June, 2019

Top 5 ‘objections’ to mobile device management (MDM)

Jamf

Jamf lays to rest a few worries that end users and IT pros have about mobile device management

MDM 75

The Next Big Privacy Hurdle? Teaching AI to Forget

WIRED Threat Level

Opinion: The inability to forget doesn’t only impact personal privacy—it could also lead to real problems for our global security. Security Security / Privacy Opinion

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

Locking down firmware. This is fast becoming a profound new security challenge for all companies – one that can’t be pushed to a side burner. Related: The rise of ‘memory attacks’ I’m making this assertion as federal authorities have just commenced steps to remove and replace switching gear supplied, on the cheap, to smaller U.S. telecoms by Chinese tech giant Huawei. These are the carriers that provide Internet access to rural areas all across America.

Unsecured Database Leaves 8.4TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4TB of email metadata.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Breach at Cloud Solution Provider PCM Inc.

Krebs on Security

A digital intrusion at PCM Inc. , a major U.S.-based based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned. El Segundo, Calif.

Cloud 228

More Trending

List of data breaches and cyber attacks in June 2019 ­– 39.7 million records leaked

IT Governance

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident.

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions.

IT 114

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

There’s oil in the state of Maryland – “cyber oil.” With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.”

Instagram Shows Kids' Contact Details in Plain Sight

Data Breach Today

Sharing Email Address, Phone Numbers May Be Risky, Experts Say Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Krebs on Security

Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm.

I'm Leaving IBM

Schneier on Security

Today is my last day at IBM. If you've been following along, IBM bought my startup Resilient Systems in Spring 2016. Since then, I have been with IBM, holding the nicely ambiguous title of "Special Advisor." As of the end of the month, I will be back on my own.

Access 112

Radiohead Dropped 18 Hours of Unreleased Music to Screw Pirates

WIRED Threat Level

You can listen to the _OK Computer_–era tracks right here. Security Security / Cyberattacks and Hacks

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse.

IoT 112

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

BEST PRACTICES: Do you know the last time you were socially engineered?

The Last Watchdog

This spring marked the 20th anniversary of the Melissa email virus , which spread around the globe, setting the stage for social engineering to become what it is today.

Second Florida City Pays Up Following Ransomware Attack

Data Breach Today

After Struggling With Recovery, City Negotiates a Ransom Payment A second small city in Florida is paying off cybercriminals to recover from a ransomware attack that crippled the municipality's local network. How much did Lake City agree to pay, and how much of that was covered by insurance

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers.

Events 211

Project Svalbard: The Future of Have I Been Pwned

Troy Hunt

Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. The prevalence of them seemed to be really ramping up as was the impact they were having on those of us that found ourselves in them, myself included.

Backdoor Built into Android Firmware

Schneier on Security

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.

Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail

Security Affairs

Belgium police have identified a member of the Anonymous Belgium collective while investigating an arson case at a local bank. The Anonymous member is a 35-year-old man from Roeselare, Belgium, was arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, back in 2014.

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

The Last Watchdog

It is not often that I hear details about the cyber ops capabilities of the USA or UK discussed at the cybersecurity conferences I attend. Related: We’re in the golden age of cyber spying Despite the hush-hush nature of Western cyber ops, it is axiomatic in technology and intelligence circles that the USA and UK possess deep hacking and digital spying expertise – capabilities which we regularly deploy to optimize our respective positions in global affairs.

Ex-Equifax CIO Gets 4-Month Prison Term for Insider Trading

Data Breach Today

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Krebs on Security

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication.

Tricky Scam Plants Phishing Links in Your Google Calendar

WIRED Threat Level

Scammers are taking advantage of default calendar settings to try to trick users into clicking malicious links. Security Security / Cyberattacks and Hacks

What does it mean to be Canadian?

OpenText Information Management

On this Canada Day, I thought of no better question to ask myself than: “What does it mean to be Canadian?” For nearly a decade, I have served as CEO and CTO at OpenText, Canada’s largest software company and member of the TSX-60.

IT 106

Massive DDos attack hit Telegram, company says most of junk traffic is from China

Security Affairs

Encrypted messaging service Telegram was hit by a major DDoS attack apparently originated from China, likely linked to the ongoing political unrest in Hong Kong.

Risks of Password Managers

Schneier on Security

Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned.

Privileged Attack Vectors: Key Defenses

Data Breach Today

Access 252

Tracing the Supply Chain Attack on Android

Krebs on Security

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “ Yehuo ” or “ Blazefire.”

Cloud 179

The Infrastructure Mess Causing Countless Internet Outages

WIRED Threat Level

You may not have heard of the Border Gateway Protocol, but you definitely know when it goes wrong. Security Security / Security News

5 ways to detect a phishing email – with examples

IT Governance

Phishing is one of the most longstanding and dangerous methods of cyber crime. It uses deceptive messages to trick victims into clicking bogus links, downloading malicious attachments or sending sensitive information. Despite what people think they know about phishing, they consistently fall victim.

Recently a large chunk of European mobile traffic was rerouted through China Telecom

Security Affairs

On June 6, for more than two hours China Telecom re-routed through its infrastructure a large chunk of European mobile traffic. In November security researchers Chris C.

Groups 113