Sat.Oct 20, 2018 - Fri.Oct 26, 2018

Where Is the Secret Spying Chip Reported by Bloomberg?

Data Breach Today

Chorus of Criticism Against China Spying Contention Reaches New High Where is the secret spying chip devised by China that Bloomberg reported had worked its way into at least 30 companies, including Amazon and Apple?

IT 222

Who Is Agent Tesla?

Krebs on Security

A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software.

Groups 196

5 tips to keep your data safe and secure

IT Governance

There is no escaping the threat of data breaches. Organisations are being warned about data breaches in the media, regulators are demanding improved information security and the public is getting more vocal when organisations make mistakes.

Tips 96

NEW TECH: Silverfort extends ‘adaptive multi-factor authentication’ via key partnerships

The Last Watchdog

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary.

Connecticut City Pays Ransom After Crypto-Locking Attack

Data Breach Today

Separately, a Water Utility Hit by Ryuk Ransomware Vows to Restore, Not Pay A tale of two different ransomware victims' responses: One Connecticut city says it had little choice but to pay a ransom to restore crypto-locked systems.

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. Combating such a multifarious menace can seem daunting, and it calls for concerted efforts to tackle the problem from many different angles. This post examines the work of a large, private group of volunteers dedicated to doing just that.

Groups 145

More Trending

How long do you have to report a data breach?

IT Governance

The first 72 hours after you become aware of a data breach are critical. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. As you might expect, there are a lot of intricacies involved.

Cathay Pacific Says 9.4 Million Affected by Data Breach

Data Breach Today

Airline's Five-Month Delay Before Public Disclosure Raises Concern Hong Kong-based airline Cathay Pacific says the personal details of 9.4 million passengers were inappropriately accessed in March, a breach the company confirmed in early May but publicly revealed on Wednesday.

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks

Krebs on Security

The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 million in restitution for repeatedly using Mirai to take down Internet services at Rutgers University , his former alma mater. Paras Jha, in an undated photo from his former LinkedIn profile. Paras Jha, a 22-year-old computer whiz from Fanwood, N.J.,

IoT 144

China's Hacking of the Border Gateway Protocol

Schneier on Security

This is a long -- and somewhat technical -- paper by Chris C. Demchak and Yuval Shavitt about China's repeated hacking of the Internet Border Gateway Protocol (BGP): " China's Maxim ­ Leave No Access Point Unexploited: The Hidden Story of China Telecom's BGP Hijacking.".

OpenText STP Financial Hub revolutionizes workflows in the Financial Services sector

OpenText Information Management

Facebook Slammed With Maximum UK Privacy Fine

Data Breach Today

Failings Leading to Cambridge Analytica Scandal Earn Sharp Rebuke From Regulator Facebook has been slammed with the maximum possible fine under U.K.

Life-threatening cyber attack inevitable

IT Governance

Last week, the NCSC (National Cyber Security Centre) released its second annual review , in which it warned that a life-threatening cyber attack will hit the UK in the near future.

Blog 93

Android Ad-Fraud Scheme

Schneier on Security

BuzzFeed is reporting on a scheme where fraudsters buy legitimate Android apps, track users' behavior in order to mimic it in a way that evades bot detectors, and then uses bots to perpetuate an ad-fraud scheme.

OpenText trailblazers join top female tech leaders at the 2018 Grace Hopper Celebration

OpenText Information Management

Every year, a delegation of women from OpenText™ are hand selected by our executive team to attend the Grace Hopper Celebration of Women in Computing in the U.S.

Blog 92

British Airways Finds Hackers Stole More Payment Card Data

Data Breach Today

Investigators Now Count 565,000 Data Breach Victims British Airways has discovered that hackers compromised payment card data and personal details for 185,000 more customers than it had originally suspected and that its systems were first breached not in August, but April.

How to claim compensation for a data protection breach

IT Governance

The EU GDPR (General Data Protection Regulation) has heralded a new era in which individuals have greater control over their personal data.

I Bought Used Voting Machines on eBay for $100 Apiece. What I Found Was Alarming

WIRED Threat Level

Opinion: The fact that voter information is left on devices, unencrypted, that are then sold on the open market is malpractice. Security Opinion

Healthcare.gov Breach Affects 75,000

Adam Levin

The personal information of roughly 75,000 people was leaked in a data breach of the Healthcare.gov system October 13.

CMS 86

Fresh GandCrab Decryptor Frees Data for Free

Data Breach Today

Crypto-Locking Ransomware Cracked Thanks to Gang's Shoddy Code Quality Good news for anyone whose data has been crypto-locked by attackers wielding GandCrab, the year's most aggressive strain of ransomware: You may be able to get your data back, thanks to a free decryptor

On Disguise

Schneier on Security

The former CIA Chief of Disguise has a fascinating video about her work. cia disguise espionage video

Video 84

Paper and the Case for Going Low-Tech in the Voting Booth

WIRED Threat Level

When considered as a form of tech, paper has a killer feature set: It’s intuitive, it doesn’t crash, and it doesn’t need a power source. Security

Paper 86

Non-Human Resources for the HR Professional: Harnessing the Data

InfoGoTo

Can you pinpoint the most important aspect of your professional skill set? From analyzing data to understanding key applications, you’re constantly juggling the growing demands of your career. HR professionals experience this concern on a grand scale.

Feds Charge Russian With Midterm Election Interference

Data Breach Today

Project Lakhta' Allegedly Poured Millions Into Promoting Social Conflict A Russian national has been charged with coordinating a four-year campaign to spread divisive themes aimed at disrupting the U.S. political system.

206
206

The enemy within: three types of employees that cause data breaches

IT Governance

Negligent employees are the leading cause of data breaches at small and medium-sized businesses across North America and the UK, according to a recent study from Keeper Security. But what do these incidents really look like on the front line? IT Governance investigates.

It Started as an Online Gaming Prank. Then It Turned Deadly

WIRED Threat Level

wager on a "Call of Duty" match led to a fake 911 call reporting a violent hostage situation in Wichita. Here’s how it all went horribly awry. Security Backchannel

IT 85

Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

Security Affairs

Security experts Antonio Pirozzi and Pierluigi Paganini presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol.

Botnets Keep Brute-Forcing Internet of Things Devices

Data Breach Today

Shotgun Attacks Target Default Username/Password Combinations via Telnet Two years after Mirai botnets first appeared, security researchers say telnet-targeting botnets are attempting to compromise internet of things devices by pummeling them with 1,065 different username/password combinations.

The Countdown to Black Friday Has Begun. Are Retailers and Consumers Ready?

Thales Data Security

It’s hard to believe we are just a month away from the “unofficial” kick off of the holiday shopping season—Black Friday.

Your checklist for responding to and reporting data breaches

IT Governance

There is a lot you need to do after you discover a data breach, so it’s a good idea to keep a checklist. This will help you keep track of your progress during a hectic few days and ensure that you’ve done everything necessary to comply with the EU GDPR (General Data Protection Regulation).

Better Late than Never? U.S. Bolsters Cybersecurity Ahead of Elections

Adam Levin

One of the most discussed topics of this year’s election cycle is how best to protect the elections themselves from hackers and other outside influence.

Yahoo Class-Action Settlement: A $50 Million-Plus Sting

Data Breach Today

Victims Would Get Credit Monitoring, Reimbursement For ID Theft A proposed agreement that would end a class-action suit against Yahoo over devastating data breaches could see the company pay as much as $85 million.

Don't Believe Everything You See About the Migrant Caravan

WIRED Threat Level

A migrant caravan traveling through Mexico is the latest news event to be weaponized online. Security

Major data leak at Cathay Pacific

IT Governance

Hong Kong-based airline Cathay Pacific has announced a major data breach affecting up to 9.4 million of its customers. The breach also affects Cathay’s regional airline, Cathay Dragon. What data has been compromised? The breach exposed a broad selection of data, including: names. nationalities.