information security management system): Conforms to its own requirements for an ISMS, as well as the requirements of the Standard; and. Is implemented and maintained effectively.

More Trending

How ‘digital transformation’ gave birth to a new breed of criminal: ‘machine-identity thieves’

The Last Watchdog

There’s a new breed of identity thief at work plundering consumers and companies. However, these fraudsters don’t really care about snatching up your credentials or mine. By now, your personal information and mine has been hacked multiple times and is readily on sale in the Dark Web. This has long been true of the vast majority of Americans. Related article: 7 hacks signaling a coming global cyber war. The identities most sought after by cyber criminals today are those associated with machines.

SRA warns about emails falsely claiming to be from a London law firm

IT Governance

The SRA (Solicitors Regulation Authority) has issued a warning about emails that falsely claim to be from London law firm Herbert Smith Freehills LLP. The SRA advised that such emails had been sent to a number of organisations.

Hospital Diverts Ambulances Due to Ransomware Attack

Data Breach Today

Latest Cyber Incident Spotlights Impact on Patient Care A ransomware attack that forced a Missouri medical center to divert ambulances carrying trauma and stroke patients to other facilities serves as reminder of the impact cyberattacks can have on healthcare delivery. What are the lessons to learn

Notorious ‘Hijack Factory’ Shunned from Web

Krebs on Security

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Data Security

The Internet of Things (IoT) is very crowded. Connected devices outnumber people. The United Nations estimates the current world population at 7.6 billion 1 , and Gartner projects over 20.8 billion devices will be connected to the Internet by 2020 2.

GUEST ESSAY: Theft of MQ-9 Reaper docs highlights need to better protect ‘high-value assets’

The Last Watchdog

The discovery of sensitive U.S. military information for sale on the Dark Web for a nominal sum, in and of itself, is unfortunate and unremarkable. However, details of the underlying hack , ferreted out and shared by researchers of the Insikt Group, an arm of the security research firm Recorded Future, are most welcomed. They help frame wider questions, and pave the way for improved best practices.

What Robert Mueller Knows—and 9 Areas He'll Pursue Next

WIRED Threat Level

The special counsel has collected a mountain of evidence in the Trump-Russia investigation, but so far only a tiny amount of it has been revealed in official indictments. Here are nine areas where we should expect answers as the inquiry unfolds. Backchannel Security

IT 63

Puzzling Health Dept. Privacy Incident Exposes HIV Data

Data Breach Today

Thousands of Individuals' Data Was Allegedly Accessible to All Agency Workers An incident involving an unsecured database containing information about thousands of HIV/AIDS patients in Tennessee is shining a spotlight on privacy risks involving sensitive health data

An essential GDPR guide for schools

IT Governance

The EU GDPR ( General Data Protection Regulation ) places greater obligations on how organisations handle personal data – including schools.

GDPR 60

Trusting in technology: the need for greater assurance in connected health

Thales Data Security

Whether offering instant access to patient records, allowing remote diagnosis of treatment, or giving access to lifestyle management and monitoring apps, it’s undeniable that the Internet of Things (IoT) and connected services are revolutionising the healthcare industry.

IoT 72

Q&A: Here’s why it has become vital for companies to deter ‘machine-identity thieves’

The Last Watchdog

We’re undergoing digital transformation , ladies and gentlemen. And we’re in a nascent phase where clever advances are blossoming even as unprecedented data breaches arise in parallel. The latest example of this dichotomy comes from Timehop, a service that enables social media users to plug into their past.

Trump-Putin Press Conference Gave Russia Everything It Wanted

WIRED Threat Level

By refusing to acknowledge Russia's role in election interference, Trump has given it the green light to continue. Security

LabCorp. Cyberattack Impacts Testing Processes

Data Breach Today

Expert: Latest Attack on Healthcare Sector - Growing Target Medical laboratory testing firm LabCorp. is investigating a weekend cyberattack on its IT network, which was resulted in the company taking certain processes offline. The attack is just the latest cyber assault on the healthcare sector

IT 158

How to simplify the data mapping process under the GDPR

IT Governance

As part of an EU GDPR (General Data Protection Regulation) compliance project, organisations are required to map their data and information flows. However, identifying and keeping track of all the information flowing in and out of your organisation can be challenging.

GDPR 69

Digital Assistants Could Be Amongst the Hottest Selling Items on Amazon Prime Day, But Security Fears Are Still Putting Some Consumers Off

Thales Data Security

In June, Microsoft issued a patch for Cortana to solve a vulnerability whereby threat actors could access devices by activating their search functions, even if the devices were locked.

OpenText Enterprise World 2018 – Day Three

OpenText Information Management

It’s been an action-packed few days at Enterprise World 2018 in Toronto on the back of the big announcement of the release of next-generation platform OpenText™ OT2. On day one of Enterprise World 2018, Mark J.

Blog 56

Russians Found One Use for Bitcoin: Hacking the 2016 US Election

WIRED Threat Level

The 12 Russian intelligence officers accused of hacking the DNC allegedly used $95,000 worth of Bitcoin and other cryptocurrencies to fund their operation. Security

RiskIQ: Ticketmaster Hackers Compromised Widely Used Tools

Data Breach Today

Tools 182

Weekly podcast: banks, Thomas Cook, London cyber court and Facebook

IT Governance

This week, we discuss operational resilience in the banking and financial market infrastructures sectors, a data breach affecting Thomas Cook subsidiaries, London’s proposed new court building and the latest development in the Facebook/Cambridge Analytica scandal.

Roadmap for the Data Gold Rush: Maintaining Qualitative Data in the IoT Environment

Thales Data Security

We have come a long way since the GPS watch. Now cities like Barcelona use sensors to monitor everything from noise pollution to waste management.

Researchers show how to manipulate road navigation systems with low-cost devices

Security Affairs

Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers and manipulate road navigation systems. Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers.

Paper 76

Ukraine Blocks a Russian Hack, a Silk Road Arrest, and More Security News This Week

WIRED Threat Level

Drone plans for sale, a Silk Road arrest, and more security news this week. Security

Sales 58

FBI: Global Business Email Compromise Losses Hit $12.5 Billion

Data Breach Today

CEO Fraud' Remains Alive, Well and Underreported Known losses due to business email compromise have exceeded $12.5 billion worldwide, the FBI's Internet Complaint Center reports, adding that fraudsters are increasingly targeting the U.S. real estate sector with such scams

158

Information security and compliance training for the healthcare sector

IT Governance

Healthcare is one of the hardest-hit industries when it comes to data breaches. Healthcare providers (HCPs) and industry partners process significant amounts of data which that is both attractive and valuable to cyber criminals.

Keeping the Internet Secure

Adam Shostack

Today, a global coalition led by civil society and technology experts sent a letter asking the government of Australia to abandon plans to introduce legislation that would undermine strong encryption.

Cynefin Framework: Disorder in Healthcare

Perficient Data & Analytics

During the last several blogs , we talked about the Cynefin framework and its four types of projects: Simple, Complicated, Complex and Chaotic.

Director of National Intelligence warns of devastating cyber threat to US infrastructure

Security Affairs

The Director of the National Intelligence Dan Coats warned last week of a devastating cyber threat to US infrastructure, he said that “warning lights are blinking red again.”.

10 Takeaways: Russian Election Interference Indictment

Data Breach Today

Alleged Playbook Included Phishing, Malware, False Identities, Bitcoin Payments The U.S. Justice Department's indictment of 12 Russian intelligence officers for attempting to interfere in the 2016 U.S.

Tools to help identify gaps in your GDPR compliance

IT Governance

With data breaches on the rise , and organisations such as Dixons Carphone and Ticketmaster being high-profile cases, compliance with the EU GDPR (General Data Protection Regulation) should be a priority for all organisations. Assess your current stance against the GDPR.

Tools 54