Wed.Mar 13, 2019

Ursnif Banking Trojan Variant Steals More Than Financial Data

Data Breach Today

Researchers Say Latest Version Evades Detection A variant of the long-running Ursnif banking Trojan is able to better evade security protection and has the ability to steal not only financial information but also email user accounts, the content of inboxes and digital wallets, researchers report

Data 219

Ad Network Sizmek Probes Account Breach

Krebs on Security

Online advertising firm Sizmek Inc. [ NASDAQ: SZMK ] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers.

Ransomware Attack on Vendor Affects 600,000

Data Breach Today

These Cookie Warning Shenanigans Have Got to Stop

Troy Hunt

This will be short, ranty and to the point: these warnings are getting ridiculous: I know, tell you something you don't know! The whole ugly issue reared its head again on the weekend courtesy of the story in this tweet: I’m not sure if this makes it better or worse.

Mining 113

Hackers Love to Strike on Saturday

Data Breach Today

Analysis of Pre-GDPR Breach Reports in UK Reveals Attack Trends If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. And a review by Redscan of cybersecurity incidents reported to Britain's privacy regulator before GDPR took effect confirms it

GDPR 188

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

There are certain things we as consumers have come to do intuitively: brushing our teeth in the morning; looking both ways before crossing a city street; buckling up when we get into a car. Related: What needs to happen to enable driverless transportation — safely. In the not too distant future, each one of us will need to give pause, on a daily basis, to duly consider how we purchase and use Internet of Things devices and services. This is coming.

IoT 152

More Trending

CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups

Security Affairs

One of the zero-day flaws ( CVE-2019-0797 ) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups.

Groups 100

Art Coviello on the 2019 State of Security

Data Breach Today

Ex-RSA Chair Weighs In on Threats, Technologies and Opportunities Retired RSA Chairman Art Coviello is optimistic about the rise of privacy and the progression in how enterprises secure their critical, expanded networks. But he also has significant concerns

Judging Facebook's Privacy Shift

Schneier on Security

Facebook is making a new and stronger commitment to privacy. Last month, the company hired three of its most vociferous critics and installed them in senior technical positions.

Using Machine Learning for Fraud Prevention

Data Breach Today

Machine learning can play an important role in fraud prevention at financial institutions, says Marc Trepanier of ACI Worldwide, who addresses the challenges involved


Russia attempts to prevent Russian citizens from using ProtonMail

Security Affairs

ProtonMail back after the Russian government has been attempting to prevent Russian citizens from sending messages to ProtonMail.

Guest Blog: End-to-End Data Encryption with Data Reduction from Thales & Pure Storage

Thales eSecurity

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction.

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread.

Average cost of cyber crime is now $13 million

IT Governance

The digital landscape is changing quickly, and cyber crime is on the rise. Last year there were 2.3 billion data breaches, compared to 826 million in 2017. With attacks becoming increasingly sophisticated and hard to defend against, they can cost organisations a lot of money each year.

NEW TECH: Votiro takes ‘white-listing’ approach to defusing weaponized documents

The Last Watchdog

It’s hard to believe this month marks the 20th anniversary of the release of the devastating Melissa email virus which spread around the globe in March 1999. Related: The ‘Golden Age’ of cyber espionage is upon us. Melissa was hidden in a weaponized Word document that arrived as an email attachment.

IoT Cybersecurity Bill Proposed to Congress

Adam Levin

Congress proposed a bill to improve the security of internet-enabled devices called the Internet of Things (IoT) Cybersecurity Improvement Act of 2019.

IoT 69

Hybrid IT tactics and techniques

DXC Technology

As companies embrace hybrid IT, they must address both technology and the human side of change. There are several key actions to take: Staff and train differently: As applications move from traditional platforms to the cloud, current IT staff needs to be trained and re-skilled. Companies should recruit developers adept in Agile methodologies. Siloes should […]. Cloud DevOps Digital Transformation Platform AI automation cloud cloudops governance hybrid IT shadow IT talent

What’s the difference between data mining and text mining?

OpenText Information Management

Even though data mining and text mining are often seen as complementary analytic processes that solve business problems through data analysis, they differ on the type of data they handle.

When Facebook Goes Down, Don't Blame Hackers

WIRED Threat Level

Facebook, Instagram, and WhatsApp spent several hours offline in many parts of the world today. Just don't call it a DDoS attack. Security

IT 60

Gambling trade bodies are creating a powerful lobbying group amid strengthening regulations

IT Governance

Say "Hello" to Microsoft Kaizala!


Tools 56

Two New Proposed Rules Would Increase Interoperability of Health Information


Interoperability takes center stage in the world of healthcare once again as both the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) propose new rules to increase patient and provider access to health records.

CMS 56

Fix what ain’t broken to keep your expensive equipment running seamlessly

OpenText Information Management

“Don’t fix what ain’t broken,” the cliché runs. But anyone with expensive assets to maintain – from precision tooling machines to a fleet of jets – knows that you don’t fix only the things that are broken.

Tools 55

Questions to ask a document imaging provider – Part 2

TAB OnRecord

Last week we explored some initial questions to ask a prospective document imaging provider. As we pointed out, you need to get some up-front clarity on the quote; find out who will be working on the project; and enquire about their methodologies for planning, document access and security.

Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw


Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat. Vulnerabilities Web Security apt CVE-2019-0797 Exploit FruityArmor in the wild Microsoft patch tuesday SandCat zero day

DevSecOps: How to Build Security into Apps

eSecurity Planet

We define DevSecOps, how it relates to DevOps, and how security can be built into the application development process with minimal disruption

The Enron Data Set is No Longer a Representative Test Data Set: eDiscovery Best Practices

eDiscovery Daily

If you attend any legal technology conference where eDiscovery software vendors are showing their latest software developments, you may have noticed the data that is used to illustrate features and capabilities by many of the vendors – it’s data from the old Enron investigation.

Demo 52

How to Reduce Your Carbon Footprint With Document Scanning

Record Nations

Despite recent growth in technology paper consumption also continues to grow, however with document scanning digital files not only make your records management more sustainable, but also cheaper and more efficient.

Book Review: Information Governance for Healthcare Professionals: A Practical Approach

IG Guru

Robert Smallwood’s latest book on Information Governance is part of the HIMSS book series. The book is titled: Information Governance for Healthcare Professionals: A Practical Approach. Some of the highlights of the book are: A lot of Sedona Conference references.

7 emerging data security and risk management trends

Information Management Resources

Risk appetite statements, governance frameworks and password-less authentication are among the growing trends that will impact security, privacy and risk leaders, says Gartner. Data security Cyber security Cyber attacks Malware

Intel Windows 10 Graphics Drivers Riddled With Flaws


Intel has patched several high-severity vulnerabilities in its graphics drivers for Windows 10, which could lead to code execution. Vulnerabilities cpu flaw Intel intel graphics driver Intel Vulnerability Microsoft patch Windows 10

IT 72

3 suggerimenti da considerare quando si automatizza l’esperienza del cliente

DXC Technology

Ho partecipato alla Customer Contact Week di quest’anno a Las Vegas e ho avuto un’impressione diversa da quella prevista. Attraverso più gruppi di discussione e conversazioni con i partecipanti è chiaro che i professionisti della customer experience credono che “l’automatizzazione è già qui” Molti partecipanti hanno espresso l’urgenza di andare avanti. Tuttavia, questa eccitazione va […]. Uncategorized automatizzazione esperienza del cliente

New Malware Shows Marketing Polish

Dark Reading

A new strain of point-of-sale malware skims credit card numbers and comes via a highly polished marketing campaign

Sales 70

'Gut feelings' often trump real data in driving business decisions, says Forrester

Information Management Resources

There’s an alarming gap in data activation at organizations today, and despite continued investment in people, data and technology, according to Forrester Research. Data strategy Data management Forrester Research

Data 69