Thu.Feb 27, 2020

The Need for a 'Collective Defense'

Data Breach Today

Former NSA Director and Others Stress Collaboration Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights

New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Security Affairs

Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Former Microsoft Engineer Convicted of Insider Fraud

Data Breach Today

Used Admin Privileges to Steal $10 Million From Retail Platform A former Microsoft software engineer was convicted this week on 18 federal charges tied to stealing more than $10 million through the company's online retail platform

Retail 163

Hunting the coronavirus in the dark web

Security Affairs

Let me share with you the result of a one-night long analysis of major black marketplaces searching for anything related to the coronavirus epidemic.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Why The Cloud Is The New Network

Data Breach Today

Fleming Shi of Barracuda Networks on Latest Cloud Security Research Findings Barracuda Networks has released the findings of its latest survey on public cloud security.

Cloud 163

More Trending

How Machine Learning Can Strengthen Insider Threat Detection

Data Breach Today

Panel: Better Algorithms Can Help Mitigate the Risks As companies continue to grapple with the challenges of insider threats, machine learning coupled with behavioral analytics can assist in predicting and detecting potential threats from employees and contractors, according to a panel of security experts at RSA 2020.

Securing the Internet of Things through Class-Action Lawsuits

Schneier on Security

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT.

IoT 79

Israeli Marketing Company Exposes Contacts Database

Data Breach Today

Data includes Names, Addresses, Email Addresses, Phone Numbers An Israeli marketing company left the authentication credentials for a database online, exposing more than 140 GB worth of names, email addresses and phone numbers. The exposure was found by a U.S.-based

How to develop a robust cyber security policy

IT Governance

Technological defences and staff training are two of the most frequently touted measures for preventing data breaches, but their effectiveness is dependent on the way organisations implement them. That means creating a detailed cyber security policy. What is a cyber security policy?

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Data on Detection of Malicious Documents in Gmail are impressive

Security Affairs

Google revealed that the enhancements to its scanning system implemented in Gmail are boosting its detection capabilities. Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents.

Clearview AI Customers Exposed in Data Breach

Dark Reading

Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Security Affairs

Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for Microsoft Exchange Servers affected by the CVE-2020-0688 remote code execution flaw.

RSAC 2020: GM’s Transportation Future Hinges on Cybersecurity

Threatpost

CEO Mary T. Barra addressed the high stakes in rolling out self-driving cars and biometric-enhanced vehicles, where one cyber-event could derail plans for emerging automotive technologies. Bug Bounty Cloud Security Critical Infrastructure IoT Mobile Security Privacy RSAC Vulnerabilities

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

SQL Dump from popular Indian BGR tech site leaked online

Security Affairs

Hackers share SQL databases from unsecured AWS buckets, including the archive belonging to the BGR tech news site in India. Hackers are sharing SQL databases from unsecured Amazon S3 buckets, one of them belongs to the BGR tech news site in India.

Celebrating 20 years of excellence

OpenText Information Management

2020 marks the 20th anniversary of OpenTextTM Exstream.

Lampion malware origin servers geolocated in Turkey

Security Affairs

After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal. Lampion malware is the most critical malware affecting Portuguese users’ last three months.

Threat Model Thursday: BIML Machine Learning Risk Framework

Adam Shostack

The Berryville Institute of Machine Learning (BIML) has released “ An Architectural Risk Analysis of Machine Learning Systems.”

Risk 66

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Change Management: Enterprise Architecture for Managing Change

erwin

Ch-ch-ch-ch-changes … Organizations in every industry are navigating digital transformation , so change management is an important element to consider as part of those efforts. And organizations that embrace change often achieve greater success.

Facial recognition firm Clearview AI reveals intruders stole its client list

Security Affairs

Bad news for the controversial facial recognition startup Clearview AI, hackers gained “unauthorized access” to a list of all of its customers. .

IT 65

Government Employees Unprepared for Ransomware

Dark Reading

Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks

Supplement Oracle EPM with Oracle Analytics and Autonomous Data Warehouse in 10 Weeks

Perficient Data & Analytics

Are you looking to supplement your Oracle EPM applications with enhanced analytics capabilities?

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

What Your Company Needs to Know About Hardware Supply Chain Security

Dark Reading

By establishing a process and framework, you can ensure you're not giving more advanced attackers carte blanche to your environment

The state of AI and information readiness in banking

OpenText Information Management

According to a new report on the global banking industry from Finextra, 45% of retail banks say they can onboard a new customer in under 40 minutes. Yet, only a quarter of respondents felt they could pull front and back end systems together to deliver optimum customer service.

How We Enabled Ransomware to Become a Multibillion-Dollar Industry

Dark Reading

As an industry, we must move beyond one-dimensional approaches to assessing ransomware exposures. Asking these four questions will help

AIIM's Information Management Training - Cost, Options, and FAQs

AIIM

In several recent posts, I’ve talked about professional development options for information management professionals and provided guidance on how to determine whether a particular course or certification is a good fit.

ECM 56

Tense Talk About Supply Chain Risk Yields Few Answers

Dark Reading

RSA panelists locked horns over whether the ban preventing US government agencies from doing business with Huawei is unfairly singling out the Chinese telecom giant

Maximize the Benefits of Information Lifecycle Management

InfoGoTo

Now that the California Consumer Privacy Act (CCPA) is in effect — and as some businesses scramble to comply with the new law’s requirements — the benefits of information lifecycle management have become more clear.

Punjab bans use of WhatsApp in government offices via The Express Tribune

IG Guru

The order of banning WhatsApp use by the provincial government has been taken in light of a decision taken in a meeting of the Cabinet Division on January 31. The post Punjab bans use of WhatsApp in government offices via The Express Tribune appeared first on IG GURU.

Data Retention Best Practices in a Time of Data Privacy Laws

InfoGoTo

The California Consumer Privacy Act (CCPA), which went into effect at the beginning of 2020, and other data privacy laws in place or being contemplated underscore the need for organizations to adhere to data retention best practices now.

Paper 56