January, 2019

Cybercrime Gangs Advertise Fresh Jobs, Hacking Services

Data Breach Today

Offerings Abound on Darknet Forums; The Dark Overlord Seeks Multilingual Hackers Numerous cybercrime gangs continue to use darknet forums to seek fresh recruits, sell stolen data or advertise hacking services.

Data 284

The 4 stages of cyber resilience

IT Governance

Until recently, organisations often spent almost all of their information security budget on prevention, effectively taking an all-or-nothing approach to the threat of data breaches. They either repelled the attack or faced the consequences head-on.

GDPR 104

Dirt-Cheap, Legit, Windows Software: Pick Two

Krebs on Security

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition.

Start Your Information Journey With A Step Backwards

Weissman's World

You say you’re tired of not being able to find the information you’re looking for. You say you’re concerned the information you do find is reliable. You say you’re worried about security breaches. And you say you’re ready to do something about it.

Groups 181

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

Security Affairs

The security expert Dirk- jan Mollema with Fox-IT discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user with a mailbox to become a Domain Admin. The experts described the attack scenario in a blog post and published a proof-of-concept code.

More Trending

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.

70,000 affected in B&Q data breach

IT Governance

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. The breached database contained a list of people who had been caught stealing products from B&Q stores.

Apple Phone Phishing Scams Getting Better

Krebs on Security

A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display’s Apple’s logo, address and real phone number, warning about a data breach at the company.

Government Shutdown Leaves Americans More Vulnerable to Identity Theft, Scams

Adam Levin

citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Anatova ransomware – Expert believe it will be a dangerous threat

Security Affairs

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. The name Anatova is based on a name in the ransom note that is dropped on the infected systems.

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car.

Apple Rushes to Fix Serious FaceTime Eavesdropping Flaw

Data Breach Today

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call

Video 269

Do you have a data breach response plan?

IT Governance

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents.

Trojans and Spyware Are Making a Comeback

Adam Levin

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes.

Researchers published the PoC exploit code for Linux SystemD bugs

Security Affairs

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January.

Machine Learning to Detect Software Vulnerabilities

Schneier on Security

No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how , or when.

Airline Booking System Exposed Passenger Details

Data Breach Today

Predictions 2019: Stay Stoney, My Friends.

John Battelle's Searchblog

If predictions are like baseball, I’m bound to have a bad year in 2019, given how well things went the last time around.

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

Happy Data Privacy Day: City Planning Now Mines Everyone’s Data All the Time

Adam Levin

Sidewalk Labs, a subsidiary of Google’s parent company Alphabet, is the go-to story for Data Privacy Day with its new “user-friendly” tool called Replica, which allows city planners see “how, when, and where people travel in urban areas.”.

Mining 110

Exclusive: spreading CSV Malware via Google Sheets

Security Affairs

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor !

No, Spotify Wasn't Hacked

Troy Hunt

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S.

Google fined £44 million in landmark GDPR ruling

IT Governance

Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). .

GDPR 106

“Stole $24 Million But Still Can’t Keep a Friend”

Krebs on Security

Unsettling new claims have emerged about Nicholas Truglia , a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims.

One Man’s Obsessive Fight to Reclaim His Cambridge Analytica Data

WIRED Threat Level

David Carroll has been locked in a legal war to force the infamous company to turn over its files on him. He’s won a battle, but the struggle continues. Backchannel Security

IT 106

Using steganography to obfuscate PDF exploits

Security Affairs

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files.

Collection #1 Mega Breach Leaks 773 Million Email Accounts

Adam Levin

A gigantic trove of email addresses and passwords containing over 2 billion records has been discovered online. The breached data, dubbed “Collection #1” by cybersecurity expert Troy Hunt , is more than 87 gigabytes and contains roughly 773 million email address and 21 million unique passwords.

France Hits Google with $57 Million GDPR Fine

Data Breach Today

Record Privacy Fine Sends Strong Signal to Data-Processing Technology Companies France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation.

GDPR 254

6 tools to help you prevent and respond to data breaches

IT Governance

There are few things organisations fear more than data breaches. They cause immediate delays, are expensive and could lead to long-term reputational damage. The stakes were raised with the enforcement of the EU GDPR (General Data Protection Regulation) in May 2018.