Mon.Aug 12, 2019

SEC Investigating Data Leak at First American Financial Corp.

Krebs on Security

The U.S. Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp.

Data 210

Apple Expands Bug Bounty; Raises Max Reward to $1 Million

Data Breach Today

Move Generates Praise From Security Experts Apple is opening up its bug bounty program to all researchers, increasing the rewards and expanding the scope of qualifying products in a bid to attract tips on critical software flaws.

Tips 198

6 ways to put your data to practical use now

Information Management Resources

Countless articles advise today's business leaders to use the data they have, and you've probably read some of them. However, many people intend to start examining data but stop short of doing it

Big Data Analytics' Role in Security

Data Breach Today

Splunk's Haiyan Song Shares Insights on Addressing Emerging Threats Big data analytics can help security professionals stay ahead of emerging challenges in a rapidly changing threat landscape, says Splunk's Haiyan Song

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

5 trends that are driving cloud computing investments

Information Management Resources

The cloud has a rich history of continual improvements, and 2019 marks a time of some fairly significant ones that enhance capabilities, simplify operations and reduce costs

Trends 146

More Trending

Extended Validation Certificates are (Really, Really) Dead

Troy Hunt

Almost one year ago now, I declared extended validation certificates dead.

Members of Chinese Espionage Group Develop a 'Side Business'

Data Breach Today

Groups 156

FBI is searching for contractors to monitor social media

Security Affairs

The FBI is searching for contractors to monitor social media for potential threats, the announcement raises concerns for user privacy. The abuse of social media passwords for malicious purpose is quite common, for this reason, the FBI is searching for contractors to monitor them.

Unsecure Drivers Allow for Easy Windows Hacking: Report

Data Breach Today

Study Identifies 40 Certified Drivers From 20 Vendors That Open the Door to Attacks Researchers from the security firm Eclypsium have identified 40 poorly designed drivers from 20 hardware and BIOS vendors that can give attackers numerous way to hack into various versions of Windows

Study 154

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

Canon DSLR Camera Infected with Ransomware Over the Air. A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air.

The Role of the Cloud in Updating Security

Data Breach Today

RiskIQ's Aaron Mog on the Need for a Security Rebirth The velocity of change at large corporations has made traditional IT security methods inadequate, but cloud-based solutions can play an important role, says Aaron Mog of RiskIQ

Cloud 154

Recently Cloud Atlas used a new piece of polymorphic malware

Security Affairs

Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations.

Cloud 93

A New Credential for Healthcare Security Leaders

Data Breach Today

A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Watch out, your StockX account details may be available in crime forums

Security Affairs

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Last week media reported the hack of StockX , the fashion and sneaker trading platform.

Evaluating the NSA's Telephony Metadata Program

Schneier on Security

Interesting analysis: " Examining the Anomalies, Explaining the Value: Should the USA FREEDOM Act's Metadata Program be Extended? " by Susan Landau and Asaf Lubin.

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country. Related: SMBs struggle to mitigate cyber attacks As city governments struggle to recover access to their data, hackers are already turning their sites on their next targets: small and medium-sized businesses (SMBs).

Gamers Beware: Zero-Day in Steam Client Affects All Windows Users


An elevation-of-privilege bug allows attackers to run any program on a target machine with high privileges. Vulnerabilities Web Security felix HackerOne privilege escalation Steam steam client unpatched Valve Windows Windows registry zero day

How to Get Rich and Be Super Creepy

Adam Levin

If you missed the news about Russian-owned FaceApp going viral, you’ve probably been vacationing on the coast of a dust pond on the dark side of the moon. It highlights the general lack of privacy laws out there, and may herald the start of meaningful legislation.

Security Flaws Discovered in 40 Microsoft-Certified Device Drivers

Dark Reading

Attackers can use vulnerable drivers to escalate privilege and execute malicious code in every part of the system

Rethinking the Value of Premium SSL Certificates


There is an active campaign to reshape how online consumers see SSL certificates, with special interest in shutting down premium certificates by the browsers and security practitioners. This article will. Read More. The post Rethinking the Value of Premium SSL Certificates appeared first on PerezBox.

6 Security Considerations for Wrangling IoT

Dark Reading

The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls

IoT 95

Black Hat 2019 News Wrap: The Best and Worst of the Show


Threatpost breaks down the highs and lows from Black Hat 2019, from new vulnerabilities and industry collaboration to a scandal around a sponsored session.

Modern-Day SOCs: People, Process & Technology

Dark Reading

As businesses look to the future and invest in next-generation tools, here are some considerations for more effective planning

Tools 94

Tips for Successful Zero-Trust Implementation


"Never trust, always verify" is a solid security concept -- but it's important to realize that putting it into practice can be complex.

Tips 86

Researchers Show How SQLite Can Be Modified to Attack Apps

Dark Reading

New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check Point says


Filing Systems: The five components to success, part 1

TAB OnRecord

This blog series highlights the components of a successful physical filing system. In part one we’ll introduce the concept of a complete filing system and take a look at the first three components, including storage equipment, containers and coding.

Blog 78

Security Pros, Congress Reps Talk National Cybersecurity at DEF CON

Dark Reading

Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate

Why hybrid cloud environments require live data replication technology

IBM Big Data Hub

The best decisions are made by extracting value from all the disparate data across your business. Yet aggregating data across external sources, regional silos and various forms of storage is not an easy challenge to solve

Cloud 77

FBI Plans to Monitor Social Media May Spark Privacy Issues

Dark Reading

A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance

Data 85

Jesse Wilkins of AIIM provides advice on how to handle records when an employee leaves

IG Guru

A great article provided by our friend Jesse Wilkins at AIIM. Read here. The post Jesse Wilkins of AIIM provides advice on how to handle records when an employee leaves appeared first on IG GURU.

DEF CON Voting Village: It's About 'Risk'

Dark Reading

DHS, security experts worry about nation-state or other actors waging a disruptive or other attack on the 2020 election to sow distrust of the election process

Risk 82