August, 2019

What We Can Learn from the Capital One Hack

Krebs on Security

On Monday, a former Amazon employee was arrested and charged with stealing more than 100 million consumer applications for credit from Capital One.

New to Autonomous Security? The Components, The Reality, and What You Can Do Today.

ForAllSecure

Autonomy is just another word for automating decisions. And we can make cyber more autonomous. This has been proven in in-depth scientific work in top-tier research venues, a 2016 public demonstration by DARPA (the Defense Advanced Research Projects Agency), and new industry tools.

7 Ways To Prepare Data For In Age Of Privacy and Information Governance

Information Governance Perspectives

7 Ways To Prepare Data In The Age Of Privacy and Information Governance Content may still be king, but now the rights to some of it may belong to the people!

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

Europe came down hard this summer on British Airways and Marriott for failing to safeguard their customers’ personal data.

Tools 164

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Election Security Program Aims to Mitigate Ransomware Risks

Data Breach Today

Department of Homeland Security to Help With Database Protections Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election.

More Trending

Rethinking the Value of Premium SSL Certificates

PerezBox

There is an active campaign to reshape how online consumers see SSL certificates, with special interest in shutting down premium certificates by the browsers and security practitioners. This article will. Read More. The post Rethinking the Value of Premium SSL Certificates appeared first on PerezBox.

Minimizing Automation Bias in Machine Learning

Data Breach Today

Microsoft's Diana Kelley Says Diversity Is Key Component for Resilient ML Models Developing robust and resilient machine learning models requires diversity in the teams working on the models as well as in the datasets used to train the models, says Microsoft's Diana Kelley

Who Owns Your Wireless Service? Crooks Do.

Krebs on Security

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary.

Overcoming the Challenge of Unstructured Information

AIIM

According to AIIM research, 75% of the organizations we surveyed view digital transformation as “important” or “very important” to their organization. Survey respondents point to techniques like advanced data capture, machine learning, and process automation to provide the powerful potential to reengineer and improve core business processes.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded $76,000, paid in Bitcoin, for a decryption key.

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking

WIRED Threat Level

For two years, a handful of websites have indiscriminately hacked thousands of iPhones. Security Security / Cyberattacks and Hacks

List of data breaches and cyber attacks in August 2019 – 114.6 million records leaked

IT Governance

At first glance, August has been a quiet month for data breaches, with a total of 114,686,290 breached records. That’s about 10 percent of the monthly average coming into the month. But that figure comes from 95 incidents in total, which is the highest number of breaches we’ve had all year.

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

Data Breach Today

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Meet Bluetana, the Scourge of Pump Skimmers

Krebs on Security

“ Bluetana ,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests.

The Myth of Consumer-Grade Security

Schneier on Security

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that's not possible, because there is no longer any difference between those categories of devices.

MY TAKE: Can embedding security deep inside mobile apps point the way to securing IoT?

The Last Watchdog

The full blossoming of the Internet of Things is on the near horizon – or is it? Enterprises across the planet are revving up their IoT business models, and yet there is a sense of foreboding about a rising wave of IoT-related security exposures.

IoT 168

Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Security Affairs

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Extended Validation Certificates are (Really, Really) Dead

Troy Hunt

Almost one year ago now, I declared extended validation certificates dead.

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning.

The Rise of “Bulletproof” Residential Networks

Krebs on Security

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers.

Retail 236

Hackers Can Break Into an iPhone Just by Sending a Text

WIRED Threat Level

You don't even have to click anything. Security Security / Cyberattacks and Hacks

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

The Last Watchdog

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls.

Ransomware attack hits DDS Safe backup service used by hundreds of dental offices

Security Affairs

The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe.

Software Vulnerabilities in the Boeing 787

Schneier on Security

FBI Arrests Nigerian Suspect in $11 Million BEC Scheme

Data Breach Today

Scam Targeted UK Affiliate of US Heavy Equipment Firm Caterpillar, Prosecutors Allege The FBI has arrested a Nigerian businessman for allegedly carrying out an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Krebs on Security

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states.

Sales 231

Hackers Could Decrypt Your GSM Phone Calls

WIRED Threat Level

Researchers have discovered a flaw in the GSM standard used by AT&T and T-Mobile that would allow hackers to listen in. Security Security / Cyberattacks and Hacks

Welcoming the Irish Government to Have I Been Pwned

Troy Hunt

Over the last year and a bit I've been working to make more data in HIBP freely available to governments around the world that want to monitor their own exposure in data breaches.

Experts uncovered a hacking campaign targeting several WordPress Plugins

Security Affairs

Researchers at Wordfence reported an ongoing hacking campaign exploiting security flaws in some WordPress plugins.

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

The Last Watchdog

Company officials at Capital One Financial Corp ought to have a crystal clear idea of what to expect next — after admitting to have allowed a gargantuan data breach. Capital One’s mea culpa coincided with the FBI’s early morning raid of a Seattle residence to arrest Paige Thompson. Authorities charged the 33-year-old former Amazon software engineer with masterminding the hack.