Tue.Sep 14, 2021

BitSight, Mastercard and Tenable Make Acquisitions

Data Breach Today

Risk Assessment, Improving DevSecOps, Cryptocurrency Risk Research Drive Deals Merger and acquisition activity picked up in September with BitSight, Tenable and Mastercard, all making deals. Moody's became BitSight's largest shareholder after making a $250 million investment in the company

Risk 213

Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw

Security Affairs

A high severity vulnerability, tracked as CVE-2021-3437 , in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks.

Access 103
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Microsoft Patches MSHTML Vulnerability

Data Breach Today

Flaws in Windows Scripting Engine and DNS Fixed Microsoft's September Patch Tuesday security update covers 61 vulnerabilities, with four rated critical.

It’s a Good Day to Update All Your Devices. Trust Us

WIRED Threat Level

iOS, Windows, and Chrome all have zero-day vulnerabilities that hackers are going after. Now that the fixes are here, you need to install them ASAP. Security Security / Security Advice

IT 93

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Researchers: 61M Health IoT Device User Records Exposed

Data Breach Today

Database Belonged to a Firm That Apparently Just Shut Down An unsecured database belonging to an apparently recently defunct firm exposed 61 million records of wearable health and fitness device users on the internet, say the security researchers who discovered the non-password-protected database in cooperation with the WebsitePlanet research team.

IoT 161

More Trending

SEC Chair Pushes for Additional Cryptocurrency Regulations

Data Breach Today

Testifying Before Senate Committee, Gary Gensler Again Calls Crypto 'Wild West' U.S.

Risk 145

US CISA appointed Kiersten Todt as new chief of staff

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S.

OnDemand | Cyber Threats Facing Oil, Gas & Chemical Businesses

Data Breach Today

Understanding Defense, Detection and Response How oil, gas, and chemical businesses can mitigate the threats facing them

140
140

Mēris Bot infects MikroTik routers compromised in 2018

Security Affairs

Latvian vendor MikroTik revealed that recently discovered M?ris ris botnet is targeting devices that were compromised three years ago.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

Top Initial Attack Vectors: Passwords, Bugs, Trickery

Data Breach Today

Apple Patches Vulnerabilities in iOS Exploited by Spyware

eSecurity Planet

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ).

New York Vaccine Passport App Stored Forged Credentials

Data Breach Today

NCC Group: Users Could Fraudulently Create QR Code, Get COVID Pass A recently patched flaw in a mobile app allowing N.Y. residents to acquire and store a COVID-19 vaccine credential did not validate user input properly and stored forged verifications, according to security researchers.

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Threatpost

The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. Bug Bounty Vulnerabilities Web Security

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

45TB LTO-9 tape media and drives just debuted via The Register

IG Guru

Check out the article here. The post 45TB LTO-9 tape media and drives just debuted via The Register appeared first on IG GURU. IG News Risk News Storage Fujifilm HPE IBM LTO-9 Quantum Stroage Tape Tape Backup

Risk 63

Microsoft Patches Actively Exploited Windows Zero-Day Bug

Threatpost

On Patch Tuesday, Microsoft fixed 66 CVEs, including an RCE bug in MSHTML under active attack as threat actors passed around guides for the drop-dead simple exploit. Vulnerabilities Web Security

Australia: Consumer Data Right pipeline to cast a wide net

DLA Piper Privacy Matters

Authors: Anthony Lloyd , Alex Horder. Background.

The shifting diversity and inclusion landscape

OpenText Information Management

Whether it’s the rise in global activism or the disproportionate impact the global pandemic has had on women in the workforce, a renewed focus has been placed on the importance of corporate diversity and inclusion programs over the past 18 months.

IT 60

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

Stop! Go patch your iOS/iPadOS and macOS devices against Pegasus spyware right now!

Jamf on EdTech

Patching the critical flaw exploited by Pegasus, Apple’s newest releases target the OS and software to fully protect your devices against this vulnerability that has been reported as actively exploited in the wild

84

NHS app storing facial verification data via contract with firm linked to Tory donors

The Guardian Data Protection

Exclusive: Campaigners raise privacy concerns over government deal with iProov The NHS app is collecting and storing facial verification data from UK citizens in a process which has fuelled concerns about transparency and accountability. The data collection is taking place under a contract with a company linked to Tory donors called iProov, awarded by NHS Digital in 2019, which has yet to be published on the government website. Continue reading.

Innovating with your customers

OpenText Information Management

From healthcare to supply chains to cyber security, the global pandemic has fundamentally changed how we live and work.

Evaluate a Proven Approach to eDiscovery and Data Processing with CloudNine Explore

eDiscovery Daily

The digital age has had a major impact on more than just how we occupy our free time. It’s also changed the way we review and process legal data. . Lawyers and paralegals handle much more than the physical evidence of discovery.

Cloud 55

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

BlackMatter Ransomware Hits Japanese Tech Giant Olympus

Threatpost

The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups. Hacks Malware

The Importance of Legal Identity and Significance of International Identity Day

HID Global

The Importance of Legal Identity and Significance of International Identity Day. ksangal. Tue, 09/14/2021 - 10:30

60

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

Threatpost

The well-known banking trojan retools for stealth with a whole new attack routine, including using ads for Microsoft TeamViewer and Zoom to lure victims in. Malware

75

Project WARC-Speed: Challenges and opportunities for web archiving programs

Archive-It

By Grace McGann (Moran), Teen Librarian, Tipp City Public Library. As a Graduate Web Archiving Assistant during the 2020-21 academic year, I was tasked with evaluating the University of Illinois Archive-It partnership and creating a plan for its continued success.

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast

Threatpost

Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws. Malware Podcasts Vulnerabilities Web Security

What to remember from our conferences at Documation

Everteam

W hat to learn from our conferences at Documation This year again, we were exhibitors at Documation, which took place in Paris from September 7 to 9. In addition to a very lively stand with many visits from our customers, prospects and partners, we hosted 3 conferences.

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

Threatpost

Adobe releases security updates for 59 bugs affecting its core products, including Adobe Acrobat Reader, XMP Toolkit SDK and Photoshop. Vulnerabilities