Tue.Sep 10, 2019

Cybercrime Black Markets: RDP Access Remains Cheap and Easy

Data Breach Today

Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services.

Patch Tuesday, September 2019 Edition

Krebs on Security

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software.

IT 220

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

NEW TECH: Baffin Bay Networks takes a ‘cloud-first’ approach to securing web applications

The Last Watchdog

Hear about the smart toaster that got attacked three times within an hour after its IP address first appeared on the Internet? That experiment conducted by a reporter for The Atlantic crystalizes the seemingly intractable security challenge businesses face today.

Cloud 136

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Hackers Attempted DDoS Attack Against Utility: Report

Data Breach Today

Analysis: Attackers Probed Weaknesses in Network Firewalls for 10 Hours Earlier this year, intruders probed weaknesses in the network firewalls of a U.S.


More Trending

Email Servers: Exim Flaw Leaves Millions at Risk of Hacking

Data Breach Today

Remotely Executable Flaw Could be Exploited by BEC and Ransomware Attackers Email server alert: Linux and Unix administrators should immediately patch a remotely exploitable flaw in Exim, one of the world's most-used message transfer agents, security experts warn.

Risk 203

What will be your decisive moment to secure your cloud applications in a Zero Trust world?

Thales eSecurity

Access management is increasingly the answer to #TrustedAccess. With two decades of cloud computing now under the belt, this question is increasingly more relevant in our hyper-connected world.

Access 106

Avoiding Breach Notification Blunders

Data Breach Today


Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction.

IoT 100

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

CISOs: Navigating Operational Conflicts

Data Breach Today

Chris Hetner of Marsh on the CISO's Role as a Communicator Today's CISOs need to speak the language of business, says Chris Hetner of Marsh, who offers advice on navigating operational conflicts

Police dismantled Europe’s second-largest counterfeit currency network on the dark web

Security Affairs

The European authorities announced to have dismantled Europe’s second-largest counterfeit currency network on the dark web.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the available evidence so far should give policymakers pause.

Robert Downey Jr’s Instagram account has been hacked

Security Affairs

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Robert Downey Jr.

IT 97

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Top 7 benefits of supply chain optimization

OpenText Information Management

In our last blog. we looked at what’s involved in supply chain optimization, the supply chain optimization techniques and tools that are available to you. This time we’ll cover the key benefits of supply chain optimization and how you can achieve them.

Microsoft Patch Tuesday updates for September 2019 fix 2 privilege escalation flaws exploited in attacks

Security Affairs

Microsoft Patch Tuesday updates for September 2019 address 80 flaws, including two privilege escalation issues exploited in attacks.

Microsoft Addresses Two Zero-Days Under Active Attack


September Patch Tuesday leads off with two elevation-of-privilege bugs that have been exploited in the wild. Cloud Security Vulnerabilities Web Security active attack critical vulnerabilities elevation of privilege Microsoft patch tuesday remote desktop client september 2019 zero day

Cloud 108

Adobe September 2019 Patch Tuesday updates fix 2 code execution flaws in Flash Player

Security Affairs

Adobe September 2019 Patch Tuesday updates address two code execution bugs in Flash Player and a DLL hijacking flaw in Application Manager.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Vulnerabilities in D-Link, Comba Routers Can Leak Credentials


Flaws can potentially affect every device and user on the network by directing them to malicious websites or blocking their access to important data or resources. Vulnerabilities Comba Telecom D-Link Routers

Access 103

GDPR Compliance — The Fines Have Begun!


GDPR compliance has been a major talking point among information governance professionals for quite some time. Unfortunately, some organizations have now run afoul of the law, making the promised fines a reality for the non-compliant. GDPR’s First Fines Are Nothing to Sneeze At.

Why Healthcare is Moving to Cloud: Connect Data Silos

Perficient Data & Analytics

The following is the third blog in a series about why healthcare organizations are moving to the cloud. In this series so far, we have looked at how the cloud brings robust data security and the cost savings and efficiencies that the cloud delivers for healthcare organizations.

Cloud 70

U.S. Manufacturer Most Recent Target of LokiBot Malspam Campaign


A large U.S. manufacturing company is the latest organization to be targeted with the LokiBot trojan - although this most recent campaign harbored some bizarre red flags.

Security Pros' Painless Guide to Machine Intelligence, AI, ML & DL

Dark Reading

Artificial intelligence, machine learning, or deep learning? Knowing what the major terms really mean will help you sort through the morass of words on the subject and the security uses of each

11th Circuit Rules Single Text Message Not Sufficient for Article III Standing

Data Matters

Creating a circuit split, the U.S. Court of Appeals for the Eleventh Circuit has held that receiving a single unwanted text message is not enough to confer standing, even if the text violated the federal Telephone Consumer Protection Act (TCPA). The court disagreed with a Ninth Circuit ruling that reached the opposite conclusion in 2017. In so doing, it gave new life to an argument defendants may use to fend off class actions under the TCPA.

Paper 91

Get your creative team on the same page

OpenText Information Management

When it comes to collaborating on creative projects, we know that processes can often get in the way. Your team members might find themselves working on the wrong versions of an asset, or there might be multiple versions of the same asset being worked on by different people.

ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019


Cybercrooks are using bots to create synthetic digital identities, to carry out various types of fraud. Breach Hacks Mobile Security Privacy Web Security account creation bots Data Breaches fake identities first half 2019 Fraud lexisnexis the report threatlist

What Are the First Signs of a Cloud Data Leak?

Dark Reading

Most cloud data breaches leave only trace signs of malfeasance, so it can be tricky

Adobe Fixes Critical Flash Player Code Execution Flaws


Overall Adobe's September security update addressed vulnerabilities in Flash Player and Application Manager. Vulnerabilities Web Security adobe adobe application manager adobe flash player adobe patch critical flaw critical vulnerability fix macOS patch tuesday Windows

US Power Grid Cyberattack Due to Unpatched Firewall: NERC

Dark Reading

A firewall vulnerability enabled attackers to repeatedly reboot the victim entity's firewalls, causing unexpected outages


Capture the Flag events and eSports

Adam Shostack

Looking at what is popular with smaller niche crowds can give greater insight into the “next thing”. This natural selection of attention can inspire an evolution of methods and practices. Capture the Flag Events (CTFs) and electronic Sports (eSports) are good examples of a relatively new trend.

Beyond the China Personal Information Security Specification


Organizations doing business in China should pay attention to recent action by the Cyberspace Administration of China regarding the regulation of cross-border personal information transfers.