Mon.Oct 07, 2019

Unpatched VPN Servers Targeted by Nation-State Attackers

Data Breach Today

Groups 256

NEW TECH: Human operatives maintain personas, prowl the Dark Net for intel to help companies

The Last Watchdog

It seems like any discussion of cybersecurity these days invariably circles back to automation. Our growing fixation with leveraging artificial intelligence to extract profits from Big Data – for both constructive and criminal ends—is the order of the day.

New Zealand Breach May Affect 1 Million

Data Breach Today

Health Data Breach Could Have Started as Early as 2016 Officials in New Zealand are investigating one or more data breaches at a healthcare provider that could have affected nearly 1 million patients.

D-Link router models affected by remote code execution issue that will not be fixed

Security Affairs

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Malicious Bots: Mitigating the Threat

Data Breach Today

Eric Bucher of Sequence Security on the Role of Machine Learning Malicious bot attacks are on the rise. Eric Bucher of Cequence Security describes the role machine learning can play in mitigating the threat

More Trending

Report: Android Banking Botnet Targeted Russians

Data Breach Today

Researchers Discovered Geost Botnet After Attackers Made Operational Security Mistakes A large-scale banking botnet has targeted approximately 800,000 Android devices belonging to Russian citizens since at least 2016, according to a new research report by a trio of cybersecurity researchers

Hackers continue to exploit the Drupalgeddon2 flaw in attacks in the wild

Security Affairs

Researchers from Akamai uncovered a new campaign targeting the Drupalgeddon2 vulnerability to deliver malware. The popular security expert Larry W. Cashdollar from Akamai has uncovered a new campaign targeting the popular Drupalgeddon2 vulnerability ( CVE-2018-7600 ) to deliver malware.

CMS 109

Initial CCPA Compliance Costs Could Hit $55 Billion: Study

Data Breach Today

Report Estimates Anticipated Expenses for California Consumer Privacy Act Compliance The California Consumer Privacy Act could cost companies in the state a total of $55 billion for initial compliance expenses, according to a new study prepared for the state attorney general's office.

Study 194

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

The popular data breach notification service Have I Been Pwned? HIBP) has added the stolen data from the StreetEasy and Sephora data incidents.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

How Google Is Using AI to Help Ensure Android App Security

Data Breach Today

Google Security Evangelist Mike Burr Describes Android Security Measures Mike Burr of Google provides an overview of Android security efforts, including using artificial intelligence to scan Android apps

Users reported problems with patches for CVE-2019-1367 IE zero-day

Security Affairs

Patches for Internet Explorer Zero-Day Causing Problems for Many Users. Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch.

How to Prioritize Vulnerability Patching

Data Breach Today

How To 185

Edward Snowden's Memoirs

Schneier on Security

Ed Snowden has published a book of his memoirs: Permanent Record. I have not read it yet, but I want to point you all towards two pieces of writing about the book.

Sales 91

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

New Card Fraud Countermeasures

Data Breach Today

Gord Jamieson of Visa Canada Offers an Update Gord Jamieson of Visa Canada offers an update on fraud-fighting efforts by describing two new fraud schemes and Visa's countermeasures

163
163

What is the ethical supply chain?

OpenText Information Management

Today, supply chains are considered strategic to the business, and meeting customer expectations for ethical and sustainable supply chain operations is increasingly becoming a top priority for supply chain managers.

Responding to Ransomware Attacks: Critical Steps

Data Breach Today

Organizations must take a number of critical steps to prepare a response to ransomware attacks before they hit, says Caleb Barlow, the new president and CEO of security consulting firm CynergisTek, who offers a guide

D-Link Home Routers Open to Remote Takeover Will Remain Unpatched

Threatpost

CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device. Vulnerabilities CVE-2019-16920 D-Link end-of-life Home routers remote code execution unpatched

114
114

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

6 Active Directory Security Tips for Your Poor, Neglected AD

Dark Reading

The unappreciated core of your enterprise IT network needs your security team's TLC. Here are a few ways to give Active Directory the security love it needs

Tips 113

Vulnerable Twitter API Leaves Tens of Thousands of iOS Apps Open to Attacks

Threatpost

Millions of iOS users could be vulnerable to man-in-the-middle attacks that trace back to flawed Twitter code used in popular iPhone apps. Mobile Security Vulnerabilities CVE-2019-16263 Fraunhofer SIT ios iphone it-sa 2019 oauth Twitter API twitter Kit

IT 114

5 things HR departments need to know about data protection

IT Governance

HR plays a crucial role in an organisation’s GDPR (General Data Protection Regulation) compliance. The department is full of personal data, whether it’s of employees, their next of kin or candidates responding to job adverts.

Alabama Hospitals Pay Up in Ransomware Attack

Threatpost

A trio of Alabama hospitals have decided to pay for a decryption key. Cryptography Hacks Malware Alabama dch health system Hospitals payment ransomware

Lack of Role Models, Burnout & Pay Disparity Hold Women Back

Dark Reading

New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry

California Bans Deepfakes in Elections, Porn

Threatpost

A pair of laws provides recourse for victims of deepfake technology. Facebook Hacks Privacy adult content. legislation ban California deepfake Election influence campaign

Magecart Skimmers Spotted on 2M Websites

Dark Reading

Researchers say supply chain attacks are responsible for the most significant spikes in Magecart detections

86

Iran-linked Hackers Target Trump 2020 Campaign, Microsoft says

Threatpost

A group called Phosphorous has been trying to access Microsoft-based email accounts of people associated with the campaign. Government Web Security 2020 election cyber attacks cyber warfare Hackers Irán Microsoft Microsoft Threat Intelligence Center Phosphorus President Trump

Groups 112

Drupalgeddon2 Vulnerability Still Endangering CMSes

Dark Reading

A new wave of attacks has been discovered on Drupal-based content management systems that weren't patched for the older flaw

86

Job growth for software pros shows first decline in nearly two years

Information Management Resources

Tech occupation across the entire U.S. economy took a hit last month, declining by some 261,000 jobs. Career moves Bureau of Labor Statistics Software professionals

52