Tue.Feb 18, 2020

Lawsuit Filed in Wake of Ransomware Attack

Data Breach Today

Patients Seek Damages, Citing Impact of Security Incident in New Jersey A lawsuit seeking class action status has been filed against a New Jersey healthcare organization in the wake of a ransomware attack last December in which the entity paid attackers an unspecified ransom to unlock its systems.

Encoding Stolen Credit Card Data on Barcodes

Krebs on Security

Crooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service , the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards.

IT 173

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mobile Banking Users Targeted in SMS Phishing Campaign

Data Breach Today

Researchers Say Attackers Targeted American and Canadian Banking Customers Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

The Last Watchdog

It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Plastic Surgery Database Exposed: Researchers

Data Breach Today

French Technology Firm's Database Was Unprotected, Report Says An unsecured database belonging to a French technology firm that supplies video and digital equipment to plastic surgery and determatology clinics exposed content on 900,000 patients, according to a report from two independent security researchers.

More Trending

RSA Conference 2020 Preview

Data Breach Today

"The Human Element" is the theme of the RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud. Britta Glade, a conference director, previews the event

Hacking McDonald's for Free Food

Schneier on Security

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. Once you take the survey, you receive a coupon code for a free small beverage, redeemable within a month.

Dell to Sell RSA to Private Equity Firm for $2 Billion

Data Breach Today

Pending Sale Announced on Eve of Annual RSA Conference in San Francisco Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday.

Sales 152

Firmware Weaknesses Can Turn Computer Subsystems into Trojans

Dark Reading

Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Unpatched VPN Servers Hit by Apparent Iranian APT Groups

Data Breach Today

Backdoored: Fortinet, Palo Alto and Pulse Secure VPN Servers; Citrix Gateways Unpatched Fortinet, Palo Alto and Pulse Secure VPN servers, as well as Citrix gateways, continue to be targeted by hackers, who are exploiting critical flaws to install backdoors inside corporate networks.

US CISA warns of Ransomware attacks impacting pipeline operations

Security Affairs

The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S.

Hundreds of Millions of PC Components Still Have Hackable Firmware

WIRED Threat Level

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Security Security / Cyberattacks and Hacks

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Security Affairs

Go grab a copy of the Gerbers and 3D-printed Case STL files at [link] and print through your favorite FAB. Prologue. Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of debuggers (i.e. stlink, jlink, RS23–2-2USB, etc.).

IoT 77

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Threatpost

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium.

The Trouble with Free and Open Source Software

Dark Reading

Insecure developer accounts, legacy software, and nonstandard naming schemes are major problems, Linux Foundation and Harvard study concludes

67

YouTube Gaming's Most-Watched Videos Are Dominated by Scams and Cheats

WIRED Threat Level

YouTube is littered with bot-driven videos promising big in-game riches—that also try to steal your personal information. Security Security / Security News

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Dell Sells RSA to Private Equity Firm for $2.1B

Dark Reading

Deal with private equity entity Symphony Technology Group revealed one week before the security industry's RSA Conference in San Francisco

My Adobe Audience Manager Certification Experience

Perficient Data & Analytics

As I wrote previously in another blog post, I challenged myself to obtain a few different Adobe Certifications by the end of 2019. As the end of the year came and went, I ended up with three Adobe Certifications. I’m now an Adobe Certified Expert in Adobe Analytics, Audience Manager and Target.

IT 59

8 Things Users Do That Make Security Pros Miserable

Dark Reading

When a user interacts with an enterprise system the result can be productivity or disaster. Here are 8 opportunities for the disaster side to win out over the productive

Ring Mandates 2FA After Rash of Hacks

Threatpost

Ring outlined new security and data privacy measures, Tuesday, following backlash of the connected doorbell in the past year. Hacks IoT Privacy 2FA data abuse Data Privacy Data security Ring ring doorbell ring hack third party data sharing Two Factor Authentication

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Cyber Fitness Takes More Than a Gym Membership & a Crash Diet

Dark Reading

Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan

Turbocharge Your ERP Analytics with Oracle Analytics for Applications

Perficient Data & Analytics

In late 2019 Oracle released Oracle Analytics for Applications (OAX). OAX is built on Oracle Analytics Cloud (OAC) and powered by Oracle Autonomous Data Warehouse (ADW).

A very brief history of cloud computing

DXC Technology

You can argue over when cloud computing really began, but one good starting point is 2006 when then Google CEO Eric Schmidt said at a conference: “I don’t think people have really understood how big this opportunity really is. It starts with the premise that the data services and architecture should be on servers. We call […]. Cloud Platform Uncategorized

Cloud 56

Oracle Analytics Server to Replace OBIEE

Perficient Data & Analytics

Oracle Analytics Server (OAS) is the latest Oracle release to supersede Oracle Business Intelligence Enterprise Edition (OBIEE). Current OBIEE customers can upgrade to OAS at no additional licensing cost.

Top 3 Trends at Shmoocon 2020

ForAllSecure

On January 31, 2020, Shmoocon held their annual conference in Washington D.C. Each year, the event offers a glimpse into the upcoming trends of the year, defined by the needs of the federal industry. Outlined below are the top three trends observed by our ForAllSecure engineers

56

How to Align Systems Development with Your Organization's RIM Practices

AIIM

The success of any project relies on involving stakeholders early on and keeping them properly informed throughout. A systems development project is no different.

3 SECURITY QUESTIONS YOUR DOCUMENT RESTORATION COMPANY WILL ASK via Polygon

IG Guru

Restoring documents is something that is rarely planned. Check out the 3 questions a document restoration company should be asking here. The post 3 SECURITY QUESTIONS YOUR DOCUMENT RESTORATION COMPANY WILL ASK via Polygon appeared first on IG GURU.

1.7M Nedbank Customers Affected via Third-Party Breach

Dark Reading

A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank