Wed.Nov 27, 2019

Restaurant Chain: Malware Infected PoS Devices

Data Breach Today

Unidentified Strain Targets Customer Payment Card Data An unidentified strain of malware appears to have infected point-of-sale machines used at certain New York restaurants owned by the chain Catch. The malware exposed customer payment card data to hackers, the company says

Sales 218

SQL Injection Errors No Longer the Top Software Security Issue

Dark Reading

In newly updated Common Weakness Enumeration (CWE), SQL injection now ranks sixth

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

New US Federal Privacy Bill Gets Proposed

Data Breach Today

Legislation Designed on the Same Lines as CCPA U.S. Maria Cantwell has proposed a federal privacy legislation called the Consumer Online Privacy Rights Act, which could expand the rights of people when it comes to how personal data is collected, shared and used

7 Ways to Hang Up on Voice Fraud

Dark Reading

Criminals are coming at us from all direction, including our phones. Don't answer that next call without reading this tips first

101
101

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Joker's Stash Advertises More Stolen Payment Card Data

Data Breach Today

Carder Forum Listing Appears Tied to Breaches at Four Restaurant Chains The notorious Joker's Stash carder marketplace has a fresh listing for payment card data that appears to have been stolen from four different U.S. restaurant chains, security experts warn

More Trending

Watchdog Finds DOE Falling Short on Cybersecurity

Data Breach Today

Audit Finds Vulnerabilities in Energy Department's Unclassified Systems An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year.

Practical Principles for Security Metrics

Dark Reading

A proactive approach to cybersecurity requires the right tools, not more tools

Medical Device Cybersecurity: A Team Approach

Data Breach Today

All healthcare industry stakeholders must take critical steps to address the cybersecurity of connected medical devices, says Jennifer Covich Bordenick, CEO of of the eHealth Initiative and Foundation, an advocacy group that has issued a new report on the subject

A Cause You Care About Needs Your Cybersecurity Help

Dark Reading

By donating their security expertise, infosec professionals are supporting non-profits, advocacy groups, and communities in-need

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Think Twice Before Giving Gifts With a Microphone or Camera

WIRED Threat Level

Black Friday is going to be overrun with cheap, internet-connected gifts. Just make sure you know exactly what you’re buying. Security Security / Security Advice

New Free Emulator Challenges Apple's Control of iOS

Dark Reading

An open-source tool gives researchers and jailbreakers a free option for researching vulnerabilities in the operating system - and gives Apple a new headache

95

Upbit cryptocurrency exchange hacked, crooks stole $48.5 million worth of ETH

Security Affairs

Another South Korean cryptocurrency exchange was hacked, this time the victim is Upbit that lost $48.5 million in cryptocurrency. . The South Korean cryptocurrency exchange Upbit disclosed a security breach, the company told its customers that hackers have stolen $48.5

How to Be a More Thoughtful & Safe Digital Citizen

Dark Reading

Don't be a Billy. or Jennie. or Betty

89

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

DHS Mandates Federal Agencies to Run Vulnerability Disclosure Policy

Schneier on Security

The DHS is requiring all federal agencies to develop a vulnerability disclosure policy. The goal is that people who discover vulnerabilities in government systems have a mechanism for reporting them to someone who might actually do something about it.

Google Details Its Responses to Cyber Attacks, Disinformation

Dark Reading

Government groups continue to attack user credentials and distribute disinformation according to a new blog post from Google's Threat Analysis Group

Law enforcement agencies arrested 79 people involved in fraudulent online purchases of flight tickets

Security Affairs

Law enforcement agencies arrested 79 people worldwide as part of the Global Airline Action Days operation to fight fraudulent online purchases of flight tickets.

How to Get Prepared for Privacy Legislation

Dark Reading

All the various pieces of legislation, both in the US and worldwide, can feel overwhelming. But getting privacy basics right is a solid foundation

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Federal Data Privacy Bill Takes Aim at Tech Giants

Threatpost

The COPRA legislation would provide GDPR-like data protections, and create a new FTC enforcement bureau. Government Privacy cantwell copra Data Privacy data protections enforcement bureau federal law fines FTC GDPR legislation private lawsuits senate bill tech giants

Analysis of Jira Bug Stresses Impact of SSRF in Public Cloud

Dark Reading

More than 3,100 Jira instances are still vulnerable to a server-side request forgery vulnerability patched in August

Cloud 72

The 2020 state of cybersecurity: 2 things enterprises need to brace for

Information Management Resources

As someone who’s worked in cyber security throughout my entire career, there are two things I believe we’ll see make headlines next year that every enterprise should be aware of and prepare for. Ransomware Cyber security Malware

Dexphot Malware Hijacked 80K+ Devices to Mine Cryptocurrency

Threatpost

A cryptomining malware has infected at least 80k devices and uses various tactics to evade detection. Hacks Malware 80K infections apt Code Crypto cryptomining detection evasion Dexphot malware Microsoft

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

Employee input seen as key to success with digital transformation

Information Management Resources

Decision makers highlight the ability to interact and collaborate across departments as the most valuable capability to help organizations successfully execute internal digital initiatives. Digital transformation Data strategy Employee engagement

Top 3 Black Friday 2019 scams to avoid

IT Governance

Black Friday has fast become a staple of our high street and online shopping experience, even though it has its roots in US traditions. But the day isn’t all fun and bargains.

How AI is slowly changing data governance

Information Management Resources

The search for better data governance — including data mobility, data accuracy, compliance, cybersecurity and privacy — has led to the application of AI in new processes and a suite of new data handling tools. Artificial intelligence Data management Data governance

IoT Smartwatch Exposes Kids’ Personal, GPS Data

Threatpost

Yet another connected smartwatch for children has been discovered exposing personal and location data of kids - opening the door for various insidious threats. Hacks IoT Privacy Web Security children's smartwatch connected smartwatch exposed data GPS location data personal data SMA M2

IoT 76

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

THE MER CONFERENCE WELCOMES THE INSTITUTE OF CERTIFIED RECORDS MANAGERS (ICRM)

IG Guru

THE MER CONFERENCE WELCOMES THE INSTITUTE OF CERTIFIED RECORDS MANAGERS (ICRM) One of the most valuable of the professional credentials in the Information Governance (IG) profession is that of the CRM (Certified Records Manager) and Certified Records Analyst (CRA).

NSO Group President Defends Controversial Tactics

Threatpost

Firm defends controversial business offerings, claims it should be considered a force of good. Cryptography Facebook Privacy Amnesty International end-to-end encrypted messaging messaging NSO Group NSO Group Technologies WhatsApp

IT 69

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

The Securities and Futures Commission of Hong Kong (SFC) issued new guidance to regulate the use of external electronic data storage providers (EDSPs 1 ) by licensed firms that intend to keep (or have previously kept) records or documents required to be maintained pursuant to the statutory recordkeeping rules and anti-money-laundering regime (Regulatory Records) in an online environment.