Mon.Mar 11, 2019

Citrix Hacked by Password-Spraying Attackers, FBI Warns

Data Breach Today

Cyber-Espionage Campaign Appears Separate to Recent Credential-Stuffing Breach Citrix Systems is investigating a suspected hack attack, resulting in the theft of business documents, after being tipped off by the FBI.

Severe RCE vulnerability affected popular StackStorm Automation Software

Security Affairs

The security researcher Barak Tawilyhas discovered a severe vulnerability, tracked as CVE-2019-9580, in the popular, open source event-driven platform StackStorm.

Breach of 'Verifications.io' Exposes 763 Million Records

Data Breach Today

Experts Question How 'Big Data Email Verification Platform' Amassed Information Verifications.io, a self-described "big data email verification platform," has suffered a massive breach. Security researcher Bob Diachenko said he discovered the site was exposing 763 million records

STOP ransomware encrypts files and steals victim’s data

Security Affairs

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines.

The Advantages of Automated Threat Hunting

Data Breach Today

Steven Grossman of Bay Dynamics on Automating Critical Security Tasks Threat hunting is a critical but labor-intensive task for security analysts. But automation can provide significant advantages, says Steven Grossman of Bay Dynamics

Take your GDPR project to the next level with our compliance packages

IT Governance

For many organisations, last year’s GDPR (General Data Protection Regulation) compliance deadline was a whirlwind of privacy policy updates, data protection training courses and hours spent online researching exactly what a ‘controller’ and ‘processor’ are.

GDPR 95

More Trending

Crooks use The Pirate Bay to spread PirateMatryoshka malware via reputed seeders

Security Affairs

Crooks are abusing the torrent website The Pirate Bay to distribute the PirateMatryoshka malware that fuels the victim’s PC with unwanted software.

Dealing with 'Right to Be Forgotten' Requirements

Data Breach Today

Mike Kiser of Sailpoint on Identity Governance Issues The "right to be forgotten" is a critical component of GDPR, but requirements vary widely globally. Mike Kiser of Sailpoint discusses related identity governance issues

GDPR 161

Russia Is Testing Online Voting

Schneier on Security

This is a bad idea : A second innovation will allow "electronic absentee voting" within voters' home precincts. In other words, Russia is set to introduce its first online voting system.

Why CISOs Need Partners for Security Success

Data Breach Today

John Pescatore of SANS Institute on Essential Steps to Take CISOs need to work with partners in other departments to help ensure the success of major security projects, says John Pescatore, the director of the SANS Institute, who spoke at RSA Conference 2019

What’s the difference between containers and virtual machines?

DXC Technology

I was at a conference recently when I realized the person I was talking with thought that containers were just smaller versions of virtual machines (VM). Ah, no. No, they’re not. Yes, they can function in the same ways from a practical viewpoint. For example, they’re both commonly used to run server applications. How they […]. Applications Cloud cloud virtual machine containers cloud computing Virtualization

Moxa Industrial Switches plagued with several flaws

Security Affairs

Security experts have discovered many vulnerabilities, including a critical issue, in Moxa EDS and IKS industrial switches.

Top 10 Takeaways from RSA Conference 2019

eSecurity Planet

After five days of sessions, events and demos, what were the key cybersecurity themes that emerged at RSA Conference 2019

Demo 114

Defining Intelligent Information Management

AIIM

Recently AIIM released an industry watch report titled, The State of Information Management, Getting Ahead of the Digital Information Curve. In it, AIIM makes the case that every organization is on — or should be on — a Digital Transformation journey.

ECM 73

What is the Data Protection Act 2018?

IT Governance

In the run-up to the GDPR (General Data Protection Regulation) , experts repeatedly described the law as the successor to the UK’s DPA (Data Protection Act) 1998. But that was somewhat misleading, because the same day the GDPR came into force, the UK adopted the DPA 2018.

GDPR 68

How Worried Do We Need to Be About GDPR and Brexit?

InfoGoTo

Data protection regulations seem to be burgeoning in multiple jurisdictions. Moreover, these regulations have varying requirements and often seriously penalize noncompliance. The end of March brings yet another opportunity to revisit data flow: the joint effect of GDPR and Brexit.

GDPR 65

Are your business processes getting the data they need to succeed?

OpenText Information Management

Humans are social creatures—we were born to be socially connected and we understand the world, and ourselves, better when we are in relationships with others. We need feedback from all sorts of people to help see the bigger picture and make better decisions.

Blog 65

Now, Wait Just an Internet Minute!: eDiscovery Trends

eDiscovery Daily

Have I mentioned lately that I love…an infographic? Well, let me mention it again! The past three years, we’ve taken a look at a terrific infographic each year that illustrated what happens within the internet in a typical minute.

Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks

Threatpost

In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.

Understanding DataOps & DevOps: Different approach, but same goal

Information Management Resources

Instead of a focus on application delivery, DataOps focuses on accelerating the delivery of an organization’s information assets, data pipelines, and insights. Data quality Data management Data visualization

Data 85

763M Email Addresses Exposed in Latest Database Misconfiguration Episode

Dark Reading

MongoDB once again used by database admin who opens unencrypted database to the whole world

83

Google Patches Critical Bluetooth RCE Bug

Threatpost

In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high. Mobile Security Vulnerabilities Android Android March Security Bulletin Bluetooth elevation of privilege EoP google Qualcomm RCE remote code execution TrustZone

IT 74

The Third Modern Data Management Summit: Making Data Work!

Reltio

Ankur Gupta, Sr. Product Marketing Manager, Reltio.

How Do Walk-in Scanning Prices Compare to Other Services?

Record Nations

Do you have stacks of papers you would like to digitize? Walk-in scanning services offer the freedom for you to scan data without having to purchase a scanner. Costs Large volumes of scanning cost from 7 to 12 cents per page. But you may have to have as many as 8,000 pages to be able […].

Paper 52

How to jump start your enterprise digital transformation

DXC Technology

Does your organization have a digital transformation strategy that it’s struggling to execute? Unfortunately, you are not alone. But the urgency to make real progress is mounting. If your industry hasn’t already been disrupted by competitors wielding the latest wave of new technology — Big Data, cloud, mobile, AI, machine learning, robotic process automation, IoT, […]. Digital Transformation Distinguished Technologists Partners Dell EMC

Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix

Threatpost

IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity. Breach Cloud Security Hacks citrix data breach iranian apt iridium network compromise password spray resecurity

NSA, DHS Call for Info Sharing Across Public and Private Sectors

Dark Reading

Industry leaders debate how government and businesses can work together on key cybersecurity issues

The enterprise data warehouse of the future

IBM Big Data Hub

Though the enterprise data warehouse (EDW) has traditionally been the repository for historical data such as sales and financials, it is quickly evolving to meet the demands of new technologies

Sales 69

Hackers Break into System That Houses College Application Data

Dark Reading

More than 900 colleges and universities use Slate, owned by Technolutions, to collect and manage information on applicants

Data 70

Pressured by pending procedures, surgical practice pays ransom

Information Management Resources

Crippled by a ransomware attack, Columbia Surgical Specialists paid nearly $15,000 in January to regain data after hackers maliciously encrypted records. Data security Cyber security Ransomware Encryption HIPAA regulations Protected health information

Georgia's Jackson County Pays $400K to Ransomware Attackers

Dark Reading

The ransomware campaign started March 1 and shut down most of Jackson County's IT systems

Have data transparency and openness lost to secrecy and opaqueness?

Information Management Resources

Online tribes form and congregate more easily and secretively when everyone retreats to comfort zones in tightly-knit communities which often serve as echo chambers, leading to segregation, partisanship and division. Social media Data privacy Customer data Facebook

Data 65

3 Places Security Teams Are Wasting Time

Dark Reading

Dark Reading caught up with RSA Security president Rohit Ghai at the RSA Conference to discuss critical areas where CISOs and their teams are spinning their wheels

Disappointing jobs report still positive for developers and data pros

Information Management Resources

The overall economy added only 20,000 new jobs in February, but 7,500 of those were in the tech sector, including software developers and data professionals. Recruiting Data Scientist Data science Hardware and software

Data 65