Mon.Nov 05, 2018

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Data Breach Today

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack.

GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data?

The Last Watchdog

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules. From smart phones, to smart TVs, location services, and speech capabilities, often times user data is stored without your knowledge.

Access 129

Georgia Election Further Complicated By Hacking Accusation

Data Breach Today

Secretary of State - and Republican Candidate - Probes State's Democratic Party Georgia's Republican gubernatorial candidate has accused the state's Democratic Party of attempting to hack the state's voter registration database. The accusation, from Brian S.

Here's Why [Insert Thing Here] Is Not a Password Killer

Troy Hunt

These days, I get a lot of messages from people on security related things. Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture.

Breach Settlement Has Unusual Penalty

Data Breach Today

Groups 152

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems.

IoT 106

Eye Clinic Sees Quick Recovery from Ransomware Attack

Data Breach Today

Despite Fast Rebound, Entity Still Reporting Data Breach An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom.

More Trending

How IAM is Evolving in the Blockchain Era

Data Breach Today

Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project, to an ongoing initiative

FIFA Hacked Again

Adam Levin

The international soccer league FIFA announced it had been hacked earlier this year and is bracing itself for a potential data breach. This latest cyber incident marks the second major successful hack on the organization, the first reported in 2017.

High severity XML external entity flaw affects Sauter building automation product

Security Affairs

A security researcher has found a serious vulnerability in a building automation product from Sauter AG that could be exploited to steal files from an affected system.

Risk 87

Your 3-step checklist for creating a business continuity plan

IT Governance

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process.

Risk 86

New attack by Anonymous Italy: personal data from ministries and police have been released online

Security Affairs

New attack by Anonymous Italy: personal data from ministries and police have been released online. The site of Fratelli d’Italia, a post-fascist party, has been defaced. The iconoclastic fury of Italian Anonymous does not stop. As announced, the three groups that coordinate the operation “Black Week” have released also today new data from their raids on online sites and databases.

Your 3-step checklist for creating a business continuity plan

IT Governance

When you begin your BCP (business continuity plan) project, it’s a good idea to produce a checklist of tasks. This helps you stay on top of your progress during what will almost certainly be a long process.

Risk 86

Troy Hunt on Passwords

Schneier on Security

Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren't going anywhere in the foreseeable future and why [insert thing here] isn't going to kill them.

It's End of Life for ASafaWeb

Troy Hunt

A lot has changed in the Microsoft technology world in the last 7 years since I launched ASafaWeb in September 2011. Windows XP is no longer the dominant operating system ( Win 7 actually caught up the month I launched ASafaWeb ).

IT 82

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Security Affairs

Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies. The alleged hack of the communications network used by CIA agents allowed Iranian intelligence to identify and kill at least 30 spies. According to Yahoo ! News the security breach has happened in 2009, the Iranian intelligence infiltrated a series of websites used by the CIA to communicate with agents worldwide, including Iran and China.

How to build your future success and lift everyone up

OpenText Information Management

When we’re young, we’re often told that we can be anything we want to be. We’re told that if we work hard enough, we have the power and ability to achieve our dreams — whatever they might be. We start out with such youthful optimism and believe that the world is in our grasp.

Flaw in Icecast streaming media server allows to take off online Radio Stations

Security Affairs

Icecast streaming media server is affected by a flaw that could be exploited by an attacker to take off the broadcast of online radio stations.

Lazy Ad Buying Is Killing The Open Web.

John Battelle's Searchblog

But…I just *bought* a robe. I don’t want another one. If you’re read my rants for long enough, you know I’m fond of programmatic advertising. I’ve called it the most important artifact in human history , replacing the Macintosh as the most significant tool ever created.

Trump’s ‘Racist’ Midterms Ad Backs Facebook Into a Corner

WIRED Threat Level

Facebook took down Donald Trump’s ad for violating its policies, but you can still watch the video on his profile. Security

Video 59

How the right adoption team members can drive digital transformation success

Information Management Resources

Assembling the right people for this team can push a project well along the track. Picking the wrong people, or neglecting to create an adoption team at all, can doom the project before it gets out of the gate. Data strategy Data management Data Migration

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g.,

IoT 56

Humans of OpenText: Angelo Mesina

OpenText Information Management

Meet Angelo, an OpenText™ colleague from Makati City, Philippines. In this post, Angelo gives us a glimpse into one of his favorite hobbies: boxing! Where did your love of boxing come from? It started with my dad watching Mike Tyson’s fights when I was a kid.

7 Non-Computer Hacks That Should Never Happen

Dark Reading

From paper to IoT, security researchers offer tips for protecting common attack surfaces that you're probably overlooking

Tips 81

New Ohio Law Creates Safe Harbor for Certain Breach-Related Claims

Hunton Privacy

Effective November 2, 2018, a new Ohio breach law will provide covered entities a legal safe harbor for certain data breach-related claims brought in an Ohio court or under Ohio law if, at the time of the breach, the entity maintains and complies with a cybersecurity program that (1) contains administrative, technical and physical safeguards for the protection of personal information, and (2) reasonably conforms to one of the “industry-recognized” cybersecurity frameworks enumerated in the law.

After the Breach: Tracing the 'Smoking Gun'

Dark Reading

Systems, technology, and threats change, and your response plan should, too. Here are three steps to turn your post-breach assessment into a set of workable best practices

74

Strengthening Privacy Rights with Privacy Enhancing Technologies

AIIM

Facebook gets maximum fine for the catastrophic Cambridge Analytica data breach

IG Guru

Facebook has been fined £500,000 ($645,000) by the UK’s Information Commissioner’s Office for the Cambridge Analytica data breach.

7 key metrics for measuring the performance of AI-enabled chatbots

Information Management Resources

While it may seem quite difficult to determine the performance of a bot, the following seven metrics will help determine their success. Hardware and software Artificial intelligence Machine learning

IT 73

Smart City Security Testing: Research -> Tooling -> Methodology -> Go!

Dark Reading

The idea and concept of Smart Cities is certainly gaining traction. Cities around the world are already investing in trials, testbeds and in many cases operational system deployments such as smart energy, smart lighting, smart parking; the list goes on

Tools 73

AI and automation aren’t quick wins — Invest anyway

Information Management Resources

Organizations that succeed with these technologies make numerous investments in prerequisites, which Forrester encapsulates in a model called RQ, the robotics quotient. Automation Artificial intelligence Machine learning Robotics

Energy Sector's IT Networks in the Bulls-Eye

Dark Reading

Attackers are actively infiltrating energy organizations and utilities for reconnaissance purposes

Revelwood helps marketers hit the bullseye with cloud-based data science

IBM Big Data Hub

Machine learning has the potential to make the lives of marketers easier, but few marketing teams currently have the in-house data science skills they need to take advantage of it

Can I Vote Online? Your Voting Questions, Answered

WIRED Threat Level

The Know-It-Alls: Our in-house experts answer questions about your interactions with technology. Security

IT 49

Symantec Acquires Appthority And Javelin Networks

Dark Reading

Both buys bolster the cybersecurity company's endpoint security business

Passwords: Here to Stay, Despite Smart Alternatives?

Threatpost

"Password-killing" authentication efforts may be on a road to nowhere. Breach Cloud Security Cryptography IoT Privacy Web Security alternatives Authentication Biometrics fido Password password killer passwords in use Troy Hunt webauthn

Court Orders Defendants to Sample Disputed Documents to Help Settle Dispute: eDiscovery Case Law

eDiscovery Daily

In Updateme Inc. Axel Springer SE, No. 17-cv-05054-SI (LB) (N.D.