Fri.Aug 16, 2019

article thumbnail

Phishing Scheme Uses Google Drive to Avoid Security: Report

Data Breach Today

Emails Disguised as Messages From CEO A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week.

Phishing 147
article thumbnail

Successful Information Governance when the Bosses Just Don't Care

AIIM

We regularly discuss the value and importance of information governance - at our conference, in our training courses, in our virtual events. And we're by no means alone - every association and consulting firm in the industry has been making the same points for years. And if you're reading this post, you probably get it already. But what if your bosses still don't care?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

A Summer of Data Breach Discontent

Data Breach Today

Ransomware Attacks, Vendors Mishaps Are Top Culprits in Healthcare Data Breach Drama When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge?

article thumbnail

Software Vulnerabilities in the Boeing 787

Schneier on Security

Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities: At the Black Hat security conference today in Las Vegas, Santamarta, a researcher for security firm IOActive, plans to present his findings, including the details of multiple serious security flaws in the code for a component of the 787 known as a Crew Information Service/Maintenance System.

Access 94
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

European Central Bank Closes a Website Following Hack

Data Breach Today

Malware Found; Personal Data Apparently Exposed The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware.

More Trending

article thumbnail

U.S. CyberDome Poised to Protect 2020 Elections

Data Breach Today

An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up.

Security 157
article thumbnail

ICO Launches Investigation into Facial Recognition in King’s Cross, London

Hunton Privacy

On August 15, 2019, the UK Information Commissioner’s Office (“ICO”) announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London. This follows a letter sent by the mayor of London, Sadiq Khan, to the owner of the development inquiring as to whether the use of the software was legal.

Privacy 91
article thumbnail

The Renaissance of Deception Technology

Data Breach Today

The latest edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack.

Security 157
article thumbnail

700,000 records belonging to Choice Hotels customer leaked online. Crooks demanded ransom

Security Affairs

Security experts have discovered that hackers have stolen 700,000 records from Choice Hotels franchise and are demanding payment for their return. . Experts at Comparitech with the help of the popular researcher Bob Diachenko discovered an unsecured database containing 700,000 records from the hotel franchise Chain Hotel. The experts discovered the unsecured MongoDB archive containing 5.6 million records on July 2, 2019, after the archive was indexed by the BinaryEdge search engine. . “Hac

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Travel Card Data Release Risked Australians' Privacy

Data Breach Today

Transport Agency Criticized for Violating Privacy Law Big data analysis relies on big data being available. But a recent incident in Australia put the privacy of millions of public transport travelers at risk after steps weren't taken to properly anonymize three years of travel records, Victoria's information commissioner has found.

Privacy 136
article thumbnail

Behind the Scenes at ICS Village

Dark Reading

ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.

article thumbnail

European Central Bank (ECB) discloses data breach in BIRD Newsletter

Security Affairs

The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter. The ECB was the victim of a data breach, the bank announced that hackers had access for several months to the contact information of hundreds of financial industry subscribers to its newsletter.

article thumbnail

Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown

Dark Reading

At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Hurry Up! Update your LibreOffice because 2 patches have been bypassed

Security Affairs

The latest version of LibreOffice ( 6.2.6 /6.3.0) addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice has released a new version of the popular open-source office software that addressed three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues.

article thumbnail

European Central Bank Website Hit by Malware Attack

Dark Reading

The website was infected with malware that stole information on subscribers to a bank newsletter.

88
article thumbnail

Digitizing the credit management journey

CGI

Digitizing the credit management journey. shobana.lv@cgi.com. Fri, 08/16/2019 - 03:19. Effective credit management is more important to the global economy than ever before, yet many businesses still struggle to achieve it. This paradox poses significant consequences for companies and customers alike. Credit granted too freely harms markets by increasing the likelihood that borrowers will default.

article thumbnail

Fake News and Influence: Information Warfare in the Digital Age

Threatpost

It's been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out.

IT 66
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

DevOps Chat Podcast: $2M DARPA Award Sparks Behavior Testing With ForAllSecure's Mayhem Solution

ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has led to a world of security researchers and bug bounties directed at finding new vulnerabilities. As dedicated as security researchers are, there is a vast ocean of software in existence, waiting for someone to find and exploit the next security vulnerability for profit or nefarious uses.

article thumbnail

Beat the Heat: Dark Reading Caption Contest Winners

Dark Reading

Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are.

article thumbnail

Weekly Update 152

Troy Hunt

I made it out of Vegas! That was a rather intense 8 days and if I'm honest, returning to the relative tranquillity of Oslo has been lovely (not to mention the massive uptick in coffee quality). But just as the US to Europe jet lag passes, it's time to head back to Aus for a bit and go through the whole cycle again. And just on that, I've found that diet makes a hell of a difference in coping with this sort of thing: The number one most effective way I’ve found for coping with jet lag, stress, cr

article thumbnail

ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019

Threatpost

The number of exposed records has hit record highs in just the first two quarters.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Google Analyzes Pilfered Password Reuse

Dark Reading

Password Checkup data shows some users still reuse their exposed passwords.

article thumbnail

News Wrap: DejaBlue Bugs and Biometrics Data Breaches

Threatpost

From the biometrics of one million being exposed, to new Microsoft Bluekeep-like threats, Threatpost discusses the top news of the week.

article thumbnail

Google And NASA Are ‘Leaking Data’ Via Misconfigured Jira Servers reported by BleepingComputer

IG Guru

"I have discovered several such misconfigured JIRA accounts in hundreds of companies. Some of the companies were from Alexa and Fortune top list including big giants like NASA, Google, Yahoo, etc and government sites." - Avinash Jain. The post Google And NASA Are ‘Leaking Data’ Via Misconfigured Jira Servers reported by BleepingComputer appeared first on IG GURU.

article thumbnail

DevOps Chat Podcast: $2M DARPA Award Sparks Behavior Testing With ForAllSecure's Mayhem Solution

ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has led to a world of security researchers and bug bounties directed at finding new vulnerabilities. As dedicated as security researchers are, there is a vast ocean of software in existence, waiting for someone to find and exploit the next security vulnerability for profit or nefarious uses.

article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

What’s the Difference Between Microfilm and Microfiche?

Record Nations

Microform storage is a method used to save space by shrinking down documents and storing them on photographic film. There are two kinds of microform—microfilm and microfiche. Microfilm is a roll of images, much like a movie reel, while microfiche is a flat sheet of microfilm. Because the documents are usually reduced to about 1/25 […]. The post What’s the Difference Between Microfilm and Microfiche?

40
article thumbnail

DEVOPS CHAT PODCAST: $2M DARPA AWARD SPARKS BEHAVIOR TESTING WITH FORALLSECURE'S MAYHEM SOLUTION

ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has led to a world of security researchers and bug bounties directed at finding new vulnerabilities. As dedicated as security researchers are, there is a vast ocean of software in existence, waiting for someone to find and exploit the next security vulnerability for profit or nefarious uses.

article thumbnail

Getting ahead of the risks of extended reality

Information Management Resources

Having wised up to the privacy and security concerns of today’s technologies, it’s urgent that organizations commit to new responsible approaches before XR becomes a part of our everyday lives.

Risk 40