Mon.Nov 11, 2019

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Krebs on Security

Election Interference Notification Protocols Unveiled

Data Breach Today

White House Describes Framework for Notifying Public of 2020 Election Interference The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released

182
182

Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure

Security Affairs

Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month.

Sen. Warner Asks HHS for Answers on Unsecured Medical Images

Data Breach Today

Questions HIPAA Enforcement Agency in Wake of Millions of Patient Files Discovered Online Senator Mark Warner, D-Va.,

164
164

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Bugcrowd paid over $500,000 in bug bounty rewards in one week

Security Affairs

Crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards during the last week of October.

IT 82

More Trending

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) warns businesses and netizens of Emotet and BlueKeep attacks in the wild.

Democrats Pose Phone Data Privacy Questions to FCC

Data Breach Today

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users. ZonaAlarm , the popular security software firm owned by Check Point Technologies, has suffered a data breach.

Insider Threat: Greater Risk Mitigation Required

Data Breach Today

Risk 130

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Fooling Voice Assistants with Lasers

Schneier on Security

Take Two: Why Organizations Are Reviewing GDPR Efforts

Data Breach Today

PwC's Polly Ralph on Data Breach Preparation and Remediation Trends The EU's General Data Protection Regulation rewrote the rules of the data privacy and breach notification game when it went into full effect last year.

GDPR 130

CERTrating a new Tool to evaluate CERT/CSIRT maturity level

Security Affairs

The Global Cyber Security Center has developed a tool named CERTrating to evaluate the Maturity Level of CERTs and services provided to the Constituency.

IT 72

UAE Forms Defense Firm to Help Tackle Cyberthreats

Data Breach Today

Government and Private Sector Collaborate on Initiative A new defense company has been formed in United Arab Emirates, combining three government-owned and 22 independent companies in an effort to develop technologies to help thwart cyberattacks and repel military drones

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure

Threatpost

The specific type of TCP attack used in the recent spate of DDoS efforts were TCP SYN-ACK reflection attacks. Web Security amazon DDoS october 2019 Radware tcp reflection attacks telecom networks

Privacy Nirvana: Some Assembly Still Required

Data Breach Today

GDPR 130

ForAllSecure Uncovers Critical Vulnerabilities in Das U-Boot

ForAllSecure

Introduction. This summer, I utilized ForAllSecure Mayhem, a next-generation fuzz testing solution, to analyze software that are heavily used. I felt these types of components in particular deserve more scrutiny from a security perspective.

Despite Instagram Changes, Minors Are Still at Risk

Data Breach Today

Minors With Business Profiles Can Shield Contact Information, But May Be Unaware In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough

Risk 109

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Bringing security closer to the data

OpenText Information Management

OpenText is the global leader in Enterprise Information Management (EIM), and the leading provider of content services to the modern enterprise. Simply put, OpenText knows how to manage information in order to deliver a competitive advantage.

5 Security Processes You Shouldn't Overlook During M&A

Dark Reading

Security needs to be a central element of due diligence if a merger or acquisition is to succeed

Creating Compliance in Chaos: A Consultant's Story

Gimmal

Records and Information Management (RIM) is constantly changing and evolving as record managers begin to realize the benefits of automation in their daily operations.

Researchers Find New Approach to Attacking Cloud Infrastructure

Dark Reading

Cloud APIs' accessibility over the Internet opens a new window for adversaries to gain highly privileged access to cloud assets

Modern Assembler Programming for z/OS

Rocket Software

When I started at Rocket in 2003, I was migrating from a 20-year career as an MVS Systems Programmer who dabbled in writing assembler tools to a fully-fledged software engineer.

IT 52

New HIPAA Security Risk Assessment Tool incorporates NIST framework

IG Guru

Version 3.1 of the HHS Security Risk Assessment (SRA) Tool features new functionality. The post New HIPAA Security Risk Assessment Tool incorporates NIST framework appeared first on IG GURU.

Risk 52

Want to plan 80% faster? According to Forrester, IBM can help.

IBM Big Data Hub

Forrester, a leading IT analyst firm, has constructed a Total Economic Impact (TEI) framework with a focus on how IBM Planning Analytics compares to the competition across a variety of metrics—from ROI, to time, to value—and much more.

4 top trends shaping information management

Information Management Resources

Information is the life blood of any business or organization. It helps dictate how businesses form strategies, implement processes and drive results. Data strategy Data management Enterprise information management

IT 48

Joker's Stash Puts $130M Price Tag on Credit Card Database

Dark Reading

A new analysis advises security teams on what they should know about the underground payment card seller

You May Soon Be Told to “Go Jump in a Lake” for Your ESI: eDiscovery Trends

eDiscovery Daily

A data lake, that is. So, what is it and why should you care? Let’s take a look.