Tue.Oct 08, 2019

Developers' Code Reuse Security Conundrum: Cut, Paste, Fail

Data Breach Today

GitHub Projects Riddled With Flawed Stack Overflow Code, Researchers Find Code reuse kills - software quality, that is, according to a new study of C++ code snippets shared on Stack Overflow that were reused in more than 2,800 GitHub projects.

Developer hacked back Muhstik ransomware crew and released keys

Security Affairs

One of the victims of the Muhstik ransomware gang who initially paid the ransomware, decided to hack back the crooks and released their decryption keys. Tobias Frömel , is a German software developer, who was a victim of the Muhstik ransomware.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Health Data Breach Tally: Ransomware Proliferates

Data Breach Today

Here's An Update on Additions to the 'Wall of Shame' Ransomware attacks are among the largest incidents added to the federal tally of major health data breaches in recent weeks. Attacks on a variety of clinics affected a total of more than 1 million individuals

Speakers Censored at AISA Conference in Melbourne

Schneier on Security

Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. Thomas Drake , former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Update: Internet Security Threat Report

Data Breach Today

Kevin Haley of Symantec Shares Key Findings Kevin Haley of Symantec shares key findings from the company's latest Internet Security Threat Report

More Trending

DevSecOps: Overcoming Resistance

Data Breach Today

Johnathan Nicholson, Former Interac CISO, on How to Change the Culture How can organizations overcome resistance to implementing DevSecOps? Johnathan Nicholson, former CISO at Interac, the Canadian interbank network, provides insights

173
173

7 Considerations Before Adopting Security Standards

Dark Reading

Here's what to think through as you prepare your organization for standards compliance

Minimizing File Transfer Risk

Data Breach Today

Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance

Risk 173

FBI Warns of Cyber Attacks on Multi-Factor Authentication

Adam Levin

The FBI is warning businesses about a new series of cyberattacks that can circumvent multi-factor authentication (MFA).

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

The Case Against a 'SOC in a Box'

Data Breach Today

John Matthews of Extrahop on Avoiding Homogeneity in Security Platforms Homogeneity in security platforms can be a problem, says John Matthews of Extrahop, who makes the case for avoiding implementing a "SOC in a box

Experts found a link between a Magecart group and Cobalt Group

Security Affairs

Researchers from MalwareBytes and HYAS Threat Intelligence linked one of the hacking groups under the Magecart umbrella to the notorious Cobalt cybercrime Group.

Addressing Privacy Compliance Challenges

Data Breach Today

Fatima Khan of Okta on Going Beyond GDPR Compliance Compliance with the European Union's General Data Protection Regulation is no guarantee of compliance with other privacy regulations, says Fatima Khan of Okta, who discusses the challenges

Utilities' Operational Networks Continue to Be Vulnerable

Dark Reading

More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds

95

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

Insider Threat Mitigation: Sanctions and Incentives

Data Breach Today

Michael Theis of CERT Insider Threat Center on Best Practices The battle against insider threats requires a balance of sanctions and incentives, says Michael Theis of the CERT Insider Threat Center

151
151

New Unpatchable iPhone Exploit Allows Jailbreaking

Schneier on Security

A new iOS exploit allows jailbreaking of pretty much all version of the iPhone. This is a huge deal for Apple, but at least it doesn't allow someone to remotely hack people's phones.

Russia's Disinformation War Is Just Getting Started

WIRED Threat Level

The Internet Research Agency specifically targeted African Americans, and has not stopped trying to influence elections, a Senate intelligence report says. Business Business / Social Media Security

NSA Issues Advisory on VPN Vulnerability Trio

Dark Reading

Vulnerabilities with Pulse Secure, Fortinet, and Palo Alto Networks VPNs are called out in the advisory

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Most organizations fall short of global data privacy requirements

Information Management Resources

A majority of organizations do not comply with current international data privacy regulations and are not prepared for new U.S. regulations rolling out in 2020. Data privacy rules Data security Data management

Business Email Compromise Attacks Spike 269%

Dark Reading

A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes

81

MS October 2019 Patch Tuesday updates address 59 flaws

Security Affairs

Microsoft October 2019 Patch Tuesday addressed a total of 59 vulnerabilities. 9 of which are rated as critical and 49 as important.

Microsoft Issues 9 Critical Security Patches

Dark Reading

None of the total 59 patches were for previously known vulnerabilities nor are any under active attack, Microsoft reports

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn

Threatpost

and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks. Government Hacks Vulnerabilities Web Security apt apt5 china state sponsored cybergroup cyberattack Fortinet NSA Palo Alto Networks pule secure

For Cybersecurity to Be Proactive, Terrains Must Be Mapped

Dark Reading

As in any battle, understanding and exploiting the terrain often dictates the outcome

The Security of Data in the Cloud is Your Responsibility Unveiling the 2019 Thales Cloud Security Study

Thales eSecurity

Businesses are vigorously adopting digital transformation to provide higher quality services, operate more efficiently and deliver better customer experiences. The engine that is powering this transformation is the cloud and the vast array of on demand services it provides.

Iranian Cyberattack on US Presidential Campaign Could Be a Sign of Things to Come

Dark Reading

Political parties and election systems will be heavily targeted in the months leading up to the 2020 general elections, some security experts say

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

Critical Microsoft Remote Desktop Flaw Fixed in Security Update

Threatpost

Microsoft has released fixes for nine critical and 49 important vulnerabilities as part of Patch Tuesday. Vulnerabilities critical flaw Microsoft patch patch tuesday RDP remote code execution remote desktop services vulnerability

Beyond the Horde: The Uptick in Targeted Attacks (And How to Fight Back)

Dark Reading

We're seeing a dramatic rise in targeted attacks, but following these guidelines can help your enterprise stay safe

72

Intimate Details on Healthcare Workers Exposed as Cloud Security Lags

Threatpost

Ponemon survey data shows that only a third of IT staff say they take a security-first approach to data storage in the cloud. Cloud Security Privacy data exposure freedom healthcare healthcare workers misconfiguration Ponemon survey the report tu ora compass health

Cloud 93