Mon.Nov 12, 2018

Chinese Cyber Threat: NSA Confirms Attacks Have Escalated

Data Breach Today

Defending Forward' Is New Military Mantra for Defending Government Networks With cyber espionage attacks from China escalating over the past year, the NSA's Rob Joyce says the U.S.

Expert found a way to bypass Windows UAC by mocking trusted Directory

Security Affairs

David Wells, a security expert from Tenable, devised a method to bypass Windows’ User Account Control (UAC) by spoofing the execution path of a file in a trusted directory. .

Course 113

Lazarus 'FASTCash' Bank Hackers Wield AIX Trojan

Data Breach Today

Hackers Exploit Outdated Unix to Deploy Cash-Out Malware, Symantec Reports Hackers behind the FASTCash ATM cash-out attack campaign - tied by the U.S.

Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor

Security Affairs

The author of an IoT botnet is distributing a backdoor script for ZTE routers that also includes his own backdoor to hack script kiddies. A weaponized IoT exploit script is being used by script kiddies, making use of a vendor backdoor account to hack the ZTE routers.

IoT 112

Update: Breach Exposed Extensive Data

Data Breach Today

Data 139

Hiding Secret Messages in Fingerprints

Schneier on Security

This is a fun steganographic application : hiding a message in a fingerprint image. Can't see any real use for it, but that's okay. academicpapers encryption fingerprints steganography

IT 106

More Trending

A critical flaw in GDPR compliance plugin for WordPress exploited in the wild

Security Affairs

A critical security vulnerability affects a GDPR compliance plugin for WordPress has been already exploited in the wild to take control of vulnerable websites.

BA data breach: 565,000 customers may have been affected

IT Governance

In September, British Airways announced it had suffered a data breach that compromised the personal and financial data of more than 380,000 customers. However, the airline has since admitted that an extra 185,000 people may have been affected. Then and now.

Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks

Security Affairs

Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts to implement a new fraud scheme. Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts (i.e.

Subject Access Requests in Scotland: Do you know what data is held about you?

IT Governance

The impact of the GDPR (General Data Protection Regulation) in Scotland is greater than most realise. Not only does it affect the way organisations process personal data, but also extends data subjects rights in terms of how their data is processed.

Q&A: How certifying in-house IT staffers as cyber analysts, pen testers can boost SMB security

The Last Watchdog

A security-first mindset is beginning to seep into the ground floor of the IT departments of small and mid-sized companies across the land. Senior executives at these SMBs are finally acknowledging that a check-box approach to security isn’t enough, and that instilling a security mindset pervasively throughout their IT departments has become the ground stakes. Related: The ‘gamification’ of cybersecurity training.

Watch Those Cookies: Girl Scouts Compromised by Hacker

Adam Levin

The Girl Scouts of Orange County has sent out letters warning almost three thousand members that their personal information may have been compromised in a breach.

Reading the Android Ecosystem Security Transparency Report

Security Affairs

According to Android Ecosystem Security Transparency Report the number of potentially harmful applications has fallen from 0.66% in Lollipop to 0.06% in Pie.

When Tech Loves Its Fiercest Critics, Buyer Beware

John Battelle's Searchblog

Detail from the cover of Harari’s lastest work, 21 Lessons for the 21st Century. A year and a half ago I reviewed Yuval Noah Harari’s Homo Deus , recommending it to the entire industry with this subhead: “No one in tech is talking about Homo Deus. We most certainly should be.”

From data collection to data consumption

IBM Big Data Hub

Not every startup is going to become a world-changing behemoth, but when a small, agile company hits on a truly disruptive idea, it can transform an entire industry

The US Didn’t Sign the Paris Call for Trust and Security in Cyberspace

WIRED Threat Level

Corporations have taken the lead over nations on governing the internet: The initiative might not have counted the US as a signatory, but did include Microsoft, Facebook, Google, and others. Security

Building an artificial general intelligence begins by asking 'what is intelligence?'

Information Management Resources

Whatever the challenges of artificial general intelligence, the chances of us actually achieving it will be greatly improved if we have a better idea of just what we are trying to create. Artificial intelligence Machine learning Data strategy Data management

IT 95

The US Is the Only Country Where There Are More Guns Than People

WIRED Threat Level

The US has worst rate of gun violence among all developed countries, and still we fail to regulate. Security

Feel the need for speed?

OpenText Information Management

“I feel the need… the need for speed” is a famous quote from the 1986 film “Top Gun” about students at the U.S. Navy’s elite fighter-pilot school competing to be best in the class.

Judge Says “Alexa, Please Testify in a Double Murder Case”: eDiscovery Trends

eDiscovery Daily

The occurrence of Internet of Things (IoT) devices in criminal cases is becoming more and more frequent. Just last month , we covered a case where data from a Fitbit led to the arrest of a murder suspect (we covered another case like it last year as well).

IoT 62

Top tips for data retention under the GDPR

IT Governance

Under the GDPR (General Data Protection Regulation) an organisation must not keep data for longer than it is needed. Article 5(1)(e) of the GDPR states: “1.

Tips 61

NIST Announces Privacy Framework Effort

Privacy and Cybersecurity Law

On September 4, 2018, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced the start of a collaborative project to develop a voluntary privacy framework to help organizations manage privacy related risk.

U.S. Chip Cards Are Being Compromised in the Millions


A full 60 million U.S. cards were compromised in the past 12 months. While 93 percent of those were EMV chip-enabled, merchants continued to use mag stripes. Breach Malware cards compromised chip cards. emv Fraud gemini merchant compliance

France seeks Global Talks on Cyberspace security and a “code of good conduct”

Security Affairs

The French government announced a “Paris Call” for global talks about cyberspace security aimed at laying out a shared framework of rules. The French government is promoting a series of Global Talks on cyberspace security, it urges for a “code of good conduct” for states in the cyberspace. Events such as the interference in the 2016 Presidential election or massive attacks like WannaCry and NotPetya increase the sense of urgency among states.

2018 On Track to Be One of the Worst Ever for Data Breaches

Dark Reading

A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone

Experiences made easy in the cloud

OpenText Information Management

In today’s cloud-first market, it’s essential to have cloud strategies that empower marketing, line of business users, and developers.

7 Cool New Security Tools to be Revealed at Black Hat Europe

Dark Reading

Black Hat Europe's Arsenal lineup will include demonstrations of tools addressing everything from unsecured cloud buckets to unknown IoT devices

IoT 78

New Boom in Facial Recognition Tech Prompts Privacy Alarms


Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. Government Privacy Videos American Civil LIberties Union ASIS International biometric authentication biometric database facial ID facial recognition RealNetworks Robie.AI SureID

Tools 78

Business Identity Theft: Are You at Risk?

Armstrong Archives

Identity theft is nothing new, but it’s become a more compelling concern in the digital age. As hackers become savvier, they’re discovering that business identity theft can be far more lucrative than taking a consumer’s personal information.

Risk 52

Malware-Laced App Lurked on Google Play For a Year


Google Play’s policy prohibits apps or SDKs that download executable code, such as dex files or native code, from a source other than Google Play. Mobile Security Web Security adobe flash Android Android malware executable google google play malware Trojan

How fast is your internet connection?

IG Guru

Ever wonder if you are getting what you paid for? Check out Ookla’s speed test. There are other tests out there, but their utility has been around a while, and it is free. link]. The post How fast is your internet connection? appeared first on IG GURU.

IT 52

Insurance CFOs seek larger digital role

Information Management Resources

Leaders of the finance organizations want to be leaders in developing data and digital strategy, according to Accenture survey. Data strategy Real-time data Data science Analytics Machine learning Artificial intelligence Accenture

Veterans Find New Roles in Enterprise Cybersecurity

Dark Reading

Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap

The benefits and challenges automation brings to data security

Information Management Resources

As more vulnerabilities and threats plague today’s security professionals, many organizations are turning to automation as a necessary component in their cybersecurity programs. Automation Data security Cyber security