Fri.Aug 16, 2019

Phishing Scheme Uses Google Drive to Avoid Security: Report

Data Breach Today

Emails Disguised as Messages From CEO A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$

Security Affairs

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$. than 10$. The Video is self-explanatory. Wanna know how to make it? Read the article below.) . All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes.

Video 111

European Central Bank Closes a Website Following Hack

Data Breach Today

Malware Found; Personal Data Apparently Exposed The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware

IT 192

Software Vulnerabilities in the Boeing 787

Schneier on Security

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Travel Card Data Release Risked Australians' Privacy

Data Breach Today

Transport Agency Criticized for Violating Privacy Law Big data analysis relies on big data being available.

Risk 148

More Trending

A Summer of Data Breach Discontent

Data Breach Today

Ransomware Attacks, Vendors Mishaps Are Top Culprits in Healthcare Data Breach Drama When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge

European Central Bank (ECB) discloses data breach in BIRD Newsletter

Security Affairs

The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter.

U.S. CyberDome Poised to Protect 2020 Elections

Data Breach Today

An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up

Groups 122

Hurry Up! Update your LibreOffice because 2 patches have been bypassed

Security Affairs

The latest version of LibreOffice ( 6.2.6 addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

The Renaissance of Deception Technology

Data Breach Today

The latest edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack

Weekly Update 152

Troy Hunt

I made it out of Vegas! That was a rather intense 8 days and if I'm honest, returning to the relative tranquillity of Oslo has been lovely (not to mention the massive uptick in coffee quality).

ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019

Threatpost

The number of exposed records has hit record highs in just the first two quarters. Breach Most Recent ThreatLists Privacy 4.1 billion records all time high analysis data breach activity record levels Research risk based security the report

Beat the Heat: Dark Reading Caption Contest Winners

Dark Reading

Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Breached Passwords Still in Use By Hundreds of Thousands

Threatpost

More than 300,000 users still utilize credentials that have been compromised - with people visiting video streaming and porn sites most at fault, Google found in a new study. Breach Web Security breach compromised password data breach google Password

Friday Squid Blogging: Robot Squid Propulsion

Schneier on Security

Interesting research : The squid robot is powered primarily by compressed air, which it stores in a cylinder in its nose (do squids have noses?). The fins and arms are controlled by pneumatic actuators.

Blog 64

Google And NASA Are ‘Leaking Data’ Via Misconfigured Jira Servers reported by BleepingComputer

IG Guru

"I have discovered several such misconfigured JIRA accounts in hundreds of companies. Some of the companies were from Alexa and Fortune top list including big giants like NASA, Google, Yahoo, etc and government sites." - Avinash Jain.

Data 63

Fake News and Influence: Information Warfare in the Digital Age

Threatpost

It's been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out. Facebook Featured Government InfoSec Insider Web Security Akamai Cybersecurity deep fakes fake news information warfare tony lauro

IT 85

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

European Central Bank Website Hit by Malware Attack

Dark Reading

The website was infected with malware that stole information on subscribers to a bank newsletter

81

Firms lack faith in information security operations centers

Information Management Resources

The top barrier to success is a lack of visibility into IT security infrastructure effectiveness, according to Ponemon survey

News Wrap: DejaBlue Bugs and Biometrics Data Breaches

Threatpost

From the biometrics of one million being exposed, to new Microsoft Bluekeep-like threats, Threatpost discusses the top news of the week. Hacks Podcasts Vulnerabilities Biometrics biometrics data Black Hat USA bluekeep data breach DEF CON Lenovo Microsoft Microsoft patches patch tuesday

Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown

Dark Reading

At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community

ICO Launches Investigation into Facial Recognition in King’s Cross, London

Hunton Privacy

On August 15, 2019, the UK Information Commissioner’s Office (“ICO”) announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London. This follows a letter sent by the mayor of London, Sadiq Khan, to the owner of the development inquiring as to whether the use of the software was legal. The company responsible for the technology said it was used for the purposes of public safety.

Episode 157: Do we need an FDA for Software? Also: operationalizing Threat Intelligence

The Security Ledger

Sarah Zatko of the Cyber Independent Testing Lab joins us to talk about CITL's big new study of firmware security.

Study 52

Getting ahead of the risks of extended reality

Information Management Resources

Having wised up to the privacy and security concerns of today’s technologies, it’s urgent that organizations commit to new responsible approaches before XR becomes a part of our everyday lives

Behind the Scenes at ICS Village

Dark Reading

ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists

Top data scientists are honored for their work in data mining and discovery

Information Management Resources

Researchers and engineers take home honors at the 25th annual gathering of ACM’s subgroup on Knowledge Discovery and Data Mining

Google Analyzes Pilfered Password Reuse

Dark Reading

Password Checkup data shows some users still reuse their exposed passwords

What’s the Difference Between Microfilm and Microfiche?

Record Nations

Microform storage is a method used to save space by shrinking down documents and storing them on photographic film. There are two kinds of microform—microfilm and microfiche. Microfilm is a roll of images, much like a movie reel, while microfiche is a flat sheet of microfilm. Because the documents are usually reduced to about 1/25 […]. The post What’s the Difference Between Microfilm and Microfiche? appeared first on Record Nations. Records Storage

Digitizing the credit management journey

CGI

Digitizing the credit management journey. shobana.lv@cgi.com. Fri, 08/16/2019 - 03:19. Effective credit management is more important to the global economy than ever before, yet many businesses still struggle to achieve it. This paradox poses significant consequences for companies and customers alike.

Successful Information Governance when the Bosses Just Don't Care

AIIM

We regularly discuss the value and importance of information governance - at our conference, in our training courses, in our virtual events. And we're by no means alone - every association and consulting firm in the industry has been making the same points for years. And if you're reading this post, you probably get it already. But what if your bosses still don't care? How can you move your organization's information governance program forward in the absence of management support or interest?