Thu.Jan 09, 2020

Router Cryptojacking Campaigns Disrupted

Data Breach Today

20,000 Hacked MikroTik Routers in Southeast Asia Were Malware-Infected Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation.

Mining 205

Senators Prod FCC to Act on SIM Swapping

Krebs on Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Congressmen Call for Enhanced Financial Sector Security

Data Breach Today

Nine Federal Agencies Asked to Take Action in Light of Iranian Threats Two Democratic Congressmen have sent letters to nine federal financial regulatory agencies asking that they take action to shore up cyber defenses in the sector because of looming security threats from Iran

Iranian Hackers Have Been ‘Password-Spraying’ the US Grid

WIRED Threat Level

A state-sponsored group called Magnallium has been probing American electric utilities for the past year. Security Security / National Security

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

TikTok App Had Major Security Vulnerabilities

Data Breach Today

Now Fixed, Check Point Says Flaws Could Have Led to Account Takeover The security company Check Point has revealed several vulnerabilities in TikTok, the popular Chinese video app that has raised concerns lately from the U.S. military and lawmakers.

More Trending

Eliminate the Password, Eliminate the Password Problem.

The Security Ledger

Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like?

Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Security Affairs

Mozilla has released security updates for Firefox browser that address a zero-day vulnerability (CVE-2019-17026) that has been exploited in targeted attacks.

MicroServices: Today’s data science gold rush

Thales eSecurity

Microservices are changing how organizations are doing business. And nowhere was this more clear than at KubeCon in San Diego last year. Microservices 1 is a powerful technology that is the kernel for modern cloud architecture, and it’s going to drive how people build, manage and deploy secure apps.

56.25 million US residents records collected by CheckPeople exposed on a Chinese server

Security Affairs

A database containing the personal details of 56.25 million US residents that allegedly belongs to CheckPeople.com website was exposed online. A database containing the personal details of 56.25

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

3 Problems That Data and Analytics Can Help Solve in Healthcare

Perficient Data & Analytics

I’m often asked how data and analytics can help to solve key industry problems in healthcare. With that in mind, three key industry issues rise to the top of the list. Cost of Care Delivery. The cost of care delivery is at the center of the problems facing the healthcare Industry.

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Security Affairs

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability.

BELGIUM:  Belgian DPA fines for cookie non-compliance and warns other companies to act in compliance

DLA Piper Privacy Matters

By Patrick Van Eecke, Frederik Ringoot and Gilles Hachez. The Belgian Data Protection Authority issued a fine of 1% of the annual turnover of the company for not acting in compliance with the cookie rules, despite the corrective actions undertaken by the company.

TrickBot gangs developed the PowerTrick backdoor for high-value targets

Security Affairs

Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Mainframe Transformation awaits @SHARE in Texas

Micro Focus

As a native Texan, I am excited to help host this event in my backyard of Fort Worth, Texas, on February 23-28. A short drive to the venue beats a long flight hands down. Why ‘Cowtown’? Fort Worth got its nickname “Cowtown” in the 1800s as it became the center of the cattle drives, and. View Article.

IT 70

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

Security Affairs

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia.

Jacksonville law firm brings order to its content with cloud-based document management

OpenText Information Management

Legal professionals need to be able to easily access critical documents at a moment’s notice, but the ever-growing volumes of information makes the challenge of managing it seemingly insurmountable. The Office of General Counsel (OGC) for the City of Jacksonville, Florida was no exception.

North Korea-linked Lazarus APT continues to target cryptocurrency exchanges

Security Affairs

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

An Iranian Hacking Campaign, Social Media Surveillance, and More News

WIRED Threat Level

Catch up on the most important news from today in two minutes or less. Security Security / National Security

Currency Exchange Company Travelex Hit By Ransomware Attack

Adam Levin

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . The attack was first detected the night of December 31. Soon after, the company took its systems offline.

5 Ways Data Modeling Is Critical to Data Governance

erwin

Enterprises are trying to manage data chaos. They might have 300 applications, with 50 different databases and a different schema for each one.

Customer Experience Trends: How To Stand Out From the Crowd

Reltio

Customer experience trends might change from time to time, but the central component remains steady: The customer must be at the heart of every business decision that you make. Joseph Pine and James G.

Chinese Malware Found Preinstalled on US Government-Funded Phones

Dark Reading

Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless

Exploit Fully Breaks SHA-1, Lowers the Attack Bar

Threatpost

Users of GnuPG, OpenSSL and Git could be in danger from an attack that's practical for ordinary attackers to carry out. Cryptography Vulnerabilities Web Security attack collision attack Encryption Exploit fully broken git gnuph OpenSSL Proof of Concept SHA-1

UK accused of 'behaving like cowboys' over EU database copying

The Guardian Data Protection

Dutch Liberal MEP Sophie in ’t Veld says leaked report revealed ‘violations and abuse’ The British government has been accused of “behaving like a bunch of cowboys” after a confidential report revealed it had allowed illegal copying of an EU database.

4 Ring Employees Fired For Spying on Customers

Threatpost

Ring said that four employees were fired because they for inappropriate access to customers' connected video feeds. IoT Privacy amazon Data Privacy employee firing Ring ring doorbell ring privacy Security

AWS Issues 'Urgent' Warning for Database Users to Update Certs

Dark Reading

Users of AWS Aurora, DocumentDB, and RDS databases must download and install a fresh certificate and rotate the certificate authority

81

2019 Highlights in Privacy Training, Writing, Resources, and Humor from Daniel Solove

IG Guru

Professor Solove provides his 2019 highlights from his blog here. The post 2019 Highlights in Privacy Training, Writing, Resources, and Humor from Daniel Solove appeared first on IG GURU.

Attackers Increase Focus on North American Electric Utilities: Report

Dark Reading

Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm

Introducing Jamf Pro 10.18

Jamf

Our newest version of Jamf Pro will integrate Jamf Pro and Jamf Connect, offer native Office 365 management and includes Cloud Connector: simplifying Azure integration

Cloud 80

6 best practices for building an intelligent master data management strategy

Information Management Resources

Business strategies and processes are built on the foundations of reliable data, and their consistency cannot be fractured. Insights from MDM Data governance MDM

MDM 56