Tue.Feb 11, 2020

WiFi: A New Way to Spread Emotet Malware

Data Breach Today

Researchers Say Trojan's Developers Devising Ways to Spread Trojan to More Devices Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.

Microsoft Patch Tuesday, February 2020 Edition

Krebs on Security

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More Phishing Campaigns Tied to Coronavirus Fears

Data Breach Today

Researchers Describe a Wide Variety of Tactics As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets

Crypto AG Was Owned by the CIA

Schneier on Security

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

No Surprise: China Blamed for 'Big Data' Hack of Equifax

Data Breach Today

Analysis: Equifax Failed on Security, But Only Governments Can Hold Each Other to Account Who's surprised Chinese military hackers allegedly hacked Equifax?

More Trending

Coding Flaw Exposes Voter Details for 6.5 Million Israelis

Data Breach Today

Failure to Secure API Allowed Unauthenticated Access Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application.

Access 153

Donating BAT to Have I Been Pwned with Brave Browser

Troy Hunt

I don't know exactly why the recent uptick, but lately I've had a bunch of people ask me if I've tried the Brave web browser. Why they'd ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers.

IT 87

NIST Privacy Framework: The Implementation Challenges

Data Breach Today

Although NIST's new privacy framework is agnostic toward any particular privacy law, "it gives organizations building blocks to help them meet any obligations under any particular law or jurisdiction" says Naomi Lefkovitz, a NIST senior privacy adviser

South Korean Woori Bank is accused of unauthorized use of customer data

Security Affairs

Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the p assword s of 23,000 customer dormant accounts without consent in July 2018.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Bringing Outsiders Into Your Compliance Team: Four Considerations

Data Breach Today

Hiring third party investigators to bolster your AML and Compliance team? Here's four things to consider before you pick up the phone. Money Laundering investigators are in high demand: banks and other financial institutions have spent almost two decades hiring more and more of them

Conservative News Sites Track You Lots More Than Left-Leaning Ones

WIRED Threat Level

One analysis of news outlets found that the median popular right-wing site planted 73 percent more cookies than its left-wing counterpart. Security Security / Privacy

IT 82

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

A security expert discovered that the Cosmetic firm Estée L auder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée L auder that contained 440,336,852 records.

The US Fears Huawei Because It Knows How Tempting Backdoors Are

WIRED Threat Level

US officials allege that Huawei has backdoors in its technology. The US knows firsthand how powerful those can be. Security Security / National Security

IT 71

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks.

IoT 72

Can the Government Buy Its Way Around the Fourth Amendment?

WIRED Threat Level

Immigration authorities are purchasing cell phone location data, and it might be totally legal. . Security Security / Privacy

Adobe addresses 42 flaws in its five products

Security Affairs

Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in five products, dozens of them rated as critical severity.

IT 71

Macs See More Adware, Unwanted Apps Than PCs

Dark Reading

The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce


The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Repudiation Now Live on Linkedin Learning

Adam Shostack

My course, “ Repudiation in Depth ” is now live on Linkedin Learning. This is the fourth course I’ve created, starting with “ Learning Threat Modeling “, and courses on “ spoofing “, “ tampering “, and now, repudiation.

IT 69

Hindsight is 2020. Looking back so we can move forward

Thales eSecurity

2020 ends a decade, and the new year prompted me to think “Wow it’s been two decades since we started Vormetric.” And the mission we started then still applies now. Data security is still a problem.

Cloud 68

Dell SupportAssist flaw exposes computers to hack, patch it asap!

Security Affairs

Dell addresses a flaw in the Dell SupportAssist Client software that could allow local attackers to execute arbitrary code with Administrator privileges. Dell released a security update to address a vulnerability, tracked as CVE-2020-5316 , in its SupportAssist Client software.

IT 66

The ICRM is looking for mentors

IG Guru

The ICRM Mentoring Program has been created to provide clear instructions, consistency and uniform processes to Mentors and Mentees for all parts of the CRM Exam. It is the hope of the ICRM that all candidates, including CRA Candidates will benefit from the program.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

The Altsbit exchange will exit in May following a hack

Security Affairs

The Italy-based cryptocurrency exchange Altsbit announced that it has suffered a security breach that led to the theft of its customer’s funds.

IT 63

Oracle Named Visionary for Analytics and BI

Perficient Data & Analytics

It was recently announced that Oracle Analytics Cloud (OAC) has been named Visionary in the 2020 Gartner Magic Quadrant for Analytics and Business Intelligence Platforms. This is great news as it validates what we have been seeing in the marketplace for quite some time.

Securing Containers and Multi-Cloud Operations

Thales eSecurity

The shift toward cloud-native applications is changing the building blocks of IT. Development and maintenance of infrastructure and applications in-house just isn’t an option anymore in many cases.

Cloud 62

5 key things to consider when migrating to the cloud

OpenText Information Management

Cloud computing is now touching all aspects of information technology, and document and data archiving is no exception. When it comes to security, cost savings, reliable services and scalability, there is no bigger advantage than storing your most valuable assets in the cloud.

Cloud 62

What Are Some Foundational Ways to Protect My Global Supply Chain?

Dark Reading

Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on

Risk 61