Thu.Jun 13, 2019

Empower Employees While Preventing Insider Data Breaches

Data Breach Today

Massive DDos attack hit Telegram, company says most of junk traffic is from China

Security Affairs

Encrypted messaging service Telegram was hit by a major DDoS attack apparently originated from China, likely linked to the ongoing political unrest in Hong Kong.

House Approves Lifting HHS Ban on Unique Patient IDs

Data Breach Today

Amendment - Part of a Funding Bill - Still Has a Long Way to Go The House of Representatives has approved an amendment that would lift a 20-year ban on the Department of Health and Human Services funding the development or adoption of a unique, national patient identifier.

Millions of Exim mail servers are currently under attack

Security Affairs

Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage the CVE-2019-10149 flaw.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Top Drivers for Privileged Account Management

Data Breach Today

Grant Burst of Wallix Says Operational Technology Driving More PAM Rollouts When it comes to drivers for implementing and maintaining privileged access management programs, Wallix's Grant Burst says that demonstrating compliance and safety remain top priorities.

IoT 154

More Trending

Proactive Mitigation: A Cybersecurity Imperative

Data Breach Today

Akamai's Jay Coley on Blunting Hackers by Blocking Emerging Types of Attacks A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley

Gain Certification Skills and Earn Digital badges at Enterprise World 19

OpenText Information Management

Now more than ever, technical certifications help launch and accelerate careers. In technology roles, advancing your career is about demonstrating the skills you bring to an organization and the value you can add, not simply how long you’ve been in the industry.

Security skills gap remains huge, and incidents are growing as a result

Information Management Resources

The cyber security skills shortage is worsening for the third straight year and has affected nearly three quarters of organizations, according to a new study. Data security Cyber security Cyber attacks

Study 123

WAGO Industrial Switches affected by multiple flaws

Security Affairs

A security expert at SEC Consult discovered that some WAGO industrial managed switches are affected by several serious vulnerabilities. A security researcher at consulting company SEC Consult discovered several vulnerabilities in some models of WAGO industrial switches.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

What is data protection by design and default

IT Governance

If your organisation is subject to the GDPR (General Data Protection Regulation) , you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold.

Flaw in Evernote Web Clipper for Chrome extension allows stealing data

Security Affairs

Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users.

Video 82

7 Truths About BEC Scams

Dark Reading

Business email compromise attacks are growing in prevalence and creativity. Here's a look at how they work, the latest stats, and some recent horror stories

113
113

Hack Yourself First - The UK Tour by Scott Helme

Troy Hunt

It's the Hack Yourself First UK Tour! I've been tweeting a bit about this over recent times and had meant to write about it earlier, but I've been a little busy of late. Last year, I asked good friend and fellow security person Scott Helme to help me out running my Hack Yourself First workshops.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

SQL Injection Attacks Represent Two-Third of All Web App Attacks

Dark Reading

When Local File Inclusion attacks are counted, nearly nine in 10 attacks are related to input validation failures, Akamai report shows

111
111

Rocket.Build 2019: Raising the bar year after year

Rocket Software

Some of my favorite memories as a kid were family picnics in the summer. From a kid’s perspective, it’s clear why. I had more friends and family to play with than usual, and I could eat as much food as I wanted (an obvious win.)

Blog 74

DNS Firewalls Could Prevent Billions in Losses to Cybercrime

Dark Reading

New analysis shows widespread DNS protection could save organizations as much as $200 billion in losses every year

Report on the Stalkerware Industry

Schneier on Security

Citizen Lab just published an excellent report on the stalkerware industry. citizenlab gdpr privacy reports surveillance

Cyberattack Hits Aircraft Parts Manufacturer

Dark Reading

Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear

Evernote Critical Flaw Opened Personal Data of Millions to Attack

Threatpost

Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users. Vulnerabilities Web Security chrome browser critical vulnerability cross site scripting attack evernote Evernote extension Proof of Concept

Data 100

DNS Firewalls Could Save Companies Billions

Dark Reading

New analysis shows widespread DNS protection could save organizations as much as $200 billion in losses every year

The Chief Data Officer: A Key Advocate for Information Governance

InfoGoTo

The role of Chief Data Officer (CDO) is becoming more prevalent in many organizations as their strategic goals evolve to meet the challenges of the fast-growing, data-centered economy. What Does the CDO Do?

BlueKeep RDP Vulnerability a Ticking Time Bomb

Dark Reading

One month after Microsoft disclosed the flaw, nearly 1 million systems remain unpatched, and Internet scans looking for vulnerable systems have begun increasing

96

High-Severity Cisco Flaw in IOS XE Enables Device Takeover

Threatpost

A high-severity flaw could give attackers full control of Cisco routers or switches. IoT Vulnerabilities Cisco cisco flaw Cisco IOS XE Software Cross-site request forgery high severity flaw IOS XE patch Router switch

IoT 95

Five steps to a successful migration to cloud-based SaaS applications

DXC Technology

A digital transformation can deliver improved flexibility, faster speed-to-market and reduced costs, but only if you go about things in the right way. One path to a successful digital transformation is to move traditional applications to cloud-based software-as-a-service (SaaS) applications, a migration that requires a data-driven approach and using technology in strategic, new ways. Traditionally, […]. Applications Partners application migration oracle SaaS

Congress Gives 'Hack Back' Legislation Another Try

Dark Reading

Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks

94

Telegram CEO Fingers China State Actors for DDoS Attack

Threatpost

Durov took to Twitter to hint that Beijing tried to take Telegram offline to disrupt the Hong Kong protests. Government Web Security China DDoS hong kong protests pavel durov secure messaging state actors telegram twitter

Black Hat Q&A: Defending Against Cheaper, Accessible 'Deepfake' Tech

Dark Reading

ZeroFox's Matt and Mike Price discuss their work researching cybersecurity responses to the rising tide of 'deepfake' videos

Video 92

Max-Severity Bug in Infusion Pump Gateway Puts Lives at Risk

Threatpost

The critical bug in a connected medical device can allow an attacker to remotely manipulate hospital pumps, either to withhold meds or dispense too much.

Risk 91

The CISO's Drive to Consolidation

Dark Reading

Cutting back on the number of security tools you're using can save money and leave you safer. Here's how to get started

Tools 92

20 Years After Google: In Search of a Better Way to Search

Information Governance Perspectives

From its inception the internet has always been about search… searching for that answer, that perfect example, that one you love?

How to Dominate the Domains of the NEW CIP - D3: Digitalizing Core Business Processes

AIIM

Welcome back to this continuing series on the updated Certified Information Professional (CIP) exam. In this post, I'll be focusing on Domain 3, Digitalizing Core Business Processes.