Fri.Sep 06, 2019

Report: S. Korean Company's Database Leaking Business Data

Data Breach Today

Industrial Supplier DK-Lok's Unsecured Database Accesible Via Internet, Researchers Say Independent security researchers have found yet another unsecured database accessible via the internet. This time, the exposed data belongs to South Korean manufacturing company DK-Lok

MY TAKE: How advanced automation of threat intel sharing has quickened incident response

The Last Watchdog

Threat intelligence sharing is such a simple concept that holds so much promise for stopping threat actors in their tracks. So why hasn’t it made more of an impact stopping network breaches?

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Alleged Capital One Hacker Pleads Not Guilty

Data Breach Today

Paige Thompson's Trial Date Tentatively Set for November Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov.

Access 222

CVE-2019-15846 Exim mail server flaw allows Remote Code Execution

Security Affairs

A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges.

Access 100

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Texas Ransomware Responders Urge Remote Access Lockdown

Data Breach Today

Lessons Learned From Crypto-Locking Malware Attack That Hit 22 Municipalities Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration.

Access 216

More Trending

Chinese APT Group Began Targeting SSL VPN Flaws in July

Data Breach Today

Pulse Secure and Fortinet Released Critical Fixes Months Ago, But Patching Lags A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn.

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.”

Medical Device Cybersecurity: 3 Alerts Issued

Data Breach Today

CERT, a Unit of CISA, Warns of Vulnerabilities That Need Mitigation Federal regulators have recently issued three advisories on cybersecurity vulnerabilities identified in medical devices.

PHP new versions fix multiple code execution issues

Security Affairs

Maintainers at the PHP programming language have released new versions that address multiple flaws, including some code execution issues.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

EMV 3D Secure: Upcoming Milestones

Data Breach Today

Fiserv's Jackie Hersch on Compliance, Improving Fraud Defenses The EMV 3D Secure specification faces some milestone dates in Europe and the U.S. What are these milestones, and how does the standard fit into fundamental fraud defenses? Jackie Hersch of Fiserv shares insight

Apple Finally Breaks Its Silence on iOS Hacking Campaign

WIRED Threat Level

In its first public statement since Google revealed a sophisticated attack against iOS devices, Apple defended its security measures. Security Security / Security News

IT 91

SecOps Is Broken. What Can We Do About It?

Data Breach Today

Learn how your enterprise security team can step up to the challenge of increasing daily attacks. Learn how your enterprise security team can step up to the challenge of increasing daily attacks

IT 180

Friday Squid Blogging: Squid Perfume

Schneier on Security

It's not perfume for squids. Nor is it perfume made from squids. It's a perfume called Squid , "inspired by life in the sea.". As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here. squid

IT 85

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Facial Recognition Use in UK Continues to Stir Controversy

Data Breach Today

180
180

Back-to-School Scams Target Students with Library-Themed Emails

Threatpost

Students should keep their eyes peeled for phishing emails purporting to be from their colleges, as well as online student resources laced with malware, researchers warn.

The Costs and Risks of Account Takeover

Data Breach Today

What Can be Done About ATO Attacks? Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO

Risk 180

8 Ways To Spot an Insider Threat

Dark Reading

The good news is most insider threats derive from negligence, not malicious intent. The bad news is the frequency of negligence is already ahead of where it was in 2018

IT 104

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Deception Technology in the Cloud Era

Data Breach Today

Don Gray of PacketViper Describes Evolution of the Technology Deception technology is evolving to help address cloud-based cyberthreats, says Don Gray of PacketViper, who describes the latest changes

Cloud 180

Taming the data tsunami

OpenText Information Management

The industrial Internet of Things (IIoT) is about to transform everything for manufacturers. From smart factories to autonomous supply chains to new product development and innovation, the vast amount of data from connected sensors can deliver a level of insight not possible before.

Expansion of DHS Continuous Diagnostics Program Considered

Data Breach Today

Intelligent Resilience

Perficient Data & Analytics

The Resilience of your Intelligence. Regardless of what department or area you work in it is critical that your company is set up to handle storms and disasters that may come.

Cloud 70

Arizona School District Cancels Classes Due to Ransomware

Data Breach Today

Lack of Internet Access Could Jeopardize School Security, Official Says Schools in Flagstaff, Arizona., were closed on Thursday after ransomware appeared on the district's network. Friday's classes were called off while the recovery effort continued

Accelerating unstructured data compliance with a new approach: sampling

IBM Big Data Hub

The initial goal of sampling is to assess where the highest compliance risk areas are within your enterprise. Read blog to learn how IBM StoredIQ InstaScan accelerates this

Analysis: Report on China Attacking Mobile Devices

Data Breach Today

This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance

News Wrap: Deepfake CEO Voice Scam, Facebook Phone Data Exposed

Threatpost

From deepfake to data exposures, the Threatpost team talks about the top security trends driving this week's biggest news stories. Facebook Podcasts Privacy Biometrics data breach data exposure deepfake facial recognition leaky dataset Microsoft Patch management podcast tag suggestions

Introducing Continuous Password Protection for Active Directory

Data Breach Today

The Industry's 1st Active Directory Plugin That Helps Organizations Prevent Use of Compromised Passwords According to NIST 800-63b Guidelines With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account

ThreatList: Police Use of Facial Recognition is Just Fine, Say Most Americans

Threatpost

A survey by Pew Research Center finds that Americans support use of facial recognition by law enforcement , but not by tech or advertising companies.

What is Supply Chain Optimization?

OpenText Information Management

According to APICS, responding to customer mandates for faster, more accurate and unique fulfilment is a top business priority for supply chain managers.

Will Google Play Fair in the ‘Privacy Sandbox?’

ARMA International

On August 22, Justin Schuh, a director on Google’s Chrome Engineering team, introduced the company’s plans for a “privacy sandbox,” a colorful title for its initiative that purports to strengthen web privacy. The news appeared on Google’s blog in an article titled “Building a more private web.”.

Overcoming the five most common data analytics challenges

Information Management Resources

To optimize your business, you must accumulate and analyze the data and feedback you’ve been getting from all aspects of your business. Here are solutions to top challenges. Analytics Chief Analytics Officer Data management