Sat.Aug 24, 2019 - Fri.Aug 30, 2019

Overcoming the Challenge of Unstructured Information

AIIM

According to AIIM research, 75% of the organizations we surveyed view digital transformation as “important” or “very important” to their organization. Survey respondents point to techniques like advanced data capture, machine learning, and process automation to provide the powerful potential to reengineer and improve core business processes.

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking

WIRED Threat Level

For two years, a handful of websites have indiscriminately hacked thousands of iPhones. Security Security / Cyberattacks and Hacks

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Facial Recognition Use Triggers GDPR Fine

Data Breach Today

Sweden Issues Penalty After School Tests the Technology Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.

GDPR 223

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

Imperva , a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

Europe came down hard this summer on British Airways and Marriott for failing to safeguard their customers’ personal data.

GDPR 158

List of data breaches and cyber attacks in August 2019 – 114.6 million records leaked

IT Governance

At first glance, August has been a quiet month for data breaches, with a total of 114,686,290 breached records. That’s about 10 percent of the monthly average coming into the month. But that figure comes from 95 incidents in total, which is the highest number of breaches we’ve had all year.

More Trending

Ransomware Bites Dental Data Backup Firm

Krebs on Security

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. West Allis, Wis.-based

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

The Last Watchdog

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls.

'It Saved Our Community': 16 Realistic Ransomware Defenses for Cities

Dark Reading

Practical steps municipal governments can take to better prevent and respond to ransomware infections

Election Security Program Aims to Mitigate Ransomware Risks

Data Breach Today

Department of Homeland Security to Help With Database Protections Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election.

Risk 254

Phishers are Angling for Your Cloud Providers

Krebs on Security

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers.

Cloud 224

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

The Last Watchdog

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls. He went on to earn a masters degree in cybersecurity, during which time he won a scholarship from the European Commission to craft a proof of concept attack against an industrial control system (ICS.) “I

18 Cyber Security Startups to Watch in 2019

eSecurity Planet

Here are 18 hot IT security startups addressing everything from IoT security and blockchain to artificial intelligence and machine learning

Countering Spoofing Attacks

Data Breach Today

Sal Stolfo of Allure Security on the Role of Deception Technology Deception technology, adversary intelligence and early detection can help counter spoofing and phishing attacks, says Sal Stolfo, the founder and CTO of Allure Security

The Myth of Consumer-Grade Security

Schneier on Security

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that's not possible, because there is no longer any difference between those categories of devices.

Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Security Affairs

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store.

Fancy Bear Dons Plain Clothes to Try to Defeat Machine Learning

Dark Reading

An analysis of a sample published by the US government shows Russian espionage group APT28, also known as Fancy Bear, has stripped down its initial infector in an attempt to defeat ML-based defenses

Emotet Botnet Shows Signs of Revival

Data Breach Today

Security Researchers Spot Active Command-and-Control Servers After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn

Detecting Credit Card Skimmers

Schneier on Security

Modern credit card skimmers hidden in self-service gas pumps communicate via Bluetooth.

Experts uncovered a hacking campaign targeting several WordPress Plugins

Security Affairs

Researchers at Wordfence reported an ongoing hacking campaign exploiting security flaws in some WordPress plugins.

Access 113

'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training

Dark Reading

What's definitely not working with end-user cybersecurity awareness training - and what you can do about it

Hostinger: 14 Million Accounts at Risk After Breach

Data Breach Today

Web Hosting Company Says API Server Compromised Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says

Risk 236

OpenAI Said Its Code Was Risky. Two Grads Recreated It Anyway

WIRED Threat Level

The artificial intelligence lab cofounded by Elon Musk said its software could too easily be adapted to crank out fake news. Business Business / Artificial Intelligence Security

IT 102

Cisco released 4CAN hardware tool to find flaws in automotive computers

Security Affairs

Cisco has released a hardware tool, called 4CAN , developed to help researchers to discover vulnerabilities in automotive systems. . Computer systems in modern vehicles are very complex, they contain a huge quantity of devices and units that exchange a lot of data in real-time.

6 Ways Airlines and Hotels Can Keep Their Networks Secure

Dark Reading

As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security

Cyber Insurance Changes as Threats Evolve

Data Breach Today

Ken Suh of Beazley on Assessing the Options In light of emerging cyberthreats, including ransomware, organizations must change how they assess their cyber insurance options, says Ken Suh of Beazley

Attacking the Intel Secure Enclave

Schneier on Security

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that's not true.

Paper 100

Ransomware attack hits DDS Safe backup service used by hundreds of dental offices

Security Affairs

The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe.

7 Breaches & Hacks That Throw Shade on Biometric Security

Dark Reading

Stolen fingerprints, fake hands, voice synthetization, and other nefarious techniques show biometrics has plenty of challenges

Apple iPhones Hacked by Websites Exploiting Zero-Day Flaws

Data Breach Today

Watering-Hole Attack Analysis From Google Follows Apple's February Patches Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team.

229
229

Advocacy and Records Management

The Schedule

There is a school of thought that traditional records management is dead, a remnant of the past along with paper-based technologies. This is not entirely accurate.

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers.

The Right to Be Patched: How Sentient Robots Will Change InfoSec Management

Dark Reading

It won't be long before we consider embodied AI as a form of "life" - and that will have a variety of paradigm-shifting, somewhat irritating, and potentially hilarious impacts on the daily lives of cybersecurity and privacy professionals

Police Trick Malware Gang Into Disinfecting 850,000 Systems

Data Breach Today

Retadup Gang's Malware Scheme Disrupted by French Police and Security Firm Avast French police say they've disrupted the operations of the Retadup malware gang by subverting attackers' command-and-control infrastructure to delete the malicious code from 850,000 infected PCs and servers worldwide.