Tue.Jul 09, 2019

Moving From Vulnerability Management to Vulnerability Response

Data Breach Today

Syra Arif of ServiceNow on Essential Steps Shifting from vulnerability management to vulnerability response is becoming increasingly important, says Syra Arif of ServiceNow, who describes three essential steps

241
241

Patch Tuesday Lowdown, July 2019 Edition

Krebs on Security

Microsoft today released software updates to plug almost 80 security holes in its Windows operating systems and related software.

Tips 170

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR 215

Cell Networks Hacked by (Probable) Nation-State Attackers

Schneier on Security

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

US Coast Guard Warns of Maritime Malware Attacks

Data Breach Today

Incident Investigation Triggers Alert, Which Calls for Precautions The U.S. Coast Guard has issued an alert about an increase in malware attacks targeting the networks of commercial vessels. It's warning ship owners to take more cybersecurity precautions

More Trending

Best Practices for Device Security

Data Breach Today

Steve Hyman of Ordr on the Importance of Network Visibility As healthcare providers connect more and more devices to their networks, ensuring data security becomes far more complex, says Steve Hyman of Ordr, who describes best practices

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

WIRED Threat Level

All it takes is one wrong click, and the popular video conferencing software will put you in a meeting with a stranger. Security Security / Cyberattacks and Hacks

Video 88

Overcoming Vulnerability Overload

Data Breach Today

Nate Dyer of Tenable on How Predictive Prioritization Can Help Vulnerability overload is a pervasive problem, says Nate Dyer of Tenable, who describes how predictive prioritization can help

169
169

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan.

Tools 88

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Ransomware Re-examined: To Pay or Not to Pay?

Data Breach Today

Fortinet's Sonia Arista on the Dilemmas Facing CISOs Ransomware plays on ever-bigger stages, but the fundamental question remains: To pay or not to pay? Fortinet's Sonia Arista, a former CISO, weighs in on ransomware and other hot breach trends

Maryland Department of Labor discloses a data breach

Security Affairs

The Maryland Department of Labor announced it has suffered a data breach announced that exposed personally identifiable information. . The Maryland Department of Labor suffered a data breach, hackers accessed databases containing personally identifiable information (PII).

Securing Devices While Maintaining Functionality

Data Breach Today

Chris Hickman of Keyfactor on Managing Medical Device Life Cycles Chris Hickman of Keyfactor explains the challenges of securing and protecting medical devices and the data they collect while delivering the functionality that users demand

Flaw in Zoom video conferencing software lets sites take over webcam on Mac

Security Affairs

Zoom video conferencing software for Mac is affected by a flaw that could allow attackers to take over webcams when users visit a website.

Video 85

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Threat Intelligence: Why Sharing Is Difficult

Data Breach Today

Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says

IT 133

Mobile and Wearable Device Examination

OpenText Information Management

With the arrival of 5G technology, the increasing popularity of fitness trackers and smart watches, and growth in other “wearable tech”, the amount of data being collected is increasing at an unprecedented rate.

Blog 83

Microsoft released Patch Tuesday security updates for July 2019

Security Affairs

Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity.

Avoid these five all-too-common cloud migration mistakes

DXC Technology

I’m on the cloud. You’re on the cloud. We’re all on the cloud. But, as we move more and more of our IT — lock, stock, and two smoking servers — to the cloud, you should make sure you know what you’re getting into. Yes, the cloud can be a real help, but there are […]. Cloud Uncategorized

Cloud 77

Prototype Pollution flaw discovered in all versions of Lodash Library

Security Affairs

Liran Tal, a developer advocate at open-source security platform Snyk, discovered a high-severity prototype pollution security flaw that affects all versions of lodash.

Zoom Zero-Day Bug Opens Mac Users to Webcam Hijacking

Threatpost

The vulnerability can be exploited on a drive-by basis by a malicious website. Vulnerabilities Web Security Bug conferencing CVE-2019–13450 drive-by mac users video camera vulnerability web cam zero day zoom

Video 110

British Airways faces sky high £183 million GDPR fine

IT Governance

British Airways has been fined £183.4 million for a data breach that affect ed around 500,000 customers last year. .

GDPR 75

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

The UK’s data privacy regulator plans to fine giant hotel chain Marriott International with a £99 million ($123 million) under GDPR over 2014 data breach. The company replied that it will fight against the fine, it could reply to the UK ICO’s proposal before the final determination.

Cybercriminals Target Budding Cannabis Retailers

Dark Reading

Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices

Retail 103

Zoom Will Fix the Flaw That Let Hackers Hijack Webcams

WIRED Threat Level

While it at first dismissed the vulnerability, Zoom says it will release a patch Tuesday night. Security Security / Cyberattacks and Hacks

IT 72

More than half of all data remains untagged and unclassified

Information Management Resources

A new study finds that companies have limited or no visibility over vast volumes of potentially business-critical data, creating a ripe target for hackers. Data types Data management Data discovery

Study 101

Marriott Hit With $123M Fine For Massive 2018 Data Breach

Threatpost

The data breach fine against Marriott by the Information Commissioner's Office comes a day after British Airways was also penalized.

Digital Transformation: Bridging Now and Next

Micro Focus

I recently attended an event delivered by some of the tech industry’s top thought leaders, which was focused exclusively on digital transformation (DX). It was very well done, with many excellent presentations on a variety of topics like Hybrid IT, DevOps, Predictive Analytics and more.

Cloud Security and Risk Mitigation

Dark Reading

Just because your data isn't on-premises doesn't mean you're not responsible for security

Risk 96

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Threatpost

Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup. Vulnerabilities CPU patch firmware high severity flaw Intel Intel Patch intel processor diagnostic tool solid state drive SSD data cente

Tools 96

Do and don'ts of navigating data analytics in the cloud

Information Management Resources

It’s important to remember that the cloud isn’t magic. In fact, it’s just like any other infrastructure option available to the enterprise, with its own unique benefits and challenges. Analytics Cloud computing Cloud hosting Data management

Microsoft Patches A Pair of Zero-Days Under Active Attack

Threatpost

The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel "SACK Panic" bug. Cloud Security IoT Vulnerabilities Web Security adobe Critical flaws July Patch Tuesday Microsoft Patches sack panic under active exploit zero day

IoT 94

Marriott to be fined nearly £100m over GDPR breach

The Guardian Data Protection

ICO imposes fine after personal data of 339 million guests was stolen by hackers The international hotel group Marriott is to be fined almost £100m by the Information Commissioner’s Office after hackers stole the records of 339 million guests.

GDPR 93