Fri.Jul 19, 2019

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Krebs on Security

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days.

Phishing Scheme Targets Amex Cardholders

Data Breach Today

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.

A Harlequin Romance Novel about Hackers

Schneier on Security

Really. books hacking

114
114

Despite BlueKeep Warnings, Many Organizations Fail to Patch

Data Breach Today

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

John Paul Stevens Was a Cryptographer

Schneier on Security

I didn't know that Supreme Court Justice John Paul Stevens "was also a cryptographer for the Navy during World War II." He was a proponent of individual privacy. courts cryptography historyofcryptography privacy surveillance

More Trending

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

Poland and Lithuania are probing the potential privacy and security risks of using a Russian-made app FaceApp. Millions of people recently downloaded the FaceApp app and are taking part in the “ #FaceApp Challenge ” to show friends how they can look like when they will be old and grey.

BEC Scams Cost U.S. Companies $300 Million Per Month: Study

Data Breach Today

Treasury Department Says an Average of 1,100 Businesses Scammed Each Month Business email compromise scams are surging, and they're costing U.S. companies a total of more than $300 million a month, according to a recently released analysis by the U.S. Treasury Department.

217
217

Former NSA contractor sentenced to 9 years for stealing classified data

Security Affairs

The former NSA contractor who pled guilty to stealing over 50TB of data from the Agency, was sentenced to nine years in prison.

Tesla Vulnerability: A Bounty Hunter's Tale

Data Breach Today

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from former federal advisers Richard Clarke and Robert Knake on cyber resilience

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

The App Creeping on Your IG Location, Jakarta’s Insurance Crisis, and More News

WIRED Threat Level

Catch up on the most important news from today in two minutes or less. Security Security / Privacy

Phishing Attack Aimed at Stealing Payroll Deposits

Data Breach Today

Healthcare System's Procedures Helped Prevent the Crime A Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data.

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media.

Mining 111

Researchers Trick Cylance Into Giving Malware a Pass

Data Breach Today

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Friday Squid Blogging: Squid Mural

Schneier on Security

Large squid mural in the Bushwick neighborhood of Brooklyn. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here. squid

New Audit Finds More Security Vulnerabilities at IRS

Data Breach Today

GAO Makes More Security Recommendations; IRS Now Has 127 Issues to Resolve The Internal Revenue Services' internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to a U.S.

Dutch police arrested the author of Dryad and Rubella Macro Builders

Security Affairs

Dutch authorities announced the arrest of a 20-year old man for allegedly developing Dryad and Rubella Macro Builders. Dutch authorities announced have arrested a 20-year old man that is accused to be the author of Dryad and Rubella Macro Builders.

Huawei Question Must Be Answered by New UK Prime Minister

Data Breach Today

Delay is Damaging International Relationships, Parliamentary Committee Warns A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network

IT 125

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders.

Weekly Update 148

Troy Hunt

It's the last one from Norway before heading off to the US and diving into the deep end of the Project Svalbard pool followed by Black Hat and DEF CON in Vegas.

Concerns Over FaceApp Remind Us That Users May Not Fathom the Permissions They Grant Apps

ARMA International

Geoffrey A.

Capture? Haven't we been doing this for years?

AIIM

Capture? Haven’t we been doing this for years and years? Well…yes and no. Yes, organizations have been scanning paper into digital archives for a long time. And for 72% of organizations, scanning paper is still the most important part of their information capture strategy.

Paper 80

Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections

Threatpost

The group was posing as a researcher from Cambridge, and was found to have added three new malware families to its spy arsenal. Government Malware apt34 cambridge espionage FireEye Greenbug Irán linked in new malware OilRig Phishing social network

IT 114

Malware in PyPI Code Shows Supply Chain Risks

Dark Reading

A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories

Risk 113

Adult Sites Lack Privacy, Open the Door for Harassment and Tracking

Threatpost

Third-party tracking is rampant on sites like Pornhub, with users' sexual preferences on full view. Hacks Privacy Web Security harassment opt in policies porn sites Pornhub sexual preferences third party tracking

Mirai Groups Target Business IoT Devices

Dark Reading

More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business

IoT 113

Did you know? AMC Monthly Newsletter

Micro Focus

With the exciting new product releases across the entire Application Modernization & Connectivity portfolio, this month’s newsletter focuses on the features and support material for these fresh upgrades, including Visual COBOL 5.0 and Enterprise Suite 5.0.

75

Europol Head Fears 5G Will Give Criminals an Edge

Dark Reading

Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks

IT 112

Netskope for SaaS: CASB Product Overview and Insight

eSecurity Planet

We review Netskope's CASB, including the cloud security product's use cases, notable features, security qualifications and supported applications

Cloud 64

Crack the Defenses of iOS and other Platforms at Black Hat USA

Dark Reading

Get the latest insights into how to attack and defend platforms like iOS, MacOS, and Windows 10 at this upcoming August security conference

Bitglass Cloud Security: CASB Product Overview and Insight

eSecurity Planet

We review Bitglass Cloud Security, including the CASB's use cases, notable features, security qualifications and supported applications

Cloud 64