May, 2019

Change is scary. Disruption is scary. Being left behind is scarier

DXC Technology

The world of work is about to change dramatically. Truthfully, it already has been for some time, driven by stunning advances in digital technology and a shift in the job market toward a gig economy. But the already torrid pace of change will accelerate over the next 15 years, rendering unrecognizable many of the tools […]. Career Digital Transformation Leadership and Success adaptability change management collaboration critical thinking

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails?

GUEST ESSAY: Only cloud-based security can truly protect cloud-delivered web applications

The Last Watchdog

Web applications have become central for the existence and growth of any business. This is partly the result of Software as a Service, or SaaS, becoming a preferred mode of consumption for software services.

Cloud 162

Crime Gang Advertises Stolen 'Anti-Virus Source Code'

Data Breach Today

Researchers: 'Fxmsp' Russian Hacking Collective Exploits Victims Via RDP and Active Directory The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S.

Access 285

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

How Encryption Became the Board’s New Best Friend

Thales eSecurity

Originally published in TEISS on May 1, 2019. For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. How things have changed.

More Trending

Germany Talking about Banning End-to-End Encryption

Schneier on Security

Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn't say how.

Legal Threats Make Powerful Phishing Lures

Krebs on Security

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else.

GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value

The Last Watchdog

Social media consumers are getting wise to the joke that when the product is free, they’re the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants.

Study 216

FBI Shutters DeepDotWeb Portal; Suspected Admins Arrested

Data Breach Today

Suspects Accused of Receiving Bitcoins Worth Millions for Referral Fees The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested.

IT 278

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

PayPal's Beautiful Demonstration of Extended Validation FUD

Troy Hunt

Sometimes the discussion around extended validation certificates (EV) feels a little like flogging a dead horse. In fact, it was only September that I proposed EV certificates are already dead for all sorts of good reasons that have only been reinforced since that time.

Google white hat hacker found code execution flaw in Notepad

Security Affairs

The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft’s Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft’s Notepad text editor.

Why Are Cryptographers Being Denied Entry into the US?

Schneier on Security

In March, Adi Shamir -- that's the "S" in RSA -- was denied a US visa to attend the RSA Conference. He's Israeli. This month, British citizen Ross Anderson couldn't attend an awards ceremony in DC because of visa issues. You can listen to his recorded acceptance speech.)

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

Defending a company network is a dynamic, multi-faceted challenge that continues to rise in complexity, year after year after year. Related: Why diversity in training is a good thing. Yet there is a single point of failure common to just about all network break-ins: humans.

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

$63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018.

Google Glitch Left Passwords Unprotected for 14 Years

Adam Levin

Google announced a glitch that stored unencrypted passwords belonging to several business customers, a situation that had been exploitable since 2005.

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Security Affairs

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt.

Fingerprinting iPhones

Schneier on Security

This clever attack allows someone to uniquely identify a phone when you visit a website, based on data from the accelerometer, gyroscope, and magnetometer sensors. We have developed a new type of fingerprinting attack, the calibration fingerprinting attack.

Paper 112

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

A Cisco Router Bug Has Massive Global Implications

WIRED Threat Level

Researchers have discovered a way to break one of Cisco's most critical security features, which puts countless networks at potential risk. Security Security / Cyberattacks and Hacks

Risk 112

DHS Reportedly Warns of Chinese-Made Drones Stealing Data

Data Breach Today

Drones May Be Sending Data Back to China, According to News Reports The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports

Strengthening Our Salesforce Capabilities with Sundog Interactive

Perficient Data & Analytics

Today, Perficient announced it is planning to acquire Sundog Interactive, an award-winning marketing and technology consulting firm that delivers Salesforce solutions to the world’s leading manufacturers.

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

Public Wi-Fi is easily accessible by everyone, as much as free surfing sounds cool, it is risky as well. Let’s see how your data can be hacked easily. In the contemporary world of networking, Wi-Fi has become a vital commodity.

Protecting Yourself from Identity Theft

Schneier on Security

I don't have a lot of good news for you. The truth is there's nothing we can do to protect our data from being stolen by cybercriminals and others.

Account Hijacking Forum OGusers Hacked

Krebs on Security

Ogusers[.]com

Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs

WIRED Threat Level

Two different groups of researchers found another speculative execution attack that can steal all the data a CPU touches. Security Security / Cyberattacks and Hacks

Groups 109

Business Associates Reminded of HIPAA Duties

Data Breach Today

New Guidance Clarifies BA's Responsibility to Safeguard PHI Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

No matter how reliant we ultimately become on cloud storage and streaming media, it’s hard to image consumers ever fully abandoning removable storage devices. There’s just something about putting your own two hands on a physical device, whether it’s magnetic tape, or a floppy disk, or a CD.

LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers

Security Affairs

A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita.

Sales 114

Reverse Engineering a Chinese Surveillance App

Schneier on Security

Human Rights Watch has reverse engineered an app used by the Chinese police to conduct mass surveillance on Turkic Muslims in Xinjiang. The details are fascinating, and chilling. Boing Boing post. china privacy reverseengineering surveillance

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation.