Thu.Apr 11, 2019

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0

MD Anderson Cancer Center Appeals $4.3 Million HIPAA Fine

Data Breach Today

Organization List Reasons Why It Believes Breach-Related Penalty Was Not Justified The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

Security Affairs

According to a joint report published by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks.

WikiLeaks' Julian Assange Arrested; US Seeks Extradition

Data Breach Today

Indictment Cites Alleged Involvement in Chelsea Manning Case WikiLeaks founder Julian Assange, who released hacked emails from Hillary Clinton's campaign and many other secret U.S. documents, was arrested in London Thursday, and now the U.S. is seeking his extradition

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Keeping Up with New Data Protection Regulations

erwin

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of.

Data 88

More Trending

TajMahal Spyware

Schneier on Security

Kaspersky has released details about a sophisticated nation-state spyware it calls TajMahal: The TajMahal framework's 80 modules, Shulmin says, comprise not only the typical keylogging and screengrabbing features of spyware, but also never-before-seen and obscure tricks.

Android Devices Can Now Be Used as a Security Key

Data Breach Today

New Google Feature Offers Advantages Over Its Titan Keys Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50

Breaking Down the Julian Assange Hacking Case

WIRED Threat Level

WikiLeaks founder Julian Assange has been arrested, and now faces extradition to the United States. But not for leaking classified information. Security Security / Security News

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy

Security Affairs

WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew asylum after seven years. Seven years ago, WikiLeaks founder Julian Assange took refuge in the embassy to avoid extradition to Sweden over a sexual assault case.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

The Last Watchdog

Digital transformation is all about high-velocity innovation. But velocity cuts two ways. Related: Obsolescence creeps into perimeter defenses. Yes, the rapid integration of digital technologies into all aspects of commerce has enabled wonderful new services. But it has also translated into an exponential expansion of the attack surface available to cyber criminals.

What corporate legal teams can learn from Deepwater Horizon

OpenText Information Management

I recently watched Deepwater Horizon, a dramatization of the tragic drilling rig explosion and subsequent oil spill in the Gulf of Mexico in April 2010. In the movie, Mark Wahlberg’s character commented that “Hope ain’t a tactic.”

New 'HOPLIGHT' Malware Appears in Latest North Korean Attacks, Say DHS, FBI

Dark Reading

The FBI and Department of Homeland Security release malware analysis report, indicators of compromise for nine different executable files

NEW TECH: Critical Start delivers managed security services with ‘radical transparency’

The Last Watchdog

It was in 2012 that CRITICAL START burst onto the Managed Security Service Provider (MSSP) scene with bold intentions. Related: How SMBs can leverage threat intelligence. The Plano, TX-based company sought to elevate the “MSSP” space high above the accepted standard at the time. It set out to do this by delivering security services based on Zero-Trust and that also provided radical transparency to its customers. CRITICAL START has since grown to 105 employees, serving hundreds of customers.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

VSDC video editing software website hacked again

Security Affairs

Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware.

Video 72

How To Make Your Amazon Echo and Google Home as Private as Possible

WIRED Threat Level

With news that Amazon lets human employees listen to Alexa recordings, you might want to tighten up your smart assistant ship. Security

Developing an industry, creating the experts

OpenText Information Management

It’s difficult to grasp today that, even in the mid 1990s, the legal industry struggled to understand how to properly prepare and present digital evidence in court. It took the emergence of digital information software like OpenText™ EnCase™ Forensic to begin to change everything.

4 companies with relentless customer focus

DXC Technology

We just returned from the Leading Edge Forum (LEF) Spring Study Tour in Seattle and San Francisco, where we met with leading companies who are rapidly evolving their businesses to meet the latest customer demands. Directed by a clear purpose, these organisations are seemingly able to evolve their business models, change their operating models, and […].

Study 63

Trump’s Homeland Security Purge Worries Cybersecurity Experts

WIRED Threat Level

A leadership void at DHS means the White House is calling the shots where it wants to, cybersecurity experts warn, and other agencies can muscle in where it won’t. Security Security / National Security

90% of critical infrastructure providers have fallen victim to a cyber attack since 2017

IT Governance

Critical infrastructure providers have been deluged by cyber attacks in the past two years, according to a Ponemon Institute study. Cybersecurity in Operational Technology: 7 Insights You Need to Know found that 90% of respondents from the UK, US, Germany, Australia, Mexico and Japan had been breached since 2017, with many organisations revealing they’d fallen victim to multiple attacks.

In Security, All Logs Are Not Created Equal

Dark Reading

Prioritizing key log sources goes a long way toward effective incident response

Amazon Auditors Listen to Echo Recordings, Report Says

Threatpost

Amazon is under fire for its privacy policies after a Bloomberg report revealed that the company hires auditors to listen to Echo recordings. IoT Privacy amazon Amazon Alexa amazon recording Data echo voice services

IT 85

Cloud computing leaves banks exposed to risks, EU regulators say

Information Management Resources

The finance industry’s dependence on a handful of large cloud computing companies to store key data is an emerging threat to financial stability, three top regulators say. Cloud computing Data security Fintech

Cloud 81

WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited

Threatpost

A vulnerability in the Yuzo Related Posts WordPress plugin, used by 60,000 websites, is being exploited in the wild. Vulnerabilities Web Security cross site scripting attack Exploit vulnerability wordpress Wordpress plugin Yuzo Related Posts zeroday

Sysmex Europe transforms purchase-to-pay processes with OpenText

OpenText Information Management

Sysmex Europe GmbH, a subsidiary of the Sysmex Corporation, is among Europe’s top laboratory diagnostics and healthcare companies and the global leader for hematology diagnostics and service.

Blog 56

When Your Sandbox Fails

Dark Reading

The sandbox is an important piece of the security stack, but an organization's entire strategy shouldn't rely on its ability to detect every threat. Here's why

European Commission Releases Study on GDPR Data Protection Certification Mechanisms

Hunton Privacy

The European Commission (the “Commission”) has released a long-awaited study on GDPR data protection certification mechanisms (the “Study”). As we previously reported , the Commission announced its intention to look into GDPR certifications in January of 2018. The GDPR empowers the Commission to adopt delegated and implementing acts regarding certifications to specify the requirements and lay down technical standards for certification mechanisms.

Study 79

Tax Hacks: How Seasonal Scams Cause Yearlong Problems

Dark Reading

Tax season is marked with malware campaigns, tax fraud, and identity theft, with money and data flowing through an underground economy

Data 79

Why humans still hold the advantage in decision automation

Information Management Resources

While machines can and will magnify our thinking and apply it to data faster and more accurately than we can without assistance, they still can’t think for us. Advantage: human. Automation Data strategy Data management Artificial intelligence

IT 78

Finance sector must simplify staff awareness training

IT Governance

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). In a report published last month , the FCA urged organisations to tackle staff awareness training at all levels, and to ensure the lessons are simple and appropriate to the environment that employees work in.

The 5 cloud skillsets that will best serve tech workers in 2019

Information Management Resources

Earlier this year, IT consulting and talent services firm Akraya Inc. compiled a list of the most in-demand cloud skills for 2019. Cloud computing Software professionals Career advancement

Cloud 76

'Dragonblood' Vulnerabilities Seep Into WPA3 Secure Wifi Handshake

Dark Reading

A new set of vulnerabilities may put some early adopters of strong Wifi security at greater security risk

Risk 74