Thu.Feb 07, 2019

Stress Test: Police Visit Webstresser Stresser/Booter Users

Data Breach Today

Seized Customer Data Appears to Be Powering Ongoing Dutch and UK Probes Hundreds of suspected customers of Webstresser, a DDoS stresser/booter site that was disrupted last year, are being visited by law enforcement agents and may see jail time.

Data 180

Expert publicly disclosed the existence of 0day flaw in macOS Mojave

Security Affairs

A zero-day vulnerability in macOS Mojave can be exploited by malware to steal plaintext passwords from the Keychain. The security expert Linus Henze has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the Keychain.

German Antitrust Office Restricts Facebook Data Processing

Data Breach Today

Data 172

Ursnif: Long Live the Steganography and AtomBombing!

Security Affairs

Yoroi ZLab – Cybaze uncovered a new wave of Ursnif attacks using a variant that implements an exotic process injection technique called AtomBombing. Another wave of Ursnif attacks hits Italy. Ursnif is one of the most active banking trojans.

EHR Vendor Greenway Gets Hefty Fine for False Claims

Data Breach Today

Concerns Raised About Potential Impact on Patient Safety For the second time, the Department of Justice has imposed a substantial fine on an electronic health records software vendor in a case that involves data accuracy and integrity issues that could affect patient safety

Data 170

China's AI Strategy and its Security Implications

Schneier on Security

Gregory C. Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China's AI strategy, commercial, government, and military. There are numerous security -- and national security -- implications

More Trending

A third of companies are largely unprepared for cybersecurity attacks: eSecurity Planet Survey

eSecurity Planet

A third of companies are unprepared for some of the most damaging cyber attacks, such as APTs, insider threats, ransomware and DDoS attacks

Analyst’s view: OpenText named a leader

OpenText Information Management

OpenText™ is thrilled to be recognized by Gartner as a Leader in the 2018 Magic Quadrant for Web Content Management. In its annual review, Gartner evaluated 18 web content management vendors on objective criteria supported by customer references.

Blog 72

Small Breaches Can Make Big News: How to Protect Your Organization

Adam Levin

A recent leak compromised the personal data of all 4,557 active students at the California State Polytechnic University Science School. This was not a case of hackers gaining access through illicit means or an accidental exposure of an unsecured database.

Senators Grill Facebook, Google, and Apple Over Invasive Apps

WIRED Threat Level

Lawmakers want more information about Facebook’s Project Atlas program, which collected data from teens and sidestepped device makers’ privacy policies. Security

Ransomware Attack Via MSP Locks Customers Out of Systems

Dark Reading

Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP

How to succeed as a high-demand data scientist

Information Management Resources

Advancing in this field requires a combination of technical and intrapersonal expertise. Understanding your value as a data scientist and extending that ingenuity to various enterprises is the key. Data Scientist Career advancement Data science

Brexit and the UK Automotive Industry: Understanding the impact

OpenText Information Management

Uncertainty around the final Brexit deal between the UK and the EU still remains. This is particularly true for the automotive industry where OEMs such as Ford, Honda and Renault-Nissan have all publicly raised their concerns. To find out what was happening within the industry, and the trading options available to automotive companies, OpenText™ and … The post Brexit and the UK Automotive Industry: Understanding the impact appeared first on OpenText Blogs.

Go Update iOS Right Now To Fix That Very Bad FaceTime Bug

WIRED Threat Level

Apple has just released iOS 12.1.4, which fixes a group chat FaceTime bug that let callers eavesdrop on targets. Security

2019 Buyer’s Guide

IG Guru

Each year our industry association publishes a handy directory of product and service suppliers who are trusted by your peers. For 2019 the i-SIGMA staff has done it again!

Google's Making It Easier to Encrypt Even Cheap Android Phones

WIRED Threat Level

Adiantum will help millions of low-end Android smartphones receive the same encryption protections as flagships. Security

Digital investments on the rise as firms seeks to save and to make money

Information Management Resources

A large majority of businesses will increase their investments in digital technology over the coming year, and many expect IT modernization to fuel future transformation efforts that lead to cost savings and greater profitability. Data strategy Data management Data mining

IT 76

Alaris to Showcase Information Capture Solutions for Healthcare at HIMSS19

Document Imaging Report

ROCHESTER, N.Y., February 7, 2019 – Alaris, a Kodak Alaris business, will showcase its award-winning solutions for automating document-based business processes at HIMSS19.

EDPB Adopts Opinion on Interplay Between the EU Clinical Trials Regulation and the GDPR

Data Matters

On 23 January 2019, the European Data Protection Board (EDPB) adopted an opinion on the interplay between the EU Clinical Trials Regulation (CTR) and the EU General Data Protection Regulation (GDPR). The Opinion addresses the appropriate legal basis for the processing of personal data in the context of clinical trials (primary use), and the secondary use of clinical trial data. Legal basis for the processing of personal data in a clinical trial (primary use).

GDPR 75

Weekly podcast: Metro Bank, Student Loans Company, GDPR breaches and seals

IT Governance

This week, we discuss the compromise of Metro Bank’s two-factor authentication system, nearly one million cyber attacks on the Student Loans Company, nearly 60,000 GDPR breaches and a surprising discovery for some marine biologists. Hello, and welcome to the IT Governance podcast for Thursday, 7 February 2019 – and thanks to Paula for stepping in last week while I was away. Here are this week’s stories.

AIIM19 session preview - Content Analytics & ECM Implementation across the Enterprise with John Daly

AIIM

AIIM19 is coming soon to San Diego on March 26-28 and as usual the gathering will be the place to be for information management professionals.

ECM 52

Privacy Is Paramount in a Digital Workplace

InfoGoTo

For the past several years, one of the biggest challenges many organizations have faced is transitioning to a digital workplace. It’s daunting to switch from paper-based processes to cloud- and software-based processes with critical information stored on laptops and mobile devices.

3 Brilliant Examples of Interactive Digital Marketing and Why They're Compliance Risks

Hanzo Learning Center

Every department in an organization is a potential source of risk that compliance professionals need to understand, measure, and prepare for. Sales and finance departments need to know the regulatory compliance basics and warning signs of bribery, corruption, money laundering, and fraud.

2018 Data Breach Recap: Exposed PII Records Up 126 Percent

Rippleshot

As 2019 enters its second month, financial institutions are ready to move on from 2018, and are rapidly focusing on how to prepare and protect their customers from the next big wave of credit card fraud. As the trends show, it's going to get better before it gets worse.

Apple Fixes Pesky FaceTime Bug in iOS 12.1.4 Update

Threatpost

Apple's iOS 12.1.4 fixes a FaceTime bug that made headlines last week. Vulnerabilities Web Security apple apple flaw FaceTime FaceTime bug ios

Google’s GDPR fine reinforces need for intentional data governance

Information Management Resources

We all knew a big enforcement was coming, and that the early, large fines would be against a social media or tech giant. But what does this mean to organizations on a broader scale? Data governance Data privacy GDPR

ThreatList: Latest DDoS Trends by the Numbers

Threatpost

Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them "far more dangerous.". Cloud Security IoT Malware Most Recent ThreatLists Web Security big data botnet Chalubo crypto currency DDoS demonbot Distributed Denial of Service distributed denial of service attack Hadoop http flood Kaspersky Lab Mirai Torii botnet UDP Flood

When 911 Goes Down: Why Voice Network Security Must Be a Priority

Dark Reading

When there's a DDoS attack against your voice network, are you ready to fight against it

IT 69

EDRM Releases the Final Version of its TAR Guidelines: eDiscovery Best Practices

eDiscovery Daily

During last year’s EDRM Spring Workshop, I discussed on this blog that EDRM had released the preliminary draft of its Technology Assisted Review (TAR) Guidelines for public comment.

4 Payment Security Trends for 2019

Dark Reading

Visa's chief risk officer anticipates some healthy changes ahead

Risk 67

Flaw in Multiple Airline Systems Exposes Passenger Data

Threatpost

Up to eight airlines do not encrypt e-ticketing booking systems - leaving personal customer data open for the taking. Hacks Vulnerabilities Airline Data data breach exposed data risky wifi WiFi

Master the Latest Exploits and Security Vulnerabilities at Black Hat Asia

Dark Reading

In cybersecurity it pays to stay on top of the latest exploits, and there's no better place to do that than Black Hat Asia in Singapore next month

Facebook suffers German antitrust attack on business model

Information Management Resources

Facebook Inc.’s s advertising model came under attack in a landmark ruling from German antitrust regulators who ordered the social network to halt how it currently tracks its users’ internet browsing and smartphone apps. Customer data Data privacy Facebook

IT 65

US Law Enforcement Busts Romanian Online Crime Operation

Dark Reading

Twelve members of 20-person group extradited to US to face charges related to theft of millions via fake ads other scams