Tue.Aug 13, 2019

Report: SEC Investigates First American Data Exposure

Data Breach Today

Title and Settlement Company Exposed Hundreds of Millions of Data Records The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to Brian Krebs. First American spent $1.7

Data 197

Patch Tuesday, August 2019 Edition

Krebs on Security

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out.

Tips 175

Elon Musk Wants to Hack Your Brain

Data Breach Today

Neuralink Pursues a Brain-Computer Interface; What Could Go Wrong?

Cloud migration a longer, harder journey than most organizations expect

Information Management Resources

Accenture's Siki Giunta discusses the results of a new study on cloud migration efforts, and why so many organizations say they are disappointed with the results

Study 160

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

SQLite Vulnerability Permits iOS Hack: Report

Data Breach Today

More Trending

Health Data Breaches Involving Unencrypted Devices Reported

Data Breach Today

7 trends impacting commercial and industrial IoT data

Information Management Resources

Here's a look at seven top trends that are driving this space, from compute size, to the value of true edge computing, to closed-loop edge to cloud machine learning

IoT 112

Flaws in 4G Routers of various vendors put millions of users at risk

Security Affairs

Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices. G Richter, a security researcher at Pen Test Partners discovered multiple vulnerabilities 4G routers manufactured by different vendors.

Risk 109

Exploiting GDPR to Get Private Information

Schneier on Security

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018.

GDPR 103

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Google hacker discloses 20-year-old Windows flaw still unpatched

Security Affairs

Tavis Ormandy, white hat hacker at Google’s Project Zero Team, disclosed technical details of a 20-year-old Windows vulnerability that is still unpatched.

Can Information Management Policies Be Both Clear and Concise?

ARMA International

Most information management (IM) professionals would agree that well-written policies are clear and concise.

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security Affairs

Security experts analyzed a new interesting Android banking Trojan, dubbed Cerberus, that is offered for rent by its author.

Payments and Security: Putting security where your money is

Thales eSecurity

Originally published in Payments Journal on July 31, 2019.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

How a 'NULL' License Plate Landed One Hacker in Ticket Hell

WIRED Threat Level

Security researcher Joseph Tartaro thought NULL would make a fun license plate. He's never been more wrong. Security Security / Security News

Adobe Patch Tuesday for August 2019 fixed 119 flaws in 8 products

Security Affairs

Adobe Patch Tuesday security updates for August 2019 addressed a total of 119 vulnerabilities affecting multiple products.

Cloud 76

Why Healthcare is Moving to Cloud: Data Security

Perficient Data & Analytics

The following is the first blog in a series about why healthcare organizations are moving to cloud. Gone are the days of healthcare organizations wondering if they need to utilize the cloud. They must now decide how to best utilize it.

Cloud 70

British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data

Threatpost

A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption

Data 100

DejaBlue: New BlueKeep-Style Bugs Mean You Need to Update Windows Now

WIRED Threat Level

Vulnerabilities in Microsoft's Remote Desktop Protocol continue to plague the web. Security Security / Security News

Monzo bank tells customers to change their PINs after security

IT Governance

The digital bank Monzo has told 480,000 customers to change their PINs after it discovered an error that allowed unauthorised staff to view sensitive information. Monzo said that it normally stored PINs in a “particularly secure” part of its systems that only select employees can access.

Apple's New Bounty Program Has Huge Incentives, Big Risks

Dark Reading

Industry observers applaud the program's ability to find exploits but fear unintended consequences

How to manage content chaos

OpenText Information Management

ILTACON has been a staple for legal and IT professionals for over 40 years, and this year’s conference promises not to disappoint. The agenda is packed with sessions on collaboration, technological advancements and tangible takeaways that address the challenges law firms and corporate legal clients face on a daily basis. Spend less time searching for … The post How to manage content chaos appeared first on OpenText Blogs.

Moving on Up: Ready for Your Apps to Live in the Cloud?

Dark Reading

Among the complications: traditional security tools work poorly or not at all in the cloud, and if a company screws up, the whole Internet will know

Tools 85

Toolbox: After a Conference

Adam Shostack

Blackhat, Defcon, I didn’t make any of the other conferences going on in Vegas. And coming back it seems like there’s a sea of things to follow up on. A little bit of organization is helping me manage better this year, and so I thought I’d share what’s in my post-conference toolbox.

History Doesn't Repeat Itself in Cyberspace

Dark Reading

The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape

Electronics For Imaging Appoints Jeff Jacobson as Chief Executive Officer

Document Imaging Report

FREMONT, California — August 13, 2019 — Electronics For Imaging, Inc. (“EFI” EFI” or the “Company”) today announced the appointment of Jeff Jacobson, a 30-year veteran of the digital imaging and industrial technology sector, as Chief Executive Officer, effective immediately.

700K Guest Records Stolen in Choice Hotels Breach

Dark Reading

Cybercriminals reportedly stole the information from an exposed MongoDB database on a third-party server

81

Cerberus Enters the Android Malware Rental Scene

Threatpost

The mobile banking trojan has a few unusual features and bears watching, researchers said. Malware Mobile Security Android banking trojan cerberus malware as a service mobile malware rental

Microsoft Patches Wormable RCE Vulns in Remote Desktop Services

Dark Reading

Similar to the now-patched 'BlueKeep' vulnerability, two flaws fixed today could let malware spread across vulnerable computers

78

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List

Threatpost

The flaws allow remote code-execution without user interaction or authentication, and are highly exploitable. Mobile Security Vulnerabilities Web Security august patch tuesday bluekeep critical vulnerabilities Microsoft remote code execution remote desktop services

Record Abandonment – Identify RIM Provider Alternatives? – by PRISM International

IG Guru

Who pays the bill when the company declares bankruptcy? When a practitioner retires and/or meets an untimely death–who pays the RIM service invoice? What about the outstanding invoices when a practitioner closes a “single practitioner” office and joins a large consortium practice or medical school?

2019 Pwnie Award Winners (And Those Who Wish They Weren't)

Dark Reading

This year's round-up includes awards into two new categories: most under-hyped research and epic achievement

74