Mon.Nov 05, 2018

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Data Breach Today

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack.

GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data?

The Last Watchdog

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules. From smart phones, to smart TVs, location services, and speech capabilities, often times user data is stored without your knowledge.

Sales 144

Georgia Election Further Complicated By Hacking Accusation

Data Breach Today

Secretary of State - and Republican Candidate - Probes State's Democratic Party Georgia's Republican gubernatorial candidate has accused the state's Democratic Party of attempting to hack the state's voter registration database. The accusation, from Brian S.

FIFA Hacked Again

Adam Levin

The international soccer league FIFA announced it had been hacked earlier this year and is bracing itself for a potential data breach. This latest cyber incident marks the second major successful hack on the organization, the first reported in 2017.

Breach Settlement Has Unusual Penalty

Data Breach Today

Groups 148

Troy Hunt on Passwords

Schneier on Security

Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren't going anywhere in the foreseeable future and why [insert thing here] isn't going to kill them.

More Trending

Your 3-step checklist for creating a business continuity plan

IT Governance

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process.

Risk 80

How IAM is Evolving in the Blockchain Era

Data Breach Today

Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project, to an ongoing initiative

Your 3-step checklist for creating a business continuity plan

IT Governance

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process.

Risk 80

Here's Why [Insert Thing Here] Is Not a Password Killer

Troy Hunt

These days, I get a lot of messages from people on security related things. Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture.

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems.

IoT 104

How to build your future success and lift everyone up

OpenText Information Management

When we’re young, we’re often told that we can be anything we want to be. We’re told that if we work hard enough, we have the power and ability to achieve our dreams — whatever they might be. We start out with such youthful optimism and believe that the world is in our grasp.

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

USB removable storage devices are the main vector for malware attacks against industrial facilities, states Honeywell report. According to a report published on by Honeywell, malware-based attacks against industrial facilities mostly leverage USB removable storage devices.

Lazy Ad Buying Is Killing The Open Web.

John Battelle's Searchblog

But…I just *bought* a robe. I don’t want another one. If you’re read my rants for long enough, you know I’m fond of programmatic advertising. I’ve called it the most important artifact in human history , replacing the Macintosh as the most significant tool ever created.

How the right adoption team members can drive digital transformation success

Information Management Resources

Assembling the right people for this team can push a project well along the track. Picking the wrong people, or neglecting to create an adoption team at all, can doom the project before it gets out of the gate. Data strategy Data management Data Migration

New attack by Anonymous Italy: personal data from ministries and police have been released online

Security Affairs

New attack by Anonymous Italy: personal data from ministries and police have been released online. The site of Fratelli d’Italia, a post-fascist party, has been defaced. The iconoclastic fury of Italian Anonymous does not stop. As announced, the three groups that coordinate the operation “Black Week” have released also today new data from their raids on online sites and databases.

Trump’s ‘Racist’ Midterms Ad Backs Facebook Into a Corner

WIRED Threat Level

Facebook took down Donald Trump’s ad for violating its policies, but you can still watch the video on his profile. Security

Video 57

High severity XML external entity flaw affects Sauter building automation product

Security Affairs

A security researcher has found a serious vulnerability in a building automation product from Sauter AG that could be exploited to steal files from an affected system.

Risk 82

It's End of Life for ASafaWeb

Troy Hunt

A lot has changed in the Microsoft technology world in the last 7 years since I launched ASafaWeb in September 2011. Windows XP is no longer the dominant operating system ( Win 7 actually caught up the month I launched ASafaWeb ).

IT 81

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g.,

IoT 56

Humans of OpenText: Angelo Mesina

OpenText Information Management

Meet Angelo, an OpenText™ colleague from Makati City, Philippines. In this post, Angelo gives us a glimpse into one of his favorite hobbies: boxing! Where did your love of boxing come from? It started with my dad watching Mike Tyson’s fights when I was a kid.

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Data Matters

Rapid advances in automation have the potential to disrupt a number of sectors, perhaps none more so than the automobile industry. The U.S. Department of Transportation (DOT) has accordingly announced its intention to take “active steps to prepare for the future by engaging with new technologies to ensure safety without hampering innovation.”

7 key metrics for measuring the performance of AI-enabled chatbots

Information Management Resources

While it may seem quite difficult to determine the performance of a bot, the following seven metrics will help determine their success. Hardware and software Artificial intelligence Machine learning

IT 78

7 Non-Computer Hacks That Should Never Happen

Dark Reading

From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking

Tips 75

AI and automation aren’t quick wins — Invest anyway

Information Management Resources

Organizations that succeed with these technologies make numerous investments in prerequisites, which Forrester encapsulates in a model called RQ, the robotics quotient. Automation Artificial intelligence Machine learning Robotics

Strengthening Privacy Rights with Privacy Enhancing Technologies

AIIM

Facebook gets maximum fine for the catastrophic Cambridge Analytica data breach

IG Guru

Facebook has been fined £500,000 ($645,000) by the UK’s Information Commissioner’s Office for the Cambridge Analytica data breach.

Passwords: Here to Stay, Despite Smart Alternatives?

Threatpost

"Password-killing" authentication efforts may be on a road to nowhere. Breach Cloud Security Cryptography IoT Privacy Web Security alternatives Authentication Biometrics fido Password password killer passwords in use Troy Hunt webauthn

Flaw in Icecast streaming media server allows to take off online Radio Stations

Security Affairs

Icecast streaming media server is affected by a flaw that could be exploited by an attacker to take off the broadcast of online radio stations.

Online Radio Stations at Risk from Icecast Flaw

Threatpost

A buffer overflow bug could silence online stations. Vulnerabilities Web Security Buffer Overflow CVE-2018-18820 icecast online radio station streaming platform vulnerability

Risk 71

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Security Affairs

Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies. The alleged hack of the communications network used by CIA agents allowed Iranian intelligence to identify and kill at least 30 spies. According to Yahoo ! News the security breach has happened in 2009, the Iranian intelligence infiltrated a series of websites used by the CIA to communicate with agents worldwide, including Iran and China.

Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections

Threatpost

Concerns over midterm election tampering reach a boiling point in the days leading up to actual voting. Breach Critical Infrastructure Government Hacks Newsmaker Interviews Privacy midterm elections U.S. elections

After the Breach: Tracing the 'Smoking Gun'

Dark Reading

Systems, technology, and threats change, and your response plan should, too. Here are three steps to turn your post-breach assessment into a set of workable best practices

70

Can I Vote Online? Your Voting Questions, Answered

WIRED Threat Level

The Know-It-Alls: Our in-house experts answer questions about your interactions with technology. Security

IT 48