Sat.Sep 07, 2019 - Fri.Sep 13, 2019

Software Bugs: Gotta Catch 'Em All?

Data Breach Today

Beyond 'Patch or Perish' - CISOs' Risk-Based Approach to Fixing Vulnerabilities Every week seems to bring a fresh installment of "patch or perish."

Risk 233

California Passes Bill to Ban Police Use of Facial Recognition

Threatpost

The historic measure, which still needs to be signed into law, would prohibit biometric surveillance, including in bodycams. Government Privacy ab 1215 ban biometric surveillance bodycams California facial recognition law enforcement legislation police state law

How I Learned to Stop Worrying and Love Vendor Risk

Adam Levin

Insider risk, supply chain vulnerability and vendor risk all boil down to the same thing: the more people have access to your data, the more vulnerable it is to being leaked or breached.

Risk 91

NY Payroll Company Vanishes With $35 Million

Krebs on Security

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Microsoft Patches 2 Windows Flaws Already Being Exploited

Data Breach Today

September's Patch Tuesday Addresses Elevation of Privileges Flaws As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild.

More Trending

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SimJacker is a critical vulnerability in SIM cards that could be exploited by remote attackers to compromise any phones just by sending an SMS.

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned.

IT 249

Attacks Targeting IoT Devices and Windows SMB Surge

Data Breach Today

IoT 260

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

One of the promising cybersecurity trends that I’ve been keeping an eye on is this: SOAR continues to steadily mature. Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Related: Here’s how Capital One lost 100 million customer records SOAR holds the potential to slow – and, ultimately, to help reverse – the acute and worsening cybersecurity skills shortage.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction

WIRED Threat Level

A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage. Security Security / Cyberattacks and Hacks

IT 114

Patch Tuesday, September 2019 Edition

Krebs on Security

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software.

Tips 162

Cybercrime Black Markets: RDP Access Remains Cheap and Easy

Data Breach Today

Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services.

Access 256

Poland to establish Cyberspace Defence Force by 2024

Security Affairs

Poland announced it will launch a cyberspace defense force by 2024 composed of around 2,000 soldiers with a deep knowledge in cybersecurity.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

281 Alleged Email Scammers Arrested in Massive Global Sweep

WIRED Threat Level

The most sweeping takedown yet of so-called BEC scammers involved arrests in nearly a dozen countries. Security Security / Security News

What will be your decisive moment to secure your cloud applications in a Zero Trust world?

Thales eSecurity

Access management is increasingly the answer to #TrustedAccess. With two decades of cloud computing now under the belt, this question is increasingly more relevant in our hyper-connected world.

eBook 108

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

NetCAT attack allows hackers to steal sensitive data from Intel CPUs

Security Affairs

Experts discovered a flaw dubbed NetCAT (Network Cache ATtack) that affects all Intel server-grade processors and allows to sniff sensitive data over the network.

Demo 114

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

How Safari and iMessage Have Made iPhones Less Secure

WIRED Threat Level

Security researchers say iOS's security woes stem in part from Apple putting too much trust in its own software's code. Security Security / Security News

How to Ensure Your Digital Security During the Rugby World Cup

Thales eSecurity

Now that it’s September, the excitement is beginning to build in earnest for the 2019 Rugby World Cup. Sports fans aren’t the only ones who are looking forward to this event. Unfortunately, digital criminals are also closely following the buzz surrounding this tournament.

National Patient ID Debate Intensifies

Data Breach Today

Will Senate Follow House's Lead in Lifting Funding Ban?

Groups 231

Telegram Privacy Fails Again

Security Affairs

Security expert discovered that busing a well-known feature of deleting messages it is possible to threate the users’ privacy. This is not a security vulnerability its a privacy issue.

The Windows 10 Privacy Settings You Should Check Right Now

WIRED Threat Level

Whether you're new to Windows 10 or have been using it for years, take a minute to lock down your privacy. Security Security / Security Advice

Many Happy RETURNS: COBOL is 60

Micro Focus

Can you believe that in September 1959, the world first heard the technical acronym ‘COBOL’? The history of COBOL over the past 60 years is fascinating, and proof of COBOL’s durability. Recorded statements of the value and ubiquity of the language have been reported widely over the years.

Iranian Hacking Group Continues Targeting Universities

Data Breach Today

Cobalt Dickens' Group Attempting to Steal Intellectual Property "Cobalt Dickens," a threat group with suspected ties to Iran, is continuing its attempts to steal intellectual property from schools and universities, according to an analysis by SecureWorks.

Groups 231

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.”

When Biology Becomes Software

Schneier on Security

All of life is based on the coordinated action of genetic parts (genes and their controlling sequences) found in the genomes (the complete DNA sequence) of organisms. Genes and genomes are based on code-- just like the digital language of computers.

Risk 96

Red Flag Laws Are Red Herrings of Gun Control

WIRED Threat Level

Opinion: There’s little data on the effectiveness of mental health reporting laws, and we’re being distracted from measures we know will save lives. Opinion Security Security / National Security

Data 94