Sat.Jan 19, 2019 - Fri.Jan 25, 2019

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents.

How Cybercriminals Clean Their Dirty Money

Dark Reading

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning

114
114

GUEST POST: Six tangible ways ‘SOAR’ can help narrow the cybersecurity skills gap

The Last Watchdog

The cybersecurity talent shortage is here to stay. With an estimated 1.5-2 million unfulfilled cybersecurity positions, organizations are coming to terms with the fact that no amount of creative hiring initiatives will rid them of the need of figuring out how to protect their organizations despite being short staffed. Related: Addressing the cyber skills gap. This does not mean the creative staffing solutions do not serve their purpose.

France Hits Google with $57 Million GDPR Fine

Data Breach Today

Record Privacy Fine Sends Strong Signal to Data-Processing Technology Companies France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation.

GDPR 257

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

More Trending

MY TAKE: US cyber adversaries take cue from shutdown to accelerate malware deployment

The Last Watchdog

One profound consequence of Donald Trump’s shutdown of the federal government, now in day 33, is what a boon it is to US cyber adversaries. And moving forward, the long run ramifications are likely to be dire, indeed. Related: Welcome to the ‘golden age’ of cyber espionage.

FBI Agents Say Shutdown is Damaging Cyber Investigations

Data Breach Today

Funding Holdups for Subpoenas and Confidential Sources are Interrupting Probes FBI agents say the government shutdown is impeding their investigations, including cybersecurity probes, with the lack of funding compromising their ability to pay confidential informants, and obtain warrants or subpoena

Three Charged for Working With Serial Swatter

Krebs on Security

The U.S. Justice Department has filed criminal charges against three U.S. men accused of swatting, or making hoax reports of bomb threats or murders in a bid to trigger a heavily armed police response to a target’s address.

IT 213

Microsoft Exchange zero-day and exploit could allow anyone to be an admin

Security Affairs

The security expert Dirk- jan Mollema with Fox-IT discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user with a mailbox to become a Domain Admin. The experts described the attack scenario in a blog post and published a proof-of-concept code.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

70,000 affected in B&Q data breach

IT Governance

Home improvement retailer B&Q has suffered a data breach affecting 70,000 of its… well, not customers, exactly. The breached database contained a list of people who had been caught stealing products from B&Q stores.

Police Arrest €10 Million IOTA Cryptocurrency Theft Suspect

Data Breach Today

Scheme Offered 'Free' Website for Generating Cryptocurrency Wallet Seeds Police in England have arrested a 36-year-old man as part of an investigation into the theft of at least €10 ($11.3

236
236

Trojans and Spyware Are Making a Comeback

Adam Levin

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes.

PHP PEAR official site hacked, tainted package manager distributed for 6 months

Security Affairs

PHP PEAR official site hacked, attackers replaced legitimate version of the package manager with a tainted version in the past 6 months.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Google fined £44 million in landmark GDPR ruling

IT Governance

Google has been fined €50 million (about £44 million) by CNIL, France’s data protection regulator, for a breach of the EU GDPR (General Data Protection Regulation). .

GDPR 107

DHS Issues More Urgent Warning on DNS Hijacking

Data Breach Today

Government Agencies Should Audit DNS Settings Within 10 Days The U.S. Department of Homeland Security says executive branch agencies are being targeted by attacks aimed at modifying Domain Name System records, which are critical for locating websites and services.

Clever Smartphone Malware Concealment Technique

Schneier on Security

This is clever : Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks.

Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack

Security Affairs

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

The Pitfalls of Facebook Merging Messenger, Instagram, and WhatsApp Chats

WIRED Threat Level

Facebook's effort to combine its major chat platforms could create minefields for users who rely on end-to-end encryption. Security

Cisco Studies Global Impact of GDPR

Data Breach Today

Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey

GDPR 212

Hacking the GCHQ Backdoor

Schneier on Security

Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems.

A flaw in MySQL could allow rogue servers to steal files from clients

Security Affairs

A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS).

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

This is an edited version of a series of talks I first gave in New York over the past week, outlining my work at Columbia. Many thanks to Reinvent, Pete Leyden, Cap Gemini, Columbia University, Cossette/Vision7, and the New York Times for hosting and helping me. Prelude.

Report: Federal Trade Commission Weighs Facebook Fine

Data Breach Today

Facebook Probed by FTC Over Failures that Enabled Cambridge Analytica Scandal The U.S.

IT 198

The Evolution of Darknets

Schneier on Security

Sales 97

Expert shares PoC exploit code for remote iOS 12 jailbreak On iPhone X

Security Affairs

Researcher published a PoC exploit code for critical vulnerabilities that could be chained to implement an iOS jailbreak On iPhone X.

IT 114

Jargon Watch: Stochastic Terrorism Lets Bullies Operate in Plain Sight

WIRED Threat Level

It takes a master demagogue to weaponize unstable individuals and aim them at political enemies. Security

IT 88

Dharma Gang Pushes Phobos Crypto-Locking Ransomware

Data Breach Today