Thu.Apr 02, 2020

‘War Dialing’ Tool Exposes Zoom’s Password Problems

Krebs on Security

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom.

Morrisons Not Liable for Breach Caused by Rogue Employee

Data Breach Today

Employees' Attempt to Receive Financial Compensation Dismissed by Supreme Court Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Marriott Was Hacked -- Again

Schneier on Security

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g.,

Washington Governor Signs Facial Recognition Law

Data Breach Today

Privacy Advocates Criticize Measure That Microsoft Supported Washington's governor has signed a new law that regulates the use of facial recognition technology. But some privacy advocates say the measure, which was backed by Microsoft, doesn't do enough to protect individuals' rights

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

New COVID19 wiper overwrites MBR making computers unusable

Security Affairs

A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR.

More Trending

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack.

Coalition Offers Remote Workforce Security Tips

Data Breach Today

Andy Bates of Global Cyber Alliance on 'Work From Home, Secure Your Business' The Global Cyber Alliance is one of 13 nonprofit organizations that have banded together to offer businesses security tips for their newly remote workforces.

Risk 167

Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak

Security Affairs

Crooks target Android users working from home due to the Coronavirus outbreak with a Trojanized version of the popular video messaging app Zoom.

Cloud 108

COVID-19 Crisis Triggers More HIPAA Policy Changes

Data Breach Today

Business Associates Cleared to Make 'Good Faith' Disclosures of PHI In the latest move to relax certain HIPAA requirements during the COVID-19 crisis, federal regulators Thursday paved the way for business associates to share protected health information for public health-related activities during the pandemic.

160
160

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online.

Australian Kids' Smartwatch Maker Hit By Same Bug Again

Data Breach Today

TicTocTrack Fixes Bug That Exposed Data, Allowed Tampering With Kids' Location An Australian company that sells a GPS tracking smartwatch for kids accidently exposed personal data a second time.

Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan

Security Affairs

An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan.

Vulnerability Researchers Focus on Zoom App's Security

Dark Reading

With videoconferencing's rise as an essential tool for remote work comes a downside: more security scrutiny, which has turned up a number of security weaknesses

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

DXC employees support Alzheimer Scotland

DXC

A team of DXC Technology employees based in Erskine, Scotland recently won an internal Charity Challenge award for their efforts to raise money and awareness for Alzheimer Scotland.

87

Reassuring Words and Good Intentions Don't Mean Good Security

Troy Hunt

How much can you trust the assertions made by an organisation regarding their security posture? I don't mean to question whether the statements are truthful or not, but rather whether they provide any actual assurance whatsoever.

Companies Are Failing to Deploy Key Solution for Email Security

Dark Reading

A single -- albeit complex-to-deploy -- technology could stop the most expensive form of fraud, experts say. Why aren't more companies adopting it

IT 84

Data Science Virtual Expert Panel Presented by AWS

Perficient Data & Analytics

Join us and our partner Amazon Web Services (AWS) for a virtual Q&A session on Wednesday, April 15.

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

A Hacker's Perspective on Securing VPNs As You Go Remote

Dark Reading

As organizations rush to equip and secure their newly remote workforce, it's important to keep things methodical and purposeful

IT 81

Zoom Removes Data-Mining LinkedIn Feature

Threatpost

The feature, criticized for "undisclosed data-mining," is only the latest privacy faux pas for Zoom this month. Privacy Vulnerabilities Web Security Data Mining Data security disabled LinkedIn linkedin feature navigator public response removes Security issues zoom zoom data zoom security

Mining 112

Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats

Dark Reading

Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks

Risk 76

A partnership for growth and innovation: IBM Informix and HCL

IBM Big Data Hub

Building on a history of collaboration, in April 2017, IBM and HCL entered into a 15-year partnership that merged the best of their shared knowledge and teaming experience to accelerate the product roadmap and innovation of IBM Informix

73

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Name That Toon: The Devil You Know?

Dark Reading

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card

76

Realizing the unimaginable in distance learning

Jamf on EdTech

With 48 hours notice, the faculty of the Sewanhaka Central High School District completely re-imagined education. They are teaching students from their living rooms. They are providing counseling sessions, and the essential services for special education and ELL students, entirely online.

Phishers Try 'Text Direction Deception' Technique to Bypass Email Filters

Dark Reading

With COVID-19 concerns running high, attackers are trying new tactics to get to users

74

44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig

Threatpost

Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.

Cloud 94

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Bad Bots Build Presence Across the Web

Dark Reading

Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation

71

Google Squashes High-Severity Flaws in Chrome Browser

Threatpost

Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days. Vulnerabilities Browser google Google Chrome google chrome 80.0.3987.162 high severity flaw media component patch vulnerability webAudio

89

New Magecart Skimmer Infects 19 Victim Websites

Dark Reading

MakeFrame, named for its ability to make iframes for skimming payment data, is attributed to Magecart Group 7

IT 69