Mon.Feb 24, 2020

Lawsuit Claims HIV Data Exposed in Leak

Data Breach Today

Legal Action Stems From Misconfigured Database at UW Medicine A lawsuit seeking class action status filed against UW Medicine in the wake of a data leak incident has been amended to reflect that at least one HIV patient allegedly had their data exposed.

Zyxel Fixes 0day in Network Storage Devices

Krebs on Security

Patch comes amid active exploitation by ransomware gangs. Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them.

IoT 196

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BEC Group Favors G-Suite, Physical Checks: Report

Data Breach Today

Agari Says 'Exaggerated Lion' Has Targeted Businesses Throughout US A business email compromise group targeting U.S. businesses is using G-Suite for their scams and collecting money through physical checks instead of wire transfers, according to the security firm Agari

BOOK REVIEW: ‘Security Yearbook’ preserves cybersecurity history — highlights tectonic shift

The Last Watchdog

Along with Richard Stiennon , I belong to a small circle of journalists and tech industry analysts who’ve been paying close attention to cybersecurity since Bill Gates curtailed commercial work on Windows to rivet Microsoft’s attention on defending its software code. Related: The role of PKI is securing digital transformation That was in 2002. Back then, email spam was a nuisance evolving into a potent attack vector, and the top malware innovators were script kiddies seeking bragging rights.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

FBI Makes Arrest in DDoS Attack on Candidate's Website

Data Breach Today

Congressional Candidate Targeted in 2018, Authorities Say The FBI has arrested a suspect who's charged in connection with waging distributed denial-of-service attacks against the campaign website of an unsuccessful 2018 Democratic candidate for the U.S. House in California


More Trending

New Mexico Sues Google Over Children's Privacy

Data Breach Today

State Alleges Data About Young Students Is Illegally Collected New Mexico is suing Google, alleging the company violates a federal child privacy law by collecting the personal data of students younger than age 13 without their parents' consent.

FBI recommends using passphrases instead of complex passwords

Security Affairs

The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters.

Irish Privacy Report Gives Glimpse Into GDPR Investigations

Data Breach Today

Facebook and Twitter Among the Technology Giants Being Probed A newly released report offers a glimpse into how European Union authorities are applying the General Data Protection Regulation to some of the biggest U.S. technology firms, including social media giants Facebook and Twitter

GDPR 153

Russia Is Trying to Tap Transatlantic Cables

Schneier on Security

The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

'Privacy by Design' Implementation Tips

Data Breach Today

Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Slickwraps is an online store that offers for sale skins mobile devices, laptops, smartphones, tablets, and gaming consoles.

7 Tips to Improve Your Employees' Mobile Security

Dark Reading

Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them

Risk 81

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums.

Sales 84

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Solving the Cloud Data Security Conundrum

Dark Reading

Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud

DevOps Best Practices: Scaling DevOps for the Enterprise

Micro Focus

Information technology has been an integral component of the modern enterprise for decades now. That dependency is only bound to grow. With such digital transformation comes soaring demand for new applications.

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families.

Security, Networking Collaboration Cuts Breach Cost

Dark Reading

CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Organizations Struggle with Cloud Security in the Post Digital Transformation Era – Highlights from our 2020 Data Threat Report-Global Edition

Thales eSecurity

2020 marks the launch of the Thales Data Threat Report-Global Edition for the seventh consecutive year. This year the report focuses on the post digital transformation era.

Verizon: Attacks on Mobile Devices Rise

Dark Reading

Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index

Malicious Documents Emerging Trends: A Gmail Perspective


Everyday Gmail defenses analyze billions of attachments to prevent malicious documents from reaching the inboxes of its users whether they are end-users or corporate ones.

IT 63

Data Breach Occurs at Agency in Charge of Secure White House Communications


A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Lampion malware v2 February 2020

Security Affairs

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations.

DHS Issues Ransomware Warning for Critical Infrastructure Operators

Adam Levin

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory following a ransomware attack on a natural gas compression facility.

Latest Security News from RSAC 2020

Dark Reading

Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco


Rocket Software

SHARE is the oldest computer user group in the world, and the organization plays a critical role in driving innovation in the IBM Z community. Rocket Software has been a long-time member of SHARE, and we are committed to supporting its goals and ideals.

Facebook Pays $550 Million In Facial Recognition Settlement via Security Baron

IG Guru

Check out the article here. The post Facebook Pays $550 Million In Facial Recognition Settlement via Security Baron appeared first on IG GURU.

Wanted: Hands-On Cybersecurity Experience

Dark Reading

Organizations lament a lack of qualified job candidates as they continue to struggle to hire and retain security teams, the new ISACA State of Cybersecurity 2020 report shows

Episode 176: Security Alarms in Census II Open Source Audit. Also: The New Face of Insider Threats with Code42

The Security Ledger

Joe Payne the CEO of Code42 joins us to talk about how the challenge of data breach prevention is changing. And: we do a deep dive on the recent Census II audit of open source. The post Episode 176: Security Alarms in Census II Open Source Audit.

DoD Issues Cybersecurity Maturity Model Certification Version 1.0

Data Matters

On January 31, 2020, the Department of Defense released its latest version of the Cybersecurity Maturity Model Certification (“CMMC”) for defense contractors. Under the CMMC plan, DOD contractors will be required to obtain a cybersecurity rating from Level 1 through Level 5. Self-certification will not be permitted. Given the significant investment of industry resources the CMMC may require, the DOD eased some concerns by announcing that it would roll out the CMMC program out in stages.