Mon.Jan 13, 2020

Why Penetration Tests Are So Essential

Data Breach Today

Avoiding the Massive Potential Costs of a Data Breach Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities

6 cybersecurity trends driven by identity authentication challenges

Information Management Resources

Insufficient identity verification has led to limitless account takeover, extensive phishing attempts, hacks of IoT devices and even election interferences. Cyber security Data security Cyber attacks

IoT 44

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

5G – The Future of Security and Privacy in Smart Cities

Security Affairs

5G technology is here, it is the right time to discuss security and privacy in smart cities and their possible evolution. After a long talk and eagerly waiting, finally, 5G technology is here. The 5G tech is fast – really fast, and now, ‘true’ smart cities are just about time to turn into reality. But what makes a smart city? Or what’s the role of 5G in this transformation?

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Albany Airport Pays Off Sodinokibi Ransomware Gang: Report

Data Breach Today

Same Crypto-Locking Malware Recently Crippled Currency Exchange Firm Telenex Officials at the Albany International Airport paid a ransom to cybercriminals after the facility's systems were hit with Sodiniokibi ransomware strain, according to local media reports.

More Trending

Severe Citrix Flaw: Proof-of-Concept Exploit Code Released

Data Breach Today

Attackers Probe for Vulnerable Systems, as Citrix Races to Develop Patches Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises.

IT 169

China-linked APT40 group hides behind 13 front companies

Security Affairs

A group of anonymous security researchers that calls itself Intrusion Truth have tracked the activity of a China-linked cyber – e spionage group dubbed APT40.

'Cable Haunt' Modem Flaw Leaves 200 Million Devices at Risk

Data Breach Today

Risk 141

Artificial Personas and Public Discourse

Schneier on Security

Presidential campaign season is officially, officially , upon us now, which means it's time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: artificial personas are coming, and they're poised to take over political debate.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Class Action Breach Lawsuits: The Impact of Data for Sale

Data Breach Today

After a data breach, if individuals' stolen information is offered for sale on the dark web, that potentially bolsters class action lawsuits filed by plaintiffs against the breached organization, says technology attorney Steven Teppler of the law firm Mandelbaum Salsburg P.C.

Sales 109

Facebook quickly fixed a bug exploited in attacks that exposed Page Admins info

Security Affairs

Facebook addressed last week a security flaw that exposed page admin accounts, the bug was exploited against several high-profile pages. Last week Facebook has addressed a security issue that exposed page admin accounts, the bug was exploited in attacks in the wild against several high-profile pages.

IT 81

Welcoming the Danish Government to Have I Been Pwned

Troy Hunt

In a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I'm very happy to welcome the first country onto Have I Been Pwned for 2020 - Denmark!

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

officials responsible for national security and telecommunications were meeting their peers in Britain ahead of the final decision on Huawei 5G technology. officials responsible for national security and telecommunications were meeting their peers in Britain in the attempt to convince U.K.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Cut Undersea Cable Plunges Yemen Into Days-Long Internet Outage

WIRED Threat Level

The fragility of global internet structure has left the entire Red Sea region struggling to connect. Security Security / Security News

Hacker that hit UK National Lottery in 2016 was sentenced to prison

Security Affairs

The alleged hacker behind the credential stuffing attacks on UK National Lottery accounts has been sentenced to nine months in prison. Anwar Batson (29) of London has been sentenced to nine months in prison for fraud and four violations under the Computer Misuse Act of 1990.

Microsoft Ignite The Tour: Worth the Trip

Daymark

Microsoft has a well-known yearly user conference in Orlando called Ignite. But did you know there is a smaller, free version of this conference? Microsoft Ignite The Tour is set to hit 30 cities around the world in 2020, including two U.S.

66

CHINA: Privacy, Security and Content Regulation to Increase in 2020

DLA Piper Privacy Matters

New Internet Content and Governance Regulation. China’s authorities have published a much-anticipated brand new directive on internet content regulation and governance, which will come into force on 1 March 2020.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Telemarketing company suspends business following ransomware attack

IT Governance

Days before Christmas, employees at telemarketer The Heritage Company were told that they should start looking for new jobs. The bombshell came two months after the organisation was infected with ransomware , which heavily affected its already struggling operations.

Microsoft to Officially End Support for Windows 7, Server 2008

Dark Reading

Windows 7 and Server 2008 will continue to work after Jan. 14, 2020, but will no longer receive security updates

Unpatched Citrix Flaw Now Has PoC Exploits

Threatpost

Over 25,000 servers globally are vulnerable to the critical Citrix remote code execution vulnerability. Vulnerabilities citrix Citrix ADC Citrix gateway CVE-2019-19781 exploit code poc exploit remote code execution shitrix unpatched flaw vulnerability

82

Whistleblower tells Project Baltimore mass shredding took place at Baltimore County Schools via Fox 45

IG Guru

The destruction of financial documents during the 2018 audit has garnered a strong reaction from the governor and a state delegate. Now, Baltimore County Executive Johnny Olszewski says taxpayers deserve an explanation.

Joker Android Malware Snowballs on Google Play

Threatpost

Google has removed 17,000 Joker-infested apps from the Play store to date. Malware Mobile Security 17000 apps analysis Android code analysis google google play joker mobile malware obfuscation

Texas School District Loses $2.3M to Phishing Attack

Dark Reading

The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions

Scammers Dupe Texas School District Out of $2.3M

Threatpost

The wide-scale phishing scam reportedly started in early November and continued through December, before it was discovered by the Texas school district. Web Security BEC Business Email Compromise email scam Manor Independent School District Phishing scam

IT 79

Website Collecting Australian Fire Donations Hit by Magecart

Dark Reading

The attack may have compromised donors' payment information

78

Las Vegas Successfully Averted a Cyberattack

Adam Levin

The City of Las Vegas successfully averted what could have been a disastrous cyberattack earlier this month. City officials detected a cyberattack January 7, and in response immediately took several services offline, including its public-facing website. . “We

Four tips to optimize your EIM systems in 2020

OpenText Information Management

EIM solutions are becoming more and more pivotal to the success of today’s digital business. The challenge is on to make sure your EIM systems are fully optimized. The post Four tips to optimize your EIM systems in 2020 appeared first on OpenText Blogs.

Cloud 52

CES Surveillance Hype Worries Privacy Advocates

Threatpost

CES wiz-bang surveillance tech gives privacy advocates the willies. Privacy CES connected security consumer electronics show drone IoT security camera surveillance

Serious Fraud Office partners with AI to fight crime

OpenText Information Management

Artificial intelligence (AI) is a transformative technology that has the potential to both complement and advance human effort. Law enforcement is just one of the industries to have discovered the potential for AI to support its human workforce. A prime example is the UK’s Serious Fraud Office (SFO).

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. This new guidance comes at the same time as a draft guidance on privacy by design has been published by the European Data Protection Board requiring product developers to implement privacy into the design of their products.