The Last Watchdog

SEPTEMBER 6, 2018

All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That’s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management and more.

Security 167

Security Analytics Digital transformation Marketing 167

Krebs on Security

SEPTEMBER 6, 2018

A 19-year-old man from the United Kingdom who headed a cybercriminal group whose motto was “Feds Can’t Touch Us” pleaded guilty this week to making bomb threats against thousands of schools. On Aug. 31, officers with the U.K.’s National Crime Agency (NCA) arrested Hertfordshire resident George Duke-Cohan, who admitted making bomb threats to thousands of schools and a United Airlines flight traveling from the U.K. to San Francisco last month.

Security 161

Security IT 161

Data Breach Today

SEPTEMBER 6, 2018

Researchers: Attackers Continue to Meddle With Hundreds of Thousands of MikroTik Routers Unknown attackers are intercepting every piece of data handled by more than 7,500 routers made by MikroTik, while also using another 239,000 compromised routers to serve as proxies, researchers say. It's a continuation of a wave of attacks that exploit a vulnerability patched by MikroTik in April.

IT 145

IT 145

IT Governance

SEPTEMBER 6, 2018

This week, we discuss a data breach at Plusnet, poor security at tvlicensing.co.uk, why most BEC scams succeed, and what causes most data breaches. Hello and welcome to the IT Governance podcast for Friday, 7 September. Many thanks to Jay and Lewis for holding the fort while I was away. Here are this week’s stories. In one of the biggest projects it’s undertaken in 21 years, the broadband provider Plusnet migrated to a new customer billing system at the weekend, and – as befalls so many companie

Data breaches 75

Data breaches Phishing Information Security Access 75

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

SEPTEMBER 6, 2018

Patients at 11 Organizations Affected by Hacker Attack A recent hacker attack targeting a revenue cycle management software and services vendor, which impacted more than 31,000 patients at 11 healthcare organizations, illustrates the potentially broad security risks posed by business associates.

Risk 100

Risk Security 100

Data Breach Today

SEPTEMBER 6, 2018

DevOps and the addition of the "Sec" or security element to it has led to significant progress in moving security up in the application development chain, says Gartner's Dale Gardner

IT 100

IT Security 100

Thales Cloud Protection & Licensing

SEPTEMBER 6, 2018

In my recent blog on the evolving PCI SSC initiatives in 2018, “ Minor on PCI DSS, major on almost everything else ,” I outlined how the organisation is covering new areas to reflect the migration from physical card payments to online digital payments. Much of the latest innovation involves the use of mobile devices (for both initiation and acceptance ) to provide greater flexibility in how payments can be made and offer additional methods to authenticate transactions.

Security 66

Security Encryption Compliance Risk 66

Hunton Privacy

SEPTEMBER 6, 2018

On September 5, 2018, the European Commission (the “Commission”) announced in a press release the launch of the procedure to formally adopt the Commission’s adequacy decision with respect to Japan. The press release notes that the EU-Japan talks on personal data protection were completed in July 2018, and announces the publication of the draft adequacy decision and related documents which, among other things, set forth the additional safeguards Japan will accord EU personal data that is transfer

Personal data 65

Personal data Access Privacy Security 65

WIRED Threat Level

SEPTEMBER 6, 2018

After years of abuse and spreading conspiracy theories, Alex Jones finally went too far for Twitter with a relatively tame rant.

Security 75

Security 75

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

SEPTEMBER 6, 2018

Today's security operations center is all about reducing the number of alerts with emerging technologies - and enhancing old-school human collaboration. Here's how some real-world SOCs are evolving.

Security 60

Security 60

IT Governance

SEPTEMBER 6, 2018

Organisations face a myriad of risks and threats. It’s imperative to identify and assess these in order to effectively mitigate them before disaster strikes. . Your organisation may have business continuity plans in place, but are you confident in their ability to help you recover from a disruption? . The Business Continuity Risk Management Pack will help you develop effective business continuity plans tailored to your organisation’s unique needs.

Risk 60

Risk IT 60

Security Affairs

SEPTEMBER 6, 2018

The MEGA Chrome browser extension had been hacked and replaced with a one that steals users’ credentials for popular web services. Are you using the MEGA Chrome browser extension? Uninstall it now because the Chrome extension for MEGA file storage service had been hacked and replaced with a one that steals users’ credentials for popular web services (i.e.

Passwords 52

Passwords Security IT Access 52

IBM Big Data Hub

SEPTEMBER 6, 2018

Imagine a searchable data management system that would enable you to review crowdsourced, categorized and classified data. Consider that this system would apply to all types of data — structured and unstructured — and become more robust as more users analyze it.

Data structuring 51

Data structuring Government IT 51

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

SEPTEMBER 6, 2018

Cisco has released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, including three critical flaws. Cisco released thirty security patch advisory to address a total of 32 security vulnerabilities in its products. The good news is that the tech giant is not aware of any exploitation of the addressed vulnerabilities in attacks in the wild.

IT 51

IT Security Authentication Access 51

eSecurity Planet

SEPTEMBER 6, 2018

Some accounts are more valuable than others. Privileged access management (PAM) can help.

Access 73

Access 73

Security Affairs

SEPTEMBER 6, 2018

Schneider Electric announced that some of the USB drives it has shipped with its Conext ComBox and Conext Battery Monitor products were infected with malware. Schneider Electric has found a malicious code on the USB drives that have been shipped with Conext ComBox and Conext Battery Monitor products. Both products are part of the solar energy offering of the vendor.

Energy and Utilities 51

Energy and Utilities Manufacturing Communications Security 51

Dark Reading

SEPTEMBER 6, 2018

In the same way that food is fuel to our bodies, data is the fuel on which our security programs run. Here are 10 action items to put on your cybersecurity menu.

Security 48

Security Cybersecurity 48

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

SEPTEMBER 6, 2018

Personal and payment card information of 380,000 British Airways customers were stolen by attackers, stolen data did not include travel or passport details. British Airways was hacked, customer personal and payment card information of 380,000 were stolen by attackers, the stolen data did not include travel or passport details. The company published a data breach notification on its website, the security breach affected customers making bookings on its website and app from 22:58 BST August 21 201

Data breaches 50

Data breaches GDPR Communications Privacy 50

WIRED Threat Level

SEPTEMBER 6, 2018

The Department of Justice has taken its first legal action against North Korea's cybercrimes, in a massive complaint made public Thursday.

IT 52

IT Security 52

Security Affairs

SEPTEMBER 6, 2018

Security experts from ESET observed a treat actor, tracked as PowerPool, exploiting the recently disclosed Windows zero-day flaw in targeted attacks. The vulnerability was publicly disclosed on August 27 by the security expert “ @SandboxEscaper ,” the researcher also published the exploit code for the vulnerability. The vulnerability affects Microsoft’s Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges on the vulnerable system.

Phishing 47

Phishing Security Access IT 47

IBM Big Data Hub

SEPTEMBER 6, 2018

In developing and improving Db2 on Cloud, we have been laser focused on providing the simplest, most convenient experience possible for users, and it’s heartening to see that those efforts are paying off.

Cloud 44

Cloud 44

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

Security Affairs

SEPTEMBER 6, 2018

The Iran-linked APT group OilRig was recently observed using a new variant of the OopsIE Trojan that implements news evasion capabilities. Experts at Palo Alto observed a new campaign carried out by the Iran-linked APT group OilRig that was leveraging on a new variant of the OopsIE Trojan. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015, since then it targeted mainly organizations in the financial and government sectors, in the United States and Middle

Phishing 47

Phishing Government Authentication IT 47

Dark Reading

SEPTEMBER 6, 2018

New research sheds light on the biggest threats to strike ICS systems in the first half of 2018, and what's in store for the rest of this year.

49

49

Security Affairs

SEPTEMBER 6, 2018

The clothing chain C&A in Brazil suffered a cyber attack on its gift card/exchange system last week, hackers leaked data on Pastebin. The International fashion retail clothing chain C&A in Brazil suffered a data breach, the company confirmed hackers hit its gift card platform. Hackers accessed to records belonging to customers who purchased gift cards, exposed data includes ID numbers, email addresses, the amount loaded into the cards, order number and data of purchase.

Data breaches 43

Data breaches Retail Personal data Access 43

IBM Big Data Hub

SEPTEMBER 6, 2018

Organizations across the globe are struggling to drive down operational costs while improving consumer engagement and improving profitability.

Analytics 47

Analytics 47

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

IG Guru

SEPTEMBER 6, 2018

By UpCounsel Corporate & Securities Attorney Gary Ross The meteoric rise of cryptocurrencies has taken the world by storm. Innovators, investors, users, and governments are scrambling to wrap their heads around cryptocurrencies and the blockchain technology that they rely upon. The emergence of a new market and business model has created great opportunities for participants, but […].

Blockchain 40

Blockchain Marketing Government Security 40

The Security Ledger

SEPTEMBER 6, 2018

Recent demonstrations of election hacks are about more than ballots. They also contain important lessons for enterprises, Security Ledger Editor in Chief Paul Roberts argues in this opinion piece. (Note: this post first appeared on Hitachi Security Systems web site.) Did an 11 year old hack a state election website? Are voting machines easy prey. Read the whole entry. » Related Stories As Election Threats Mount, Voting Machine Hacks are a Distraction Voting Machine Maker Defends Refusal of

Security 40

Security Government 40

Data Protection Report

SEPTEMBER 6, 2018

The much discussed Cybersecurity Act 2018 (Act. 9 of 2018) (the Act), which was passed by the Singapore Parliament on 5 February 2018, came into force on 31 August 2015 [1]. The new law creates a regulatory framework for the monitoring and reporting of cybersecurity threats to essential services in Singapore through the appointment of the Commissioner of Cybersecurity.

Cybersecurity 40

Cybersecurity Compliance Data Privacy Personal data 40