Wed.Aug 21, 2019

Forced Password Reset? Check Your Assumptions

Krebs on Security

Texas Says 22 Local Government Agencies Hit by Ransomware

Data Breach Today

Single Threat Actor' Suspected; Government Coalition Urges Greater Prevention Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: Here’s how ‘bulletproof proxies’ help criminals put compromised IoT devices to work

The Last Watchdog

Between Q1 2019 and Q2 2019, malicious communications emanating from residential IP addresses in the U.S. namely smart refrigerators, garage doors, home routers and the like – nearly quadrupled for the retail and financial services sectors. Related: How botnets gave Trump 6 million faked followers To put it plainly, this represented a spike in cyber attacks bouncing through ordinary Internet-connected devices humming away in homes across America.

IoT 124

Fake VPN Website Delivers Banking Trojan

Data Breach Today

Reseachers Discover Attackers Cloned NordVPN Site Researchers at the security firm Doctor Web have uncovered a fake website for a VPN provider that's designed to spread a Trojan that can steal credentials to bank accounts

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Romania is going to exclude Huawei from its 5G Network

Security Affairs

Romania will ban Chinese giant Huawei from its 5G network, reads a joint statement signed by the Romanian and US presidents. Romania could be the last state in order of time to ban Chinese giant Huawei from its 5G network, reads a joint statement signed by the Romanian and US presidents.

IT 114

More Trending

Thousands credit card numbers of MoviePass customers were exposed online

Security Affairs

A security expert discovered that the popular movie ticket subscription service MoviePass has exposed thousands of customer card numbers and personal credit cards.

Is Apple's Top $1 Million Bug Bounty Too Much?

Data Breach Today

Why One Bug-Hunting Expert Says Big Bounties May Actually Undermine Security Programs Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes.

Google Finds 20-Year-Old Microsoft Windows Vulnerability

Schneier on Security

There's no indication that this vulnerability was ever used in the wild, but the code it was discovered in -- Microsoft's Text Services Framework -- has been around since Windows XP. google microsoft vulnerabilities windows

IT 103

Embrace Full-Scale Cloud Adoption with a Comprehensive Cloud Data Management Strategy

Data Breach Today

Like many risk-averse organizations, state and local governments are missing out on the benefits of full-scale cloud adoption because they are paralyzed by the complexities associated with trusting their data to a third party. It's no surprise that government agencies have concerns about storing citizen data in the cloud, considering a total of 4.5 billion records were compromised in the first half of 2018 alone

Cloud 138

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

DoS attacks against most used default Tor bridges could be very cheap

Security Affairs

Researchers explained that carrying out attacks against the most used default Tor bridges would cost threat actors $17,000 per month. According to security researchers Rob Jansen from the U.S.

Paper 98

7 steps to highly effective GDPR compliance

IT Governance

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise.


China-linked APT41 group targets US-Based Research University

Security Affairs

Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based based research university. Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based based research university.

Backdoor Found in Utility for Linux, Unix Servers


Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code. Black Hat Hacks Vulnerabilities Web Security centos CVE-2019-15107 DEF CON Linux Unix Webmin

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas.

Researcher Discloses Second Steam Zero-Day After Valve Bug Bounty Ban


After Valve banned him from its bug bounty program, a researcher has found a second zero-day vulnerability affecting the Steam gaming client. Vulnerabilities disclosure Exploit gaming client Steam Valve vulnerability Vulnerability Disclosure zero day

IT 114

State-Sponsored Cyberattacks Target Medical Research

Dark Reading

Cancer research is a particular target among Chinese espionage groups, says security firm FireEye

Adult Content Site Exposed Personal Data of 1M Users


The personal email addresses - some indicating user names or government official status - of more than a million pornography website users were exposed. Privacy Web Security adult website security data leak database elasticsearch database exposed data luscious vulnerability

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Harnessing structured and unstructured data for digital transformation

Information Management Resources

As executives look to evolve, the common thread amongst these objectives is the critical importance of analyzing data – both structured and unstructured – to attaining lasting success

The Texas Ransomware Attacks: A Gamechanger for Cybercriminals


Security researchers worry that this weekend's coordinated attacks on more than 20 Texas governments mark a change in how ransomware attacks will be launched in the future. Malware Podcasts cyberattack malware ransom ransomware state and government ransomware Texas government ransomware

Firefox and Chrome Fight Back Against Kazakhstan's Spying

WIRED Threat Level

The Central Asian country’s government has repeatedly threatened to monitor its citizens’ internet activities. Google and Mozilla aren’t having it. Security Security / Privacy

Cisco Patches Six Critical Bugs in UCS Gear and Switches


Six bugs found in Cisco’s Unified Computing System gear and its 220 Series Smart switches can allow unauthenticated remote hackers to take over equipment.

IT 106

How Your Company Can Prevent a Cyberattack

Adam Levin

Capital One’s announcement of a hack that affected more than 100 million people should have you asking not what, but who’s in your wallet. The company estimated a year-one expense ranging from $100-$150 million. Equifax settled recently on a penalty of more than $700 million.

3 skills a data scientist needs to set them apart from the competition

Information Management Resources

In order to be a great data scientist and to land the job you want, you have to think about what your employer is looking for


How to avoid the security mistakes that cost an estate agency £80,000 in fines

IT Governance

Last month, Life at Parliament View was fined £80,000 by the ICO (Information Commissioner’s Office) after security errors exposed 18,610 customers’ personal data for almost two years.

How to Avoid Technical Debt in Open Source Projects

Dark Reading

Engineering teams have only a certain amount of capacity. Cutting down the volume of rework inherent in the open source business model begins with three best practices


Tips for Choosing the Right Records Management Service

Armstrong Archives

Quality records management is a necessity for many business owners, and it can be difficult to know which vendors are the right fit for your business. It is important to understand that not all records management services are the same.

Ransomware Hits Fortnite Players

Dark Reading

Ransomware masquerading as game "cheats" is hitting Fortnite players. Fortunately, there are ways to recover without paying a ransom

2019-2020 Records Management Section Steering Committee

The Schedule

Jessika Drmacich is our new Vice Chair/Chair-Elect. Jessika is Williams College’s Records Manager and Digital Resources Archivist. This is her fourth year serving on the records management steering committee.

7 Big Factors Putting Small Businesses At Risk

Dark Reading

Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind

Risk 81

Key Takeaways from ForAllSecure’s, “Achieving Development Speed and Code Quality with Behavior Testing” Webinar


Security and speed are often perceived to be mutually exclusive, repelling away from each other like identical poles of a magnet. Dr. David Brumley, CEO of ForAllSecure and professor at CMU, posits that they don’t have to be.