Wed.Nov 27, 2019

New US Federal Privacy Bill Gets Proposed

Data Breach Today

Legislation Designed on the Same Lines as CCPA U.S. Maria Cantwell has proposed a federal privacy legislation called the Consumer Online Privacy Rights Act, which could expand the rights of people when it comes to how personal data is collected, shared and used

Adobe revealed that the Magento Marketplace was hacked

Security Affairs

Adobe discloses security breach impacting Magento Marketplace users. Adobe discloses a security breach that affected the users of the Magento marketplace website, the incident was discovered last week.

CMS 83

Restaurant Chain: Malware Infected PoS Devices

Data Breach Today

Unidentified Strain Targets Customer Payment Card Data An unidentified strain of malware appears to have infected point-of-sale machines used at certain New York restaurants owned by the chain Catch. The malware exposed customer payment card data to hackers, the company says

Sales 158

DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy

Schneier on Security

The DHS is requiring all federal agencies to develop a vulnerability disclosure policy. The goal is that people who discover vulnerabilities in government systems have a mechanism for reporting them to someone who might actually do something about it.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Watchdog Finds DOE Falling Short on Cybersecurity

Data Breach Today

Audit Finds Vulnerabilities in Energy Department's Unclassified Systems An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year.

More Trending

Joker's Stash Advertises More Stolen Payment Card Data

Data Breach Today

Carder Forum Listing Appears Tied to Breaches at Four Restaurant Chains The notorious Joker's Stash carder marketplace has a fresh listing for payment card data that appears to have been stolen from four different U.S. restaurant chains, security experts warn

Think Twice Before Giving Gifts With a Microphone or Camera

WIRED Threat Level

Black Friday is going to be overrun with cheap, internet-connected gifts. Just make sure you know exactly what you’re buying. Security Security / Security Advice

Medical Device Cybersecurity: A Team Approach

Data Breach Today

All healthcare industry stakeholders must take critical steps to address the cybersecurity of connected medical devices, says Jennifer Covich Bordenick, CEO of of the eHealth Initiative and Foundation, an advocacy group that has issued a new report on the subject

Law enforcement agencies arrested 79 people involved in fraudulent online purchases of flight tickets

Security Affairs

Law enforcement agencies arrested 79 people worldwide as part of the Global Airline Action Days operation to fight fraudulent online purchases of flight tickets.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Federal Data Privacy Bill Takes Aim at Tech Giants

Threatpost

The COPRA legislation would provide GDPR-like data protections, and create a new FTC enforcement bureau. Government Privacy cantwell copra Data Privacy data protections enforcement bureau federal law fines FTC GDPR legislation private lawsuits senate bill tech giants

SQL Injection Errors No Longer the Top Software Security Issue

Dark Reading

In newly updated Common Weakness Enumeration (CWE), SQL injection now ranks sixth

Dexphot Malware Hijacked 80K+ Devices to Mine Cryptocurrency

Threatpost

A cryptomining malware has infected at least 80k devices and uses various tactics to evade detection. Hacks Malware 80K infections apt Code Crypto cryptomining detection evasion Dexphot malware Microsoft

Practical Principles for Security Metrics

Dark Reading

A proactive approach to cybersecurity requires the right tools, not more tools

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Employee input seen as key to success with digital transformation

Information Management Resources

Decision makers highlight the ability to interact and collaborate across departments as the most valuable capability to help organizations successfully execute internal digital initiatives. Digital transformation Data strategy Employee engagement

A Cause You Care About Needs Your Cybersecurity Help

Dark Reading

By donating their security expertise, infosec professionals are supporting non-profits, advocacy groups, and communities in-need

NSO Group President Defends Controversial Tactics

Threatpost

Firm defends controversial business offerings, claims it should be considered a force of good. Cryptography Facebook Privacy Amnesty International end-to-end encrypted messaging messaging NSO Group NSO Group Technologies WhatsApp

IT 79

How to Be a More Thoughtful & Safe Digital Citizen

Dark Reading

Don't be a Billy. or Jennie. or Betty

81

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

The 2020 state of cybersecurity: 2 things enterprises need to brace for

Information Management Resources

As someone who’s worked in cyber security throughout my entire career, there are two things I believe we’ll see make headlines next year that every enterprise should be aware of and prepare for. Ransomware Cyber security Malware

New Free Emulator Challenges Apple's Control of iOS

Dark Reading

An open-source tool gives researchers and jailbreakers a free option for researching vulnerabilities in the operating system - and gives Apple a new headache

80

SDKs Misused to Scrape Twitter, Facebook Account Info

Threatpost

Malicious mobile apps could be created to scrape and share profile information, email addresses and more. Facebook Mobile Security Privacy cambridge analytica Data Scraping mobileburn oneaudience sharing Third party apps twitter

7 Ways to Hang Up on Voice Fraud

Dark Reading

Criminals are coming at us from all direction, including our phones. Don't answer that next call without reading this tips first

75

Top 3 Black Friday 2019 scams to avoid

IT Governance

Black Friday has fast become a staple of our high street and online shopping experience, even though it has its roots in US traditions. But the day isn’t all fun and bargains.

THE MER CONFERENCE WELCOMES THE INSTITUTE OF CERTIFIED RECORDS MANAGERS (ICRM)

IG Guru

THE MER CONFERENCE WELCOMES THE INSTITUTE OF CERTIFIED RECORDS MANAGERS (ICRM) One of the most valuable of the professional credentials in the Information Governance (IG) profession is that of the CRM (Certified Records Manager) and Certified Records Analyst (CRA).

How AI is slowly changing data governance

Information Management Resources

The search for better data governance — including data mobility, data accuracy, compliance, cybersecurity and privacy — has led to the application of AI in new processes and a suite of new data handling tools. Artificial intelligence Data management Data governance

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

The Securities and Futures Commission of Hong Kong (SFC) issued new guidance to regulate the use of external electronic data storage providers (EDSPs 1 ) by licensed firms that intend to keep (or have previously kept) records or documents required to be maintained pursuant to the statutory recordkeeping rules and anti-money-laundering regime (Regulatory Records) in an online environment.

IoT Smartwatch Exposes Kids’ Personal, GPS Data

Threatpost

Yet another connected smartwatch for children has been discovered exposing personal and location data of kids - opening the door for various insidious threats. Hacks IoT Privacy Web Security children's smartwatch connected smartwatch exposed data GPS location data personal data SMA M2

IoT 63

Google Details Its Responses to Cyber Attacks, Disinformation

Dark Reading

Government groups continue to attack user credentials and distribute disinformation according to a new blog post from Google's Threat Analysis Group