Fri.Nov 20, 2020

Why innovation must be the new reality for government IT from January 2021 

OpenText Information Management

It’s almost ten years since the failed launch of healthcare.gov. This event served to cruelly expose what medium.com described as ‘an archaic, hodgepodge system of digital services’ that were often siloed, leading to fragmented connectivity and use across agencies.

The Dark Side of AI: Previewing Criminal Uses

Data Breach Today

Threats Include Social Engineering, Insider Trading, Face-Seeking Assassin Drones "Has anyone witnessed any examples of criminals abusing artificial intelligence?" That's a question security firms have been raising.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Convicted SIM Swapper Gets 3 Years in Jail

Krebs on Security

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison.

Christopher Krebs Describes Accomplishments

Data Breach Today

This edition of the ISMG Security Report features a discussion with Christopher Krebs, the recently fired director of the Cybersecurity Infrastructure Security Agency, on his accomplishments at the agency.

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

How Cyberattacks Work

Dark Reading

Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier

More Trending

Facebook Messenger Flaw Enabled Spying on Android Callees

Dark Reading

A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge

105
105

UK Forms National Cyber Force

Data Breach Today

Agency Will Engage in Offense as Well as Defense U.K. Prime Minister Boris Johnson announced Thursday the creation of a National Cyber Force designed to strengthen Britain's cybersecurity posture and give the country new defensive and offensive capabilities.

How Industrial IoT Security Can Catch Up With OT/IT Convergence

Dark Reading

Ransomware can easily make a connection between IT and OT already. How can blue teams do the same

Eye Care Center Operator's Customer Data Hacked

Data Breach Today

Was Luxottica's Data Breach Linked to Ransomware Attack? A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

October Mumbai power outage may have been caused by a cyber attack

Security Affairs

Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers.

OnDemand | SASE:2021 Planning

Data Breach Today

How Your Groundwork Projects Fit Into This New Model for 2021

168
168

A flaw in Facebook Messenger could have allowed spying on users

Security Affairs

Facebook has addressed a security vulnerability in its Messenger for Android app that could have allowed attackers to spy on users.

IT 82

AWS Flaw Allows Attackers to Find Users' Access Codes

Data Breach Today

Researchers: Vulnerabilities Exist In 22 APIs Across 16 AWS Products A recently uncovered vulnerability in a class of Amazon Web Service APIs can be exploited to leak AWS Identity and Access Management user and arbitrary accounts, according to Palo Alto Networks' Unit 42

Access 168

Rethinking Information Governance In The Age of Unstructured Enterprise Data

Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

Mitsubishi Electric Corp. was hit by a new cyber attack that may have caused the leakage of information related to its business partners. Mitsubishi Electric Corp. was hit again by a massive cyberattack that may have caused the leakage of information related to its business partners.

Global Financial Industry Facing Fresh Round of Cyberthreats

Data Breach Today

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations.

2 Arrested for Operating Malware Encryption Service

Data Breach Today

Romanians Allegedly Ran 'CyberSeal,' 'Dataprotector' and 'Cyberscan' Services Europol has arrested two Romanians for allegedly selling services - including malware encryption - that helped cybercriminals circumvent antivirus tools

The Best Sales Forecasting Models for Weathering Your Goals

Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!

Good Heavens! 10M Impacted in Pray.com Data Exposure

Threatpost

The information exposed in a public cloud bucket included PII, church-donation information, photos and users' contact lists.

Cloud 110

Security Pros Push for More Pervasive Threat Modeling

Dark Reading

With the release of the "Threat Modeling Manifesto," a group of 16 security professionals hope to prompt more companies to consider the threats to software

The key to delivering digital government services

OpenText Information Management

In September 2020, the UK government’s Digital Secretary Oliver Dowden launched the National Data Strategy, putting data at the heart of the UK’s recovery from the COVID-19 pandemic.

Facebook Messenger Bug Allows Spying on Android Users

Threatpost

The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them.

Product Analytics Playbook: Mastering Retention

Why do your users churn? In this guide you'll learn common product pitfalls and how to fix them.

VMware addresses flaws exploited at recent Tianfu Cup

Security Affairs

VMware has addressed two serious ESXi vulnerabilities that were demonstrated at the Tianfu Cup International PWN Contest. VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest.

Cloud 72

VMware Fixes Critical Flaw in ESXi Hypervisor

Threatpost

The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge. Vulnerabilities CVE-2020-4004 CVE-2020-4005 Hypervisor Tiunfu Cup vmware VMware ESXi vulnerability

105
105

Symantec Reports on Cicada APT Attacks against Japan

Schneier on Security

Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere. Cicada has historically been known to target Japan-linked organizations, and has also targeted MSPs in the past.

68

New Grelos Skimmer Variants Siphon Credit Card Data

Threatpost

Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. Hacks Web Security compromised payment card Credit Card Theft data breach Grelos magecart web skimmer webSocket

Future-Proofing Your Information Governance Strategy

Speaker: Crystal Cao, Lindsey Simon & Lisa Ripley

Join Onna and experts from Quip, Airbnb, and Oracle for this live webinar as they dive into proactive data deletion policies, retention strategies, and legal hold practices that are essential to a modern enterprise information governance strategy.

California Agency Exposed Up to 38 Million SSNs

Adam Levin

California’s Employment Development Department (EDD) has sent out communications that contain the Social Security numbers of at least 38 million state residents since the beginning of the Covid-19 pandemic, according to a recent audit. .

Risk 57

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

Threatpost

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.

Orem (in Utah) dives into discussions on document retention via the Daily Herald

IG Guru

Check out the article here. The post Orem (in Utah) dives into discussions on document retention via the Daily Herald appeared first on IG GURU. Business Record Retention Records Management Standards Storage Daily Herald Orem Record Storage