Sat.Sep 07, 2019 - Fri.Sep 13, 2019

Software Bugs: Gotta Catch 'Em All?

Data Breach Today

Beyond 'Patch or Perish' - CISOs' Risk-Based Approach to Fixing Vulnerabilities Every week seems to bring a fresh installment of "patch or perish."

Risk 231

California Passes Bill to Ban Police Use of Facial Recognition

Threatpost

The historic measure, which still needs to be signed into law, would prohibit biometric surveillance, including in bodycams. Government Privacy ab 1215 ban biometric surveillance bodycams California facial recognition law enforcement legislation police state law

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How I Learned to Stop Worrying and Love Vendor Risk

Adam Levin

Insider risk, supply chain vulnerability and vendor risk all boil down to the same thing: the more people have access to your data, the more vulnerable it is to being leaked or breached.

Risk 92

NY Payroll Company Vanishes With $35 Million

Krebs on Security

MyPayrollHR , a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies.

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

Microsoft Patches 2 Windows Flaws Already Being Exploited

Data Breach Today

September's Patch Tuesday Addresses Elevation of Privileges Flaws As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild.

More Trending

What will be your decisive moment to secure your cloud applications in a Zero Trust world?

Thales eSecurity

Access management is increasingly the answer to #TrustedAccess. With two decades of cloud computing now under the belt, this question is increasingly more relevant in our hyper-connected world.

Access 118

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned.

IT 220

Attacks Targeting IoT Devices and Windows SMB Surge

Data Breach Today

Researchers Say Mirai Derivatives and EternalBlue Exploits Pummel Internet-Connected Devices Two years after WannaCry wrecked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.

IoT 253

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

One of the promising cybersecurity trends that I’ve been keeping an eye on is this: SOAR continues to steadily mature. Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Related: Here’s how Capital One lost 100 million customer records SOAR holds the potential to slow – and, ultimately, to help reverse – the acute and worsening cybersecurity skills shortage.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SimJacker is a critical vulnerability in SIM cards that could be exploited by remote attackers to compromise any phones just by sending an SMS.

Patch Tuesday, September 2019 Edition

Krebs on Security

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software.

IT 149

Cybercrime Black Markets: RDP Access Remains Cheap and Easy

Data Breach Today

Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services.

Top Cybersecurity Companies

eSecurity Planet

These IT security vendors lead the market through their innovative offerings, range of products and services, customer satisfaction and annual revenue

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

Telegram Privacy Fails Again

Security Affairs

Security expert discovered that busing a well-known feature of deleting messages it is possible to threate the users’ privacy. This is not a security vulnerability its a privacy issue.

281 Alleged Email Scammers Arrested in Massive Global Sweep

WIRED Threat Level

The most sweeping takedown yet of so-called BEC scammers involved arrests in nearly a dozen countries. Security Security / Security News

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

Escaping Email: Unlocking Message Security for SMS, WhatsApp

Dark Reading

Messaging is growing in importance as dislike for email increases. That means knowing how to protect critical data in the messaging era is a must for IT security

IT 109

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.”

How to Ensure Your Digital Security During the Rugby World Cup

Thales eSecurity

Now that it’s September, the excitement is beginning to build in earnest for the 2019 Rugby World Cup. Sports fans aren’t the only ones who are looking forward to this event. Unfortunately, digital criminals are also closely following the buzz surrounding this tournament.

IoT 108

Hackers Attempted DDoS Attack Against Utility: Report

Data Breach Today

Analysis: Attackers Probed Weaknesses in Network Firewalls for 10 Hours Earlier this year, intruders probed weaknesses in the network firewalls of a U.S.

227
227

APIs Get Their Own Top 10 Security List

Dark Reading

OWASP's new list of API weaknesses focuses on issues that have caused recent data breaches and pose common security hazards in modern cloud-based applications

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

Poland to establish Cyberspace Defence Force by 2024

Security Affairs

Poland announced it will launch a cyberspace defense force by 2024 composed of around 2,000 soldiers with a deep knowledge in cybersecurity.

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction

WIRED Threat Level

A fresh look at the 2016 blackout in Ukraine suggests that the cyberattack behind it was intended to cause far more damage. Security Security / Cyberattacks and Hacks

IT 107

Credit Card Theft Ringleader Pleads Guilty

Data Breach Today

Fin7 Gang Tied to Theft of 15 Million Payment Cards From Restaurant Chains and Others One of the three Ukrainian men charged with leading the notorious Fin7 hacking group, which prosecutors say stole 15 million payment cards, has pleaded guilty to two federal charges

226
226

Proposed Browser Security Guidelines Would Mean More Work for IT Teams

Dark Reading

CA/Browser Forum wants SSL certificates to expire after a year. Many businesses that rely on them aren't equipped to cope

IT 105

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

NetCAT attack allows hackers to steal sensitive data from Intel CPUs

Security Affairs

Experts discovered a flaw dubbed NetCAT (Network Cache ATtack) that affects all Intel server-grade processors and allows to sniff sensitive data over the network.

How Safari and iMessage Have Made iPhones Less Secure

WIRED Threat Level

Security researchers say iOS's security woes stem in part from Apple putting too much trust in its own software's code. Security Security / Security News

National Patient ID Debate Intensifies

Data Breach Today

Will Senate Follow House's Lead in Lifting Funding Ban?