Wed.Jul 10, 2019

Researchers Disclose Vulnerability in Siemens' ICS Software

Data Breach Today

Patch Issued in Light of Concerns Over Stuxnet-Like Attack Against Industrial Systems Researchers at the security firm Tenable uncovered a vulnerability in a Siemens software platform used to manage industrial control systems, and Siemens has issued a patch.

The Window to Rein In Facial Recognition Is Closing

WIRED Threat Level

As Congress continues to punt on facial recognition, advocacy groups have redoubled their efforts. Security Security / Privacy

Malware on the High Seas: US Coast Guard Issues Alert

Data Breach Today

Phishing Attack Against International Vessel Triggers Maritime Warnings The U.S. Coast Guard has issued an alert about an increase in malware attacks targeting the networks of commercial vessels. It's warning ship owners to take more cybersecurity precautions

Details of the Cloud Hopper Attacks

Schneier on Security

Reuters has a long article on the Chinese government APT attack called Cloud Hopper. It was much bigger than originally reported. The hacking campaign, known as "Cloud Hopper," was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud.

Cloud 114

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Zoom Reverses Course, Removes Local Web Server

Data Breach Today

Controversial Design Decision Could Allow for an Ambush Video Call Video conferencing vendor Zoom has opted to make major changes to its Mac application after a security researcher found several weaknesses in it.

IT 196

More Trending

Certain Anesthesia Devices Have Vulnerabilities: Researchers

Data Breach Today

GE Healthcare Disputes Some of the Findings; Security Experts Weigh In Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings.

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Security Affairs

You work hard to keep your kids safe from so many different dangers, but every day they are exposed to countless threats online. . Predators, disturbing content, identity theft attempts, and other things you wouldn’t let them experience in real life are all waiting for them. Shockingly, 1 in 5 U.S.

Fieldwork Software Database Exposed Customer Data: Report

Data Breach Today

Researchers Say Company Promptly Fixed Leak Sensitive information, including credit card and phone numbers, was left exposed to the internet on an unsecured database belonging to Fieldwork Software, which provides cloud-based services to small businesses, researchers note in a new report

Cloud 176

Severe vulnerabilities allow hacking older GE anesthesia machines

Security Affairs

The news is disconcerting, security experts have found vulnerabilities in two models of anesthesia machines commercialized by General Electric.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Dear BA and Marriott: Your GDPR Fines Are Important to Us

Data Breach Today

Privacy Regulator's Clear Security Message: Act Now to Avoid 'Disappointment' The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s s privacy watchdog has proposed large post-breach sanctions against British Airways and Marriott. Consider the tables now turned on firms that fail to properly safeguard personal data

GDPR 176

Adobe Patch Tuesday updates for July 2019 address only 5 minor flaws

Security Affairs

Adobe Patch Tuesday updates for July 2019 address minor vulnerabilities in the Bridge CC, Experience Manager and Dreamweaver products. Good news for Adobe users, Adobe Patch Tuesday updates for July 2019 address only minor flaws in the Bridge CC, Experience Manager, and Dreamweaver products.

Put Those Cloud Security Objections to Rest

Data Breach Today

In the wake of digital transformation, there remain some organizations that - for security reasons - resist the temptation to move to the cloud. What are their objections? Zscaler's Bil Harmer addresses these, as well as the critical questions security leaders should ask of cloud service providers

Introducing the largest coordinated release in OpenText history

OpenText Information Management

Today’s market-disrupting technologies are driving new and exciting opportunities to transform the way we live our personal lives, the way we do business, and the way we run our governments. The capacity for organizations to generate and collect information is greater than ever.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

The New Threat Intelligence

Data Breach Today

Threat intelligence programs have evolved greatly over the past decade. But Mario Vuksan, CEO of ReversingLabs, says too many organizations are overlooking the value of local intelligence embedded in their own networks. Vuksan talks about maximizing TI resources

125
125

The Compliance Mandate is Real as GDPR Enforcement Accelerates

Everteam

Since its implementation in May of 2018, GDPR has been the subject of much discussion but little concrete action by many companies on both sides of the Atlantic.

Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads

Threatpost

Researchers say malware infects phones in order to sneak ads on devices for profit. Malware Mobile Security Vulnerabilities 9App Adware Agent Smith Android Google Update Google Updater Janus mobile malware rogue ads

4 Reasons Why SOC Superstars Quit

Dark Reading

Security analysts know they are a hot commodity in the enviable position of writing their own ticket. Here's how to keep them engaged, challenged, and happy

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Bug in Anesthesia Respirators Allows Cyber-Tampering

Threatpost

GE Healthcare said an attacker could modify gas composition parameters within the devices' respirator function. Critical Infrastructure IoT Vulnerabilities Aespire Aestiva anesthesia devices gas composition GE Healthcare iot bugs medical devices patient danger respirator function vulnerability

IoT 114

10 Ways to Keep a Rogue RasPi From Wrecking Your Network

Dark Reading

A Raspberry Pi attached to the network at NASA JPL became the doorway for a massive intrusion and subsequent data loss. Here's how to keep the same thing from happening to your network

114
114

Latest FinSpy Modules Lift Data from Secure Messaging Apps

Threatpost

The espionage tool is capable of eavesdropping on calls and messages sent via Signal, Telegram, WhatsApp and more.

Industry Insight: Checking Up on Healthcare Security

Dark Reading

Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short

Risk 114

Zoom Pushes Emergency Patch for Webcam Hijack Flaw

Threatpost

After media scrutiny, the collaboration service has decided to address the zero-day after initially dismissing its severity. Cloud Security Privacy Vulnerabilities Web Security camera hijacking emergency patch videoconferencing vulnerability zero day zoom

IT 114

Why You Need a Global View of IT Assets

Dark Reading

It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have

IT 113

What’s new in OpenText xECM for Engineering EP6

OpenText Information Management

Risk 79

Acceptability = Mobility

Perficient Data & Analytics

Out of Touch? I was at a doctor’s office a few weeks back. I thought it was strange that he brought in a laptop and was pulling up patient information from it. It may not be strange to most, but it was for me.

Sales 77

ROMANIA: Romanian Data Protection Authority issues fine for inappropriate TOMs

DLA Piper Privacy Matters

Just days after proudly announcing its first fine under the GDPR, the Romanian Data Protection Authority has done it again: World Trade Center Bucharest S.A. must pay 15,000 euro for breaching the provisions of Art. 32 para. (4) 4) GDPR corroborated with Art. 32 paras. (1) 1) and (2) GDPR.

GDPR 76

Intel Releases Updates for Storage & Diagnostic Tools

Dark Reading

CISA released an alert telling users about the updates to firmware in Intel SSD and Processor Diagnostic products

106
106