Sat.Aug 24, 2019 - Fri.Aug 30, 2019

Overcoming the Challenge of Unstructured Information

AIIM

According to AIIM research, 75% of the organizations we surveyed view digital transformation as “important” or “very important” to their organization. Survey respondents point to techniques like advanced data capture, machine learning, and process automation to provide the powerful potential to reengineer and improve core business processes.

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking

WIRED Threat Level

For two years, a handful of websites have indiscriminately hacked thousands of iPhones. Security Security / Cyberattacks and Hacks

Facial Recognition Use Triggers GDPR Fine

Data Breach Today

GDPR 201

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

Imperva , a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

Europe came down hard this summer on British Airways and Marriott for failing to safeguard their customers’ personal data.

Tools 164

More Trending

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

Data Breach Today

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords.

Ransomware Bites Dental Data Backup Firm

Krebs on Security

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. West Allis, Wis.-based

Ransomware attack hits DDS Safe backup service used by hundreds of dental offices

Security Affairs

The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe.

The Myth of Consumer-Grade Security

Schneier on Security

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that's not possible, because there is no longer any difference between those categories of devices.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Election Security Program Aims to Mitigate Ransomware Risks

Data Breach Today

Department of Homeland Security to Help With Database Protections Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election.

Phishers are Angling for Your Cloud Providers

Krebs on Security

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers.

Cloud 202

Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Security Affairs

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store.

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

The Last Watchdog

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Countering Spoofing Attacks

Data Breach Today

Sal Stolfo of Allure Security on the Role of Deception Technology Deception technology, adversary intelligence and early detection can help counter spoofing and phishing attacks, says Sal Stolfo, the founder and CTO of Allure Security

Attacking the Intel Secure Enclave

Schneier on Security

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that's not true.

Paper 94

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

Google researchers discovered that iPhone devices could be hacked by tricking owners into visiting specially crafted websites. Researchers at Google Project Zero discovered that it was possible to hack iPhone devices by visiting specially crafted websites.

OpenAI Said Its Code Was Risky. Two Grads Recreated It Anyway

WIRED Threat Level

The artificial intelligence lab cofounded by Elon Musk said its software could too easily be adapted to crank out fake news. Business Business / Artificial Intelligence Security

IT 93

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Emotet Botnet Shows Signs of Revival

Data Breach Today

Security Researchers Spot Active Command-and-Control Servers After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn

Detecting Credit Card Skimmers

Schneier on Security

Modern credit card skimmers hidden in self-service gas pumps communicate via Bluetooth.

Experts uncovered a hacking campaign targeting several WordPress Plugins

Security Affairs

Researchers at Wordfence reported an ongoing hacking campaign exploiting security flaws in some WordPress plugins.

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

The Last Watchdog

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls. He went on to earn a masters degree in cybersecurity, during which time he won a scholarship from the European Commission to craft a proof of concept attack against an industrial control system (ICS.) “I

Police Trick Malware Gang Into Disinfecting 850,000 Systems

Data Breach Today

Retadup Gang's Malware Scheme Disrupted by French Police and Security Firm Avast French police say they've disrupted the operations of the Retadup malware gang by subverting attackers' command-and-control infrastructure to delete the malicious code from 850,000 infected PCs and servers worldwide.

Tips 220

The Threat of Fake Academic Research

Schneier on Security

Interesting analysis of the possibility, feasibility, and efficacy of deliberately fake scientific research, something I had previously speculated about. disinformation fakenews fraud russia

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers.

Cryptocurrency Mining Employees Expose Nuclear Plant to Internet

WIRED Threat Level

Xbox eavesdropping, email scammers, and more of the week's top security news. Security Security / Security News

Cyber Insurance Changes as Threats Evolve

Data Breach Today

Ken Suh of Beazley on Assessing the Options In light of emerging cyberthreats, including ransomware, organizations must change how they assess their cyber insurance options, says Ken Suh of Beazley

The Next Step in End-to-End Encryption: Introducing EncryptReduce

Thales eSecurity

This past March at RSAC 2019, Pure Storage and Thales introduced the security industry’s first end-to-end data encryption framework that realizes storage array data reduction efficiencies. Historically, host data encryption and array data reduction are like oil and water – they simply don’t mix.

Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510

Security Affairs

BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.

A History of Plans to Nuke Hurricanes (and Other Stuff Too)

WIRED Threat Level

If you think dropping a nuclear bomb into the eye of a hurricane is a bad idea, wait'll you see what they had in mind for the polar ice caps. Security Security / National Security

Hostinger: 14 Million Accounts at Risk After Breach

Data Breach Today

Web Hosting Company Says API Server Compromised Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says

Risk 215