Fri.Aug 16, 2019

Phishing Scheme Uses Google Drive to Avoid Security: Report

Data Breach Today

Emails Disguised as Messages From CEO A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$

Security Affairs

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$. than 10$. The Video is self-explanatory. Wanna know how to make it? Read the article below.) . All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes.

Access 108

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

European Central Bank Closes a Website Following Hack

Data Breach Today

Malware Found; Personal Data Apparently Exposed The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware

Software Vulnerabilities in the Boeing 787

Schneier on Security

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Travel Card Data Release Risked Australians' Privacy

Data Breach Today

Transport Agency Criticized for Violating Privacy Law Big data analysis relies on big data being available.

Risk 163

More Trending

A Summer of Data Breach Discontent

Data Breach Today

Ransomware Attacks, Vendors Mishaps Are Top Culprits in Healthcare Data Breach Drama When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge

European Central Bank (ECB) discloses data breach in BIRD Newsletter

Security Affairs

The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter.

U.S. CyberDome Poised to Protect 2020 Elections

Data Breach Today

An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up

Hurry Up! Update your LibreOffice because 2 patches have been bypassed

Security Affairs

The latest version of LibreOffice ( 6.2.6 addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues.

IT 89

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

The Renaissance of Deception Technology

Data Breach Today

The latest edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack

Friday Squid Blogging: Robot Squid Propulsion

Schneier on Security

Interesting research : The squid robot is powered primarily by compressed air, which it stores in a cylinder in its nose (do squids have noses?). The fins and arms are controlled by pneumatic actuators.

Paper 87

Weekly Update 152

Troy Hunt

I made it out of Vegas! That was a rather intense 8 days and if I'm honest, returning to the relative tranquillity of Oslo has been lovely (not to mention the massive uptick in coffee quality).

Breached Passwords Still in Use By Hundreds of Thousands

Threatpost

More than 300,000 users still utilize credentials that have been compromised - with people visiting video streaming and porn sites most at fault, Google found in a new study. Breach Web Security breach compromised password data breach google Password

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Beat the Heat: Dark Reading Caption Contest Winners

Dark Reading

Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are

ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019

Threatpost

The number of exposed records has hit record highs in just the first two quarters. Breach Most Recent ThreatLists Privacy 4.1 billion records all time high analysis data breach activity record levels Research risk based security the report

Risk 105

Google And NASA Are ‘Leaking Data’ Via Misconfigured Jira Servers reported by BleepingComputer

IG Guru

"I have discovered several such misconfigured JIRA accounts in hundreds of companies. Some of the companies were from Alexa and Fortune top list including big giants like NASA, Google, Yahoo, etc and government sites." - Avinash Jain.

Fake News and Influence: Information Warfare in the Digital Age

Threatpost

It's been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out. Facebook Featured Government InfoSec Insider Web Security Akamai Cybersecurity deep fakes fake news information warfare tony lauro

IT 100

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Behind the Scenes at ICS Village

Dark Reading

ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists

News Wrap: DejaBlue Bugs and Biometrics Data Breaches

Threatpost

From the biometrics of one million being exposed, to new Microsoft Bluekeep-like threats, Threatpost discusses the top news of the week. Hacks Podcasts Vulnerabilities Biometrics biometrics data Black Hat USA bluekeep data breach DEF CON Lenovo Microsoft Microsoft patches patch tuesday

European Central Bank Website Hit by Malware Attack

Dark Reading

The website was infected with malware that stole information on subscribers to a bank newsletter

82

Firms lack faith in information security operations centers

Information Management Resources

The top barrier to success is a lack of visibility into IT security infrastructure effectiveness, according to Ponemon survey

Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown

Dark Reading

At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community

IT 76

Getting ahead of the risks of extended reality

Information Management Resources

Having wised up to the privacy and security concerns of today’s technologies, it’s urgent that organizations commit to new responsible approaches before XR becomes a part of our everyday lives

Google Analyzes Pilfered Password Reuse

Dark Reading

Password Checkup data shows some users still reuse their exposed passwords

Episode 157: Do we need an FDA for Software? Also: operationalizing Threat Intelligence

The Security Ledger

Sarah Zatko of the Cyber Independent Testing Lab joins us to talk about CITL's big new study of firmware security.

IoT 52

ICO Launches Investigation into Facial Recognition in King’s Cross, London

Hunton Privacy

On August 15, 2019, the UK Information Commissioner’s Office (“ICO”) announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London. This follows a letter sent by the mayor of London, Sadiq Khan, to the owner of the development inquiring as to whether the use of the software was legal. The company responsible for the technology said it was used for the purposes of public safety.

Top data scientists are honored for their work in data mining and discovery

Information Management Resources

Researchers and engineers take home honors at the 25th annual gathering of ACM’s subgroup on Knowledge Discovery and Data Mining

Successful Information Governance when the Bosses Just Don't Care

AIIM

We regularly discuss the value and importance of information governance - at our conference, in our training courses, in our virtual events. And we're by no means alone - every association and consulting firm in the industry has been making the same points for years. And if you're reading this post, you probably get it already. But what if your bosses still don't care? How can you move your organization's information governance program forward in the absence of management support or interest?

What’s the Difference Between Microfilm and Microfiche?

Record Nations

Microform storage is a method used to save space by shrinking down documents and storing them on photographic film. There are two kinds of microform—microfilm and microfiche. Microfilm is a roll of images, much like a movie reel, while microfiche is a flat sheet of microfilm. Because the documents are usually reduced to about 1/25 […]. The post What’s the Difference Between Microfilm and Microfiche? appeared first on Record Nations. Records Storage

40

DevOps Chat Podcast: $2M DARPA Award Sparks Behavior Testing with ForAllSecure's Mayhem Solution

ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has led to a world of security researchers and bug bounties directed at finding new vulnerabilities