Thu.Feb 07, 2019

Stress Test: Police Visit Webstresser Stresser/Booter Users

Data Breach Today

Seized Customer Data Appears to Be Powering Ongoing Dutch and UK Probes Hundreds of suspected customers of Webstresser, a DDoS stresser/booter site that was disrupted last year, are being visited by law enforcement agents and may see jail time.

Data 187

Expert publicly disclosed the existence of 0day flaw in macOS Mojave

Security Affairs

A zero-day vulnerability in macOS Mojave can be exploited by malware to steal plaintext passwords from the Keychain. The security expert Linus Henze has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the Keychain.

German Antitrust Office Restricts Facebook Data Processing

Data Breach Today

Data 178

Ursnif: Long Live the Steganography and AtomBombing!

Security Affairs

Yoroi ZLab – Cybaze uncovered a new wave of Ursnif attacks using a variant that implements an exotic process injection technique called AtomBombing. Another wave of Ursnif attacks hits Italy. Ursnif is one of the most active banking trojans.

EHR Vendor Greenway Gets Hefty Fine for False Claims

Data Breach Today

Concerns Raised About Potential Impact on Patient Safety For the second time, the Department of Justice has imposed a substantial fine on an electronic health records software vendor in a case that involves data accuracy and integrity issues that could affect patient safety

Data 177

Analyst’s view: OpenText named a leader

OpenText Information Management

OpenText™ is thrilled to be recognized by Gartner as a Leader in the 2018 Magic Quadrant for Web Content Management. In its annual review, Gartner evaluated 18 web content management vendors on objective criteria supported by customer references.

More Trending

Boards Now Face ‘the Encryption Question’

Thales eSecurity

Tina Stewart, VP of Market Strategy. “So, So, what are we doing about encryption?”. That’s a question you can expect to be tossed around in plenty of boardrooms, in the coming months.

A third of companies are largely unprepared for cybersecurity attacks: eSecurity Planet Survey

eSecurity Planet

A third of companies are unprepared for some of the most damaging cyber attacks, such as APTs, insider threats, ransomware and DDoS attacks

Alaris to Showcase Information Capture Solutions for Healthcare at HIMSS19

Document Imaging Report

ROCHESTER, N.Y., February 7, 2019 – Alaris, a Kodak Alaris business, will showcase its award-winning solutions for automating document-based business processes at HIMSS19.

Small Breaches Can Make Big News: How to Protect Your Organization

Adam Levin

A recent leak compromised the personal data of all 4,557 active students at the California State Polytechnic University Science School. This was not a case of hackers gaining access through illicit means or an accidental exposure of an unsecured database.

Senators Grill Facebook, Google, and Apple Over Invasive Apps

WIRED Threat Level

Lawmakers want more information about Facebook’s Project Atlas program, which collected data from teens and sidestepped device makers’ privacy policies. Security

How to succeed as a high-demand data scientist

Information Management Resources

Advancing in this field requires a combination of technical and intrapersonal expertise. Understanding your value as a data scientist and extending that ingenuity to various enterprises is the key. Data Scientist Career advancement Data science

China's AI Strategy and its Security Implications

Schneier on Security

Gregory C. Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China's AI strategy, commercial, government, and military. There are numerous security -- and national security -- implications

Go Update iOS Right Now To Fix That Very Bad FaceTime Bug

WIRED Threat Level

Apple has just released iOS 12.1.4, which fixes a group chat FaceTime bug that let callers eavesdrop on targets. Security

Ransomware Attack Via MSP Locks Customers Out of Systems

Dark Reading

Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP

Google's Making It Easier to Encrypt Even Cheap Android Phones

WIRED Threat Level

Adiantum will help millions of low-end Android smartphones receive the same encryption protections as flagships. Security

Brexit and the UK Automotive Industry: Understanding the impact

OpenText Information Management

Uncertainty around the final Brexit deal between the UK and the EU still remains. This is particularly true for the automotive industry where OEMs such as Ford, Honda and Renault-Nissan have all publicly raised their concerns. To find out what was happening within the industry, and the trading options available to automotive companies, OpenText™ and … The post Brexit and the UK Automotive Industry: Understanding the impact appeared first on OpenText Blogs.

Google’s GDPR fine reinforces need for intentional data governance

Information Management Resources

We all knew a big enforcement was coming, and that the early, large fines would be against a social media or tech giant. But what does this mean to organizations on a broader scale? Data governance Data privacy GDPR

2019 Buyer’s Guide

IG Guru

Each year our industry association publishes a handy directory of product and service suppliers who are trusted by your peers. For 2019 the i-SIGMA staff has done it again!

Guide: Secure File Sharing for Accountants

OneHub

If you’re an accountant or work for an accounting firm, your main job is to help clients get their finances straight, right? You deal with extremely important and confidential statements, tax records and personal information on a daily basis. .

Digital investments on the rise as firms seeks to save and to make money

Information Management Resources

A large majority of businesses will increase their investments in digital technology over the coming year, and many expect IT modernization to fuel future transformation efforts that lead to cost savings and greater profitability. Data strategy Data management Data mining

IT 77

ThreatList: Latest DDoS Trends by the Numbers

Threatpost

Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them "far more dangerous.". Cloud Security IoT Malware Most Recent ThreatLists Web Security big data botnet Chalubo crypto currency DDoS demonbot Distributed Denial of Service distributed denial of service attack Hadoop http flood Kaspersky Lab Mirai Torii botnet UDP Flood

EDPB Adopts Opinion on Interplay Between the EU Clinical Trials Regulation and the GDPR

Data Matters

On 23 January 2019, the European Data Protection Board (EDPB) adopted an opinion on the interplay between the EU Clinical Trials Regulation (CTR) and the EU General Data Protection Regulation (GDPR). The Opinion addresses the appropriate legal basis for the processing of personal data in the context of clinical trials (primary use), and the secondary use of clinical trial data. Legal basis for the processing of personal data in a clinical trial (primary use).

GDPR 75

Weekly podcast: Metro Bank, Student Loans Company, GDPR breaches and seals

IT Governance

This week, we discuss the compromise of Metro Bank’s two-factor authentication system, nearly one million cyber attacks on the Student Loans Company, nearly 60,000 GDPR breaches and a surprising discovery for some marine biologists. Hello, and welcome to the IT Governance podcast for Thursday, 7 February 2019 – and thanks to Paula for stepping in last week while I was away. Here are this week’s stories.

Getting data governance right – five opportunities for healthcare organizations

Collibra

The data that healthcare organizations hold is incredibly valuable – it’s perhaps the most valuable asset they have. At an individual level, patient data often contains the key to understanding illness and potential recovery.

AIIM19 session preview - Content Analytics & ECM Implementation across the Enterprise with John Daly

AIIM

AIIM19 is coming soon to San Diego on March 26-28 and as usual the gathering will be the place to be for information management professionals.

ECM 52

Privacy Is Paramount in a Digital Workplace

InfoGoTo

For the past several years, one of the biggest challenges many organizations have faced is transitioning to a digital workplace. It’s daunting to switch from paper-based processes to cloud- and software-based processes with critical information stored on laptops and mobile devices.

3 Brilliant Examples of Interactive Digital Marketing and Why They're Compliance Risks

Hanzo Learning Center

Every department in an organization is a potential source of risk that compliance professionals need to understand, measure, and prepare for. Sales and finance departments need to know the regulatory compliance basics and warning signs of bribery, corruption, money laundering, and fraud.

2018 Data Breach Recap: Exposed PII Records Up 126 Percent

Rippleshot

As 2019 enters its second month, financial institutions are ready to move on from 2018, and are rapidly focusing on how to prepare and protect their customers from the next big wave of credit card fraud. As the trends show, it's going to get better before it gets worse.

Apple Fixes Pesky FaceTime Bug in iOS 12.1.4 Update

Threatpost

Apple's iOS 12.1.4 fixes a FaceTime bug that made headlines last week. Vulnerabilities Web Security apple apple flaw FaceTime FaceTime bug ios

When 911 Goes Down: Why Voice Network Security Must Be a Priority

Dark Reading

When there's a DDoS attack against your voice network, are you ready to fight against it

IT 70

Moving toward an open future of data and AI

IBM Big Data Hub

A faster journey to AI for the enterprise? What’s the secret? In this interview with Dinesh Nirmal, IBM vice president of analytics development, he shares the highlights of his upcoming Think session: “Modernizing Your Data Estates for an AI and Multicloud World.” On Wednesday, 13 February, he and David Bernert from The Boeing Company will discuss advancements in data that will give enterprises the edge

4 Payment Security Trends for 2019

Dark Reading

Visa's chief risk officer anticipates some healthy changes ahead

Risk 69

EDRM Releases the Final Version of its TAR Guidelines: eDiscovery Best Practices

eDiscovery Daily

During last year’s EDRM Spring Workshop, I discussed on this blog that EDRM had released the preliminary draft of its Technology Assisted Review (TAR) Guidelines for public comment.