Thu.Jul 11, 2019

FEC: Campaigns Can Use Discounted Cybersecurity Services

Krebs on Security

The U.S. Federal Election Commission (FEC) said today political campaigns can accept discounted cybersecurity services from companies without running afoul of existing campaign finance laws, provided those companies already do the same for other non-political entities.

MongoDB Database Exposed 188 Million Records: Researchers

Data Breach Today

Data Apparently Originated in a GitHub Repository Security researchers have found yet another unsecured database that left personal data exposed to the internet.

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries.

Apple Issues Silent Update to Remove Old Zoom Software

Data Breach Today

Rare Move Made to Protect Against Future Exploitation Apple has taken an extraordinary move to protect its users from a yet-to-be-disclosed vulnerability that could compromise Macs that have the Zoom video conferencing software installed.

IT 223

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Resetting Your GE Smart Light Bulb

Schneier on Security

If you need to reset the software in your GE smart light bulb -- firmware version 2.8 or later -- just follow these easy instructions : Start with your bulb off for at least 5 seconds.

IT 114

More Trending

Agent Smith Android malware already infected 25 million devices

Security Affairs

‘Agent Smith’ is a new malware discovered by Check Point researchers that replaces legit Android Apps with malicious ones that infected 25 Million devices worldwide.

IT 114

Premera Signs $10 Million Breach Settlement With 30 States

Data Breach Today

Agreement Follows Proposed $74 Million Settlement of Class Action Lawsuit Health insurer Premera Blue Cross has signed a $10 million HIPAA settlement with the attorneys general of 30 states in the wake of a 2014 data breach that exposed personal information on more than 10.4

A new NAS Ransomware targets QNAP Devices

Security Affairs

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices.

Report: New Ransomware Targets QNAP Storage Devices

Data Breach Today

Attackers Demand Bitcoin Ransom After Encrypting Data A new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear and bypassing weak credentials using brute-force techniques, according to the security firm Anomali

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

Intel Patch Tuesday updates for July 2019 address a serious flaw in Processor Diagnostic Tool and minor issue in the Solid State Drives (SSD) for Data Centers (DC).

Cybersecurity Firm McAfee Preps for Public Market Return

Data Breach Today

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe.

RiskIQ: Magecart Group Targeting Unsecured AWS S3 Buckets

Data Breach Today


The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales eSecurity

Since the General Data Protection Regulation (GDPR) took effect on May 25th last year, data protection has become a very hot topic.

GDPR 105

Legal Implications of the AMCA Data Breach

Data Breach Today

The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why

Business Architecture and Process Modeling for Digital Transformation


At a fundamental level, digital transformation is about further synthesizing an organization’s operations and technology, so involving business architecture and process modeling is a best practice organizations cannot ignore.

How to handle a ransomware attack

IT Governance

So, your computer screen has been hijacked by criminals who are demanding money to return your systems. Now what? That’s a question more organisations are having to ask themselves nowadays, with at least 55 ransomware attacks reported in the first half of 2019.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Magecart Hacker Group Hits 17,000 Domains—and Counting

WIRED Threat Level

Magecart hackers are casting the widest possible net to find vulnerable ecommerce sites—but their method could lead to even bigger problems. Security Security / Cyberattacks and Hacks

APT Groups Make Quadruple What They Spend on Attack Tools

Dark Reading

Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge


The recording industry has a terrible track record of preserving the past: Alan Cross via Global News

IG Guru

Organizations today rely heavily upon technology and electronically stored information—and when employees leave, there’s always a risk that they’ll take some information or data with them when they go, either inadvertently or on purpose.

Data Center Changes Push Cyber Risk to Network's Edge

Dark Reading

Changes in fundamental enterprise architectures coupled with shifts in human resources mean that companies are considering new risks to their infrastructure

Risk 114

Alaris E1000 Series Scanners Win Prestigious BLI Pick Award

Document Imaging Report


Summer: A Time for Vacations & Cyberattacks?

Dark Reading

About a third of cybersecurity professionals believe that their companies see more cyberattacks during the summer, but the survey data does not convince on the reasons for the perception of a summer bump

The GDPR: Preparing your organisation for DSARs

IT Governance

The GDPR (General Data Protection Regulation) has strengthened individuals’ rights to see what information organisations store on them. Requests for this information are called DSARs (data subject access requests) ­– or sometimes simply SARs (subject access requests) – and they can occur at any time. Data subjects don’t need to go through a formal process to submit a DSAR. They can simply say, for example, ‘I’d like see what data you’re keeping on me’.


The Security of Cloud Applications

Dark Reading

Despite the great success of the cloud over the last decade, misconceptions continue to persist. Here's why the naysayers are wrong

Cloud 113

Wimbledon surfaces data insights for fan engagement

IBM Big Data Hub

The All England Lawn Tennis Club (AELTC) loves their data. During The Championships, Wimbledon , last year alone, IBM collected 4.5 million tennis data points covering every point in every match. In fact, the All England Club has data going all the way back to when The Championships started in 1877


Persistent Threats Can Last Inside SMB Networks for Years

Dark Reading

The average dwell time for riskware can be as much as 869 days