Tue.Jun 11, 2019

Unsecured Database Leaves 8.4 TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4 TB of email metadata.

Radiohead Dropped 18 Hours of Unreleased Music to Screw Pirates

WIRED Threat Level

You can listen to the _OK Computer_–era tracks right here. Security Security / Cyberattacks and Hacks

US Border License Plate and Traveler Photos Exposed

Data Breach Today

Hack Attack Victim May Be Contractor Perceptics; Stolen Data Spotted on Dark Web License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked.

OpenText Discovery Project Manager Spotlight: Michael LaBrie

OpenText Information Management

Throughout Michael LaBrie’s career he’s had the opportunity to work on all sorts of different projects: Mergers and acquisitions, joint-defense groups (JDG), multi-district litigations (MDL), international antitrust matters, and everything in between.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

UK Man Sentenced for 2015 TalkTalk Hack

Data Breach Today

22-Year-Old Also Attacked His Former School The fallout from the 2015 TalkTalk hack continues as a 22-year-old U.K. man was sentenced to jail Monday for his role in the attack and other cybercrimes, including an attack against his former school


More Trending

No Invitation Required: Hackers Can Phish Evite Users

Data Breach Today

Social-Planning Website Says Pre-2014 User Database Has Been Stolen Online invitation site Evite has been hacked and information on an unspecified number of users stolen.

Think you’re not susceptible to phishing? Think again

IT Governance

A version of this blog was originally published on 8 January 2018. On average, one in ten emails is a phishing scam. With all that experience, you’d think we’d be pretty good at spotting malicious messages by now. According to a PhishMe survey , many of us think that’s the case.

Boosting Secure Coding Practices

Data Breach Today

Carlos Pero of Zurich Insurance on Gaining Buy-In Carlos Pero, who heads cyber application security at Zurich Insurance, discusses how to get developers to buy in to secure coding practices

A Top Voting-Machine Firm Is Finally Taking Security Seriously

WIRED Threat Level

The long-awaited shift from paperless ballots could make elections more secure. Security

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

The Shifting Sands of Financial Fraud

Data Breach Today

Trace Fooshee of Aite Group on the Top Emerging Trends What are the top trends shaping the rising tide of financial fraud in 2019, and what can security professionals expect in the months and years to come? Trace Fooshee of Aite Group discusses changes in the fraud landscape

Trends 156

Poor data quality causing majority of artificial intelligence projects to stall

Information Management Resources

Nearly eight out of 10 organizations using AI and ML report that projects have stalled, and 96 percent of these companies have run into problems with data quality, says a new study. Artificial intelligence Machine learning Data quality

What Stands Out in Proposed Premera Lawsuit Settlement?

Data Breach Today

What stands out most about a proposed $74 million settlement of a class action lawsuit against Premera Blue Cross in the wake of a 2014 data breach? Technology attorney Steven Teppler offers insights in this interview

Customs and Border Protection (CBP) confirms hack of a subcontractor

Security Affairs

Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen by hackers. Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

What 3 Powerful GoT Women Teach Us about Cybersecurity

Dark Reading

Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security

How Ursnif Evolves to Keep Threatening Italy

Security Affairs

For months the Italian users have been targeted by waves of malspam delivering infamous Ursnif variants, Yoroi-Cybaze ZLab detailed its evolution. Introduction. For months the Italian users have been targeted by waves of malspam delivering infamous Ursnif variants.

Workshop on the Economics of Information Security

Schneier on Security

Last week, I hosted the eighteenth Workshop on the Economics of Information Security at Harvard. Ross Anderson liveblogged the talks. conferences economicsofsecurity securityconferences

Linux Command-Line Editors Vulnerable to High-Severity Bug


A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations. Hacks Vulnerabilities Command-Line Editor CVE-2019-12735 Linux Neovim poc Trojan Vim vulnerability


Cross-Site Scripting Errors Continue to Be Most Common Web App Flaw

Dark Reading

In vulnerability disclosure programs, organizations are paying more in total for XSS issues than any other vulnerability type, HackerOne says


Google Calendar Attacks Target Unwitting Mobile Users


Automatic invite notifications are spreading malicious links. Mobile Security Web Security attack vector automatic calendar notifications calendar phishing google calendar attack Kaspersky malicious links mobile users phishing campaign

Governing the onslaught of connected devices – what’s at stake for enterprises?

Information Management Resources

While the IoT trend still has a long way to play out, getting data governance practices in order will be a key factor in determining which firms succeed at the highest level. Internet of things Data management Data strategy

IoT 95

FBI Warns of Dangers in 'Safe' Websites

Dark Reading

Criminals are using TLS certificates to convince users that fraudulent sites are worthy of their trust


Microsoft Patches Four Publicly-Known Vulnerabilities


In total, 88 unique vulnerabilities were patched as part of Microsoft’s June Patch Tuesday security bulletin. Vulnerabilities Web Security elevation of privilege june patch tuesday Microsoft microsoft patch tuesday patch tuesday Publicly Know Vulnerabilities Windows Windows Shell

Salesforce dreams of being Microsoft or Oracle

Information Management Resources

Salesforce.com Inc.’s s latest acquisition shows yet again that Marc Benioff’s company has the ambition to become a more sprawling software superpower and is willing to pay a steep price to get there. Hardware and software Data management Salesforce

Data 90

Critical Adobe Flash, ColdFusion Vulnerabilities Patched


Adobe issued patches for 11 vulnerabilities overall across its Flash, ColdFusion and Campaign products. Vulnerabilities Web Security adobe Adobe Campaign Adobe ColdFusion adobe flash arbitrary code execution Critical flaws june patch update patch tuesday vulnerability

IT 92

Rocket.Build 2019: Taking on deep-data discovery

Rocket Software

Information technology is rising from the ashes of its greatest revolution; a war between data and platform. And by nearly all counts, the winner is clear: data has won. Here in Boston, Rocket Software is enjoying our sixth, and biggest Rocket.Build hackathon event.

Troy Hunt Looks to Sell Have I Been Pwned


"Project Svalbard" has commenced, as Hunt looks for the right company to take over the password-focused service. Breach Cloud Security Privacy Web Security Credential stuffing have i been pwnd looking for a buyer m&a Passwords project svalbard sale Troy Hunt

Sales 91

Hackers are Hurting the Internet of Things in More Ways Than you Think


The Internet of Things (IoT) may not sound like something security folk should get worked up over, until you realize that it’s the unsecured Internet-of -Pacemakers, -Baby Monitors, -Wireless Gadgets and countless other “Things” that vendors are connecting to the internet. If you’re wondering how many Internet-of-Things “things” it takes to be “countless,” there will be more than 20 billion connected devices by 2020, according to Gartner.

IoT 63

Radiohead Gets ‘Hacked,’ a T-Mobile/Sprint Hiccup, and More News

WIRED Threat Level

Catch up on the most important news from today in two minutes or less. Security Security / Cyberattacks and Hacks

'Have I Been Pwned' Is Up for Sale

Dark Reading

Troy Hunt, who has been running HIBP solo for six years, launched "Project Svalbard" so the site can evolve with more resources, funding, and support

Sales 88

Adobe Patch Tuesday updates fix code execution issues in Campaign, ColdFusion, and Flash

Security Affairs

Adobe Patch Tuesday updates for June 2019 address several critical arbitrary code execution flaws in Flash Player, ColdFusion and Campaign products.

Getting Up to Speed on Magecart

Dark Reading

Greater awareness of how Magecart works will give your company a leg up on the growing threat from this online credit card skimmer. Here are four places to start