Sat.Dec 22, 2018 - Fri.Dec 28, 2018

It’s Not Facebook’s Fault: Our Shadow Internet Constitution

John Battelle's Searchblog

Those of us fortunate enough to have lived through the birth of the web have a habit of stewing in our own nostalgia. We’ll recall some cool site from ten or more years back, then think to ourselves (or sometimes out loud on Twitter ): “Well damn, things were way better back then.”

IT 103

The Rise of Self-Concealing Steganography

Data Breach Today

Tool Hides Virtual Volumes But Leaves Linux Looking 'Bit-for-Bit' Normal Digital steganography is the practice of hiding information in plain sight, especially inside other data or images.

GUEST ESSAY: The case for engaging in ‘threat hunting’ — and how to do it effectively

The Last Watchdog

Modern cyber threats often are not obvious – in fact it is common for them to lurk inside a business’ systems for a long time without anyone noticing. This is referred to as ‘dwell time’, and a recent report from the Ponemon Institute indicates that the average dwell time is 191 days. Related podcast: The re-emergence of SIEMs. In an ideal world there would no dwell time at all, and threats would be identified before they can penetrate business’ defenses.

How To 142

Serial Swatter and Stalker Mir Islam Arrested for Allegedly Dumping Body in River

Krebs on Security

Pan Am Flight 103: Robert Mueller’s 30-Year Search for Justice

WIRED Threat Level

In December 1988 a bomb downed a Pan Am jet, leaving 270 dead. It was the first mass killing of Americans by terrorists. As the head of the Justice Department’s criminal division, Robert Mueller oversaw the case. And for him, it was personal. Backchannel Security

IT 110

Data Breach Leaks 1,000 North Korean Defectors' Details

Data Breach Today

South Korean Resettlement Agency Breach Traces to Malware-Laden Email Personal information for 1,000 North Korean defectors, including their names and addresses, has been stolen via a malware attack, officials in South Korea warn.

More Trending

Retail in 2019 needs security precautions

Thales Data Security

As the retail industry follows suit with today’s digital transformation, customer expectations are at an all-time high. Retailers are looking to address these demands with interconnected experiences to give customers more personalized and immediate experiences both in-stores and online.

Retail 102

How China Helped Make the Internet Less Free in 2018

WIRED Threat Level

Tech companies, democratic governments, and civil society need to work together to fight back against growing surveillance and censorship online. Security

Web Portals: More Breaches Illustrate the Vulnerabilities

Data Breach Today

Credit Card Information Exposed in Latest Portal Incident Web portals designed to provide convenient service to consumers can pose substantial security risks, as numerous breaches in recent years have clearly illustrated. What steps can be taken to reduce those risks

Risk 204

MD5 and SHA-1 Still Used in 2018

Schneier on Security

QR Codes: The future with no security shake up

Thales Data Security

( Originally posted on Cards International). To reach its tipping point, cashless payment technology has come on a long way since the first magnetic stripe card almost 50 years ago. The development of chip and PIN addressed concerns over security, before the emergence of contactless catered to consumer demands for greater convenience. Today, a new stage in the evolution of payments is growing in popularity.

We’re all Just Starting to Realize the Power of Personal Data

WIRED Threat Level

This year revealed consumers have a lot more to learn about what happens to their information online. Security

Data 80

Ron Ross of NIST on Protecting Critical Infrastructure

Data Breach Today

Sizing Up the Threats and Reviewing the Mitigation Effort In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology

191
191

Human Rights by Design

Schneier on Security

Good essay: " Advancing Human-Rights-By-Design In The Dual-Use Technology Industry ," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures.

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

Since November, a new ransomware called JungleSec has been infecting servers through unsecured IPMI (Intelligent Platform Management Interface) cards.

Toxic Data: How 'Deepfakes' Threaten Cybersecurity

Dark Reading

The joining of 'deep learning' and 'fake news' makes it possible to create audio and video of real people saying words they never spoke or things they never did

Video 103

Hacked Mt. Gox Bitcoin Exchange Chief Maintains Innocence

Data Breach Today

Prosecutors in Japan Seek 10-Year Embezzlement Sentence for Mark Karpeles Mark Karpeles, the former head of hacked Tokyo-based bitcoin exchange Mt. Gox, has continued to maintain his innocence during the closing arguments in an embezzlement trial against him, Japanese local media report.

184
184

Digitalizing your content - How do you change employee behavior?

AIIM

You have led the pack in creating a digital transformation strategy but how do you get your employees to engage and help your organization realize its goals? Embracing new technology is not the major challenge – human behavior is a significant factor in the success or failure of such projects.

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. .

5 trends that will impact digital transformation initiatives

Information Management Resources

As businesses continue to embrace innovation, the following five trends should remain top of mind for organizations looking to continue to drive their digital transformation initiatives in 2019. Hardware and software Data strategy Internet of things Data storage

Report: Trump Weighs Executive Order Banning Huawei, ZTE

Data Breach Today

Move Would Prohibit All US Use of Chinese Manufacturers' Telecommunications Gear President Donald Trump is reportedly continuing to weigh an executive order that would ban all U.S. organizations from using telecommunications hardware built by China's Huawei and ZTE.

Does Your Business Depend on Stronger Election Security?

Adam Levin

This midterm election , a steady flow of headlines and heated controversy focused not on political leanings or flipping seats (at least directly), but rather on the security and integrity of the voting process itself.

A new Shamoon 3 sample uploaded to VirusTotal from France

Security Affairs

A new sample of Shamoon 3 was uploaded on December 23 to the VirusTotal platform from France, it is signed with a Baidu certificate. A new sample of the dreaded Shamoon wiper was uploaded on December 23 to the VirusTotal platform from France.

6 key areas that will separate the AI leaders from laggards

Information Management Resources

Here are the areas companies need to focus on in 2019 to be ahead of the competition when it comes to AI, according to the consulting firm PwC. Artificial intelligence Machine learning PriceWaterhouseCoopers

IT 95

Feds Disrupt Top Stresser/Booter Services

Data Breach Today

DDoS-as-a-Service Providers Targeted by Arrests and Takedowns Fifteen of the world's biggest "stresser/booter" services, designed to enable users to launch DDoS attacks against sites on demand, have been shut down, and three men who allegedly ran such services have been charged

185
185

A NASA Hack, a PewDiePie Fan, and More Security News

WIRED Threat Level

Amazon sends Echo recordings to the wrong person, Russians tried to get US Treasury dirt on Clinton donors, and more of the week's top security news. Security

Hackers launched phishing attacks aimed at bypassing Gmail, Yahoo 2FA at scale

Security Affairs

Amnesty International warns of threat actors that are launching phishing attacks aimed at bypassing Gmail, Yahoo 2FA at scale. Amnesty International published a report that details how threat actors are able to bypass 2FA authentication that leverages text message as a second factor.

Organizations need to rethink their data architectures and strategies

Information Management Resources

Emerging technologies, dwindling resources, and rapidly increasing data requirements will drive the need to re-evaluate our data architecture and strategy. Data strategy Data management Hardware and software

Looking Ahead to 2019: Breaches, Regulations and More

Data Breach Today

A Summary of the Best Predictions for Next Year What's ahead for the cybersecurity landscape in 2019? We've received many lists of predictions from vendors and analysts for next year, and we've picked out five of the most interesting ones

Document Scanning vs Digitizing: What They Are, the Differences, and the Benefits

Record Nations

While the two terms are often used interchangeably, there are a number of unique benefits and differences between scanning and digitizing.

Hackers target financial firms hosting malicious payloads on Google Cloud Storage

Security Affairs

Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. The campaign targeted organizations in the US and the UK, the attackers have been abusing Google Cloud Storage to deliver payload.

Cloud 94

Cryptojacking Took Over the Internet in 2018

WIRED Threat Level

Move over, ransomware. Cryptojacking is officially the scourge of the internet. Security

The Challenge of Complete Identity Impersonation

Data Breach Today

Al Pascual of Javelin on Cross-Account Takeover In the wake of Equifax and other major breaches, sophisticated fraudsters are finding success as never before. Al Pascual of Javelin Strategy and Research discusses how identity impersonation is manifesting

Glitter Bomb against Package Thieves

Schneier on Security

Stealing packages from unattended porches is a rapidly rising crime, as more of us order more things by mail. One person hid a glitter bomb and a video recorder in a package, posting the results when thieves opened the box. At least, that's what might have happened.

Video 63