June, 2019

Top 5 ‘objections’ to mobile device management (MDM)

Jamf

Jamf lays to rest a few worries that end users and IT pros have about mobile device management

MDM 78

The Next Big Privacy Hurdle? Teaching AI to Forget

WIRED Threat Level

Opinion: The inability to forget doesn’t only impact personal privacy—it could also lead to real problems for our global security. Security Security / Privacy Opinion

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

Locking down firmware. This is fast becoming a profound new security challenge for all companies – one that can’t be pushed to a side burner. Related: The rise of ‘memory attacks’ I’m making this assertion as federal authorities have just commenced steps to remove and replace switching gear supplied, on the cheap, to smaller U.S. telecoms by Chinese tech giant Huawei. These are the carriers that provide Internet access to rural areas all across America.

Unsecured Database Leaves 8.4TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4TB of email metadata.

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Breach at Cloud Solution Provider PCM Inc.

Krebs on Security

A digital intrusion at PCM Inc. , a major U.S.-based based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned. El Segundo, Calif.

Cloud 227

More Trending

List of data breaches and cyber attacks in June 2019 ­– 39.7 million records leaked

IT Governance

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident.

I'm Leaving IBM

Schneier on Security

Today is my last day at IBM. If you've been following along, IBM bought my startup Resilient Systems in Spring 2016. Since then, I have been with IBM, holding the nicely ambiguous title of "Special Advisor." As of the end of the month, I will be back on my own.

Access 113

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

There’s oil in the state of Maryland – “cyber oil.” With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.”

Instagram Shows Kids' Contact Details in Plain Sight

Data Breach Today

Sharing Email Address, Phone Numbers May Be Risky, Experts Say Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Krebs on Security

Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm.

Radiohead Dropped 18 Hours of Unreleased Music to Screw Pirates

WIRED Threat Level

You can listen to the _OK Computer_–era tracks right here. Security Security / Cyberattacks and Hacks

Project Svalbard: The Future of Have I Been Pwned

Troy Hunt

Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. The prevalence of them seemed to be really ramping up as was the impact they were having on those of us that found ourselves in them, myself included.

Backdoor Built into Android Firmware

Schneier on Security

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

BEST PRACTICES: Do you know the last time you were socially engineered?

The Last Watchdog

This spring marked the 20th anniversary of the Melissa email virus , which spread around the globe, setting the stage for social engineering to become what it is today.

Second Florida City Pays Up Following Ransomware Attack

Data Breach Today

After Struggling With Recovery, City Negotiates a Ransom Payment A second small city in Florida is paying off cybercriminals to recover from a ransomware attack that crippled the municipality's local network. How much did Lake City agree to pay, and how much of that was covered by insurance

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers.

Events 216

Tricky Scam Plants Phishing Links in Your Google Calendar

WIRED Threat Level

Scammers are taking advantage of default calendar settings to try to trick users into clicking malicious links. Security Security / Cyberattacks and Hacks

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions.

IT 110

Risks of Password Managers

Schneier on Security

Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned.

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

The Last Watchdog

It is not often that I hear details about the cyber ops capabilities of the USA or UK discussed at the cybersecurity conferences I attend. Related: We’re in the golden age of cyber spying Despite the hush-hush nature of Western cyber ops, it is axiomatic in technology and intelligence circles that the USA and UK possess deep hacking and digital spying expertise – capabilities which we regularly deploy to optimize our respective positions in global affairs.

Unsecured Database Leaves 8.4 TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4 TB of email metadata.

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Krebs on Security

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication.

The Infrastructure Mess Causing Countless Internet Outages

WIRED Threat Level

You may not have heard of the Border Gateway Protocol, but you definitely know when it goes wrong. Security Security / Security News

Announcing Enterprise Suite 5.0

Micro Focus

Rapid mainframe app delivery, with even greater scale and skill Digital means change and change, without care, means risk.

Risk 108

iPhone Apps Surreptitiously Communicated with Unknown Servers

Schneier on Security

Long news article ( alternate source ) on iPhone privacy, specifically the enormous amount of data your apps are collecting without your knowledge.

5 ways to detect a phishing email – with examples

IT Governance

Phishing is one of the most longstanding and dangerous methods of cyber crime. It uses deceptive messages to trick victims into clicking bogus links, downloading malicious attachments or sending sensitive information. Despite what people think they know about phishing, they consistently fall victim.

Ex-Equifax CIO Gets 4-Month Prison Term for Insider Trading

Data Breach Today

Tracing the Supply Chain Attack on Android

Krebs on Security

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices.

Cloud 197

Much @Stake: The Band of Hackers That Defined an Era

WIRED Threat Level

Today's cybersecurity superstars share a common thread—one that leads back to early hacking group Cult of the Dead Cow. Security Security / Security News

ESET analyzes Turla APT’s usage of weaponized PowerShell

Security Affairs

Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats.