Sat.Aug 03, 2019 - Fri.Aug 09, 2019

Debunking the Top 5 Myths about Office 365 Backup & Recovery

Quest Software

Learn about the common misconceptions surrounding Office 365 data protection and the truth behind the myths.( read more ). office 365 backup

59

Capital One's Breach May Be a Server Side Request Forgery

Data Breach Today

SSRF Appears to Fit Scenario, But Details Are Slim Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it

When Perceived Cybersecurity Risk Outweighs Reality

Dark Reading

Teams need to manage perceived risks so they can focus on fighting the real fires

Risk 113

Who Owns Your Wireless Service? Crooks Do.

Krebs on Security

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Trump’s Intel Vacancies Put Americans in Danger

WIRED Threat Level

Sue Gordon's departure is the latest sign that US national security might be stretching its leaders too thin—and risks putting the wrong people into roles that American lives depend upon. Security Security / National Security

Risk 114

More Trending

WhatsApp flaws allow the attackers to manipulate conversations

Security Affairs

Security experts at CheckPoint discovered a series of vulnerabilities in WhatsApp that could be exploited by attackers to tamper with conversations.

The Risk of Weak Online Banking Passwords

Krebs on Security

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process.

Inside the Hidden World of Elevator Phone Phreaking

WIRED Threat Level

Eavesdropping, reprogramming, talking to strangers: Welcome to the harmless and not-so-harmless fun of hacking elevator call boxes. Security Security / Security News

Democratic Campaign Group Left 6 Million Emails Exposed

Data Breach Today

UpGuard Finds Misconfigured Amazon S3 Bucket Left Addresses Exposed Security firm UpGuard found that a misconfigured Amazon S3 bucket belonging to the Democratic Senatorial Campaign Committee left the email addresses of more than 6 million U.S. citizens exposed to the internet.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

3Fun Dating App leaked members’ location and personal details

Security Affairs

The 3Fun dating mobile app for “curious couples & singles” exposed the location of its members and their personal details. What do you think about the privacy of dating apps?

Access 113

iNSYNQ Ransom Attack Began With Phishing Email

Krebs on Security

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned.

Hackers Can Break Into an iPhone Just by Sending a Text

WIRED Threat Level

You don't even have to click anything. Security Security / Cyberattacks and Hacks

Microsoft: Russia Probes Office Printers, VOIP Phones

Data Breach Today

Points to the Need to Make IoT Devices More Secure Microsoft warned on Monday that Russia-linked attackers are gaining access to corporate networks through poorly configured devices, such as office printers and VOIP phones.

IoT 237

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

A Zero-Day in Steam client for Windows affects over 100 Million users

Security Affairs

Two researchers publicly disclosed a zero-day vulnerability that affects the popular Steam game client for Windows, 0ver 100 million users at risk.

Access 113

AT&T Employees Took Bribes to Unlock Smartphones

Schneier on Security

This wasn't a small operation : A Pakistani man bribed AT&T call-center employees to install malware and unauthorized hardware as part of a scheme to fraudulently unlock cell phones, according to the US Department of Justice.

Cloudflare Ditches 8chan. What Happens Now?

WIRED Threat Level

In an interview with WIRED, Cloudflare CEO Matthew Prince explains his decision to stop protecting 8chan—and where the notorious forum goes from here. Security Security / Security News

Digital Transformation: Security Best Practices

Data Breach Today

RSA's Holly Rollo on the Importance of Third-Party Risk Management Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites.

Mining 113

Brazilian Cell Phone Hack

Schneier on Security

I know there's a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly by actors much less sophisticated than rival governments.

13-Year-Old Encryption Bugs Still Haunt Apps and IoT

WIRED Threat Level

RSA encryption has been around for decades. Unfortunately, so have bad implementations that leave it less secure. Security Security / Cyberattacks and Hacks

Mobile-Only Bank Monzo Warns 480,000 Customers to Reset PINs

Data Breach Today

Software Bug Meant Some Numbers Were Stored Unencrypted Monzo, a U.K. mobile-only bank that plans to expand into the U.S.,

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

Security Affairs

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities.

Supply-Chain Attack against the Electron Development Platform

Schneier on Security

Electron is a cross-platform development system for many popular communications apps, including Skype, Slack, and WhatsApp. Security vulnerabilities in the update system allows someone to silently inject malicious code into applications.

Hidden Algorithm Flaws Expose Websites to DoS Attacks

WIRED Threat Level

Why throw a bunch of junk traffic at a service, when all it takes to stall it out is just a few bytes? Security Security / Cyberattacks and Hacks

IT 110

DOJ: Bribed AT&T Workers Planted Malware on Carrier's Network

Data Breach Today

Scheme Involved Unlocking 2 Million Smartphones to Enable Fraud The Justice Department has indicted two men on charges of paying more than $1 million in bribes to AT&T employees who helped plant malware on the carrier's network and access the company's internal systems.

Access 226

Expert publicly disclosed a zero-day vulnerability in KDE

Security Affairs

A security expert has published PoC code exploit for a vulnerability in the KDE software framework that is yet to be fixed. The security expert Dominik Penner, aka “@zer0pwn”, has disclosed an unpatched KDE vulnerability on Twitter.

Regulating International Trade in Commercial Spyware

Schneier on Security

Siena Anstis, Ronald J. Deibert, and John Scott-Railton of Citizen Lab published an editorial calling for regulating the international trade in commercial surveillance systems until we can figure out how to curb human rights abuses.