Sat.Oct 27, 2018 - Fri.Nov 02, 2018

85 Millions of voter records available for sale ahead of the 2018 US Midterm Elections

Security Affairs

Ahead of the 2018 US midterm elections , sellers are flooding the cybercrime underground markets with data from voter databases. Experts at cybersecurity company Carbon Black found tens of different state voter databases available for sale on the dark web.

Sales 104

SMS Phishing + Cardless ATM = Profit

Krebs on Security

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Recent arrests in Ohio shed light on how this scam works.

NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

The Last Watchdog

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary.

Mirai Co-Author Gets House Arrest, $8.6 Million Fine

Data Breach Today

Paras Jha Launched DDoS Attacks Against Rutgers, Ran Click-Fraud Botnets One of the co-authors of the devastating Mirai botnet malware has been sentenced to home incarceration and community service, and ordered to pay $8.6

243
243

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. These monthly blogs will now look at three lesser-known stories in detail, as well as give a total number for all records exposed in the month.

More Trending

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

The United States has experienced the most cybersecurity breaches in the world and the Equifax Breach was one of the first to be considered a “mega breach.”. The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. Equifax was not special in this regard. Related: How social media is used to spread malware, influence elections.

Crypto-Locking Kraken Ransomware Looms Larger

Data Breach Today

Ransomware-as-a-Service Operation Joins Forces With Fallout Exploit Kit A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn.

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. These monthly blogs will now look at three lesser-known stories in detail, as well as give a total number for all records exposed in the month.

Cell Phone Security and Heads of State

Schneier on Security

Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Chinese Government Agents Charged with Hacking, IP Theft

Adam Levin

The U.S. Justice Department announced charges against ten Chinese intelligence agents for hacking into computer systems belonging to U.S. and international companies to steal aerospace technology and data.

US Again Indicts Chinese Intel Agents Over Hacking

Data Breach Today

Scheme Sought to Steal Data on Turbofan Engines, Saving on Development Costs The Justice Department says two Chinese intelligence officers and eight others were indicted for stealing trade secrets that are intended to help the country shortcut technology research.

Data 227

3 cyber security tips every employee should know

IT Governance

Worried that you or someone in your organisation will be responsible for a data breach? Then take a look at these three basic tips for staying secure. Cyber security can feel overwhelming.

Tips 104

Buying Used Voting Machines on eBay

Schneier on Security

This is not surprising : This year, I bought two more machines to see if security had improved.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Essential Reading: The 2018 Gartner Magic Quadrant for Content Services Platforms

OpenText Information Management

Each year, the highly respected analysts at Gartner publish their assessment of the content management sector—the Gartner Magic Quadrant for Content Services Platforms. It’s highly recommended reading for everyone involved in the ECM/Content Services space.

Health Data Breach Tally: Analyzing the Latest Trends

Data Breach Today

Sorting Out What Kinds of Incidents Are Most Common This Year What kinds of health data breaches have been most common so far in 2018? An analysis of the official HHS breach tally reveals the latest trends, and security experts offer an analysis

Trends 221

3 cyber security tips every employee should know

IT Governance

Worried that you or someone in your organisation will be responsible for a data breach? Then take a look at these three basic tips for staying secure. Cyber security can feel overwhelming.

Tips 104

Security Vulnerability in Internet-Connected Construction Cranes

Schneier on Security

This seems bad: The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions between the crane and the controller, and then send their own spoofed commands over the air to seize control of the crane.

Ransomware, Leakware, Scareware… Oh My!

Thales eSecurity

The unexplained and seemingly paranormal are actually a year-round phenomenon in IT Security. This year has been no exception. The shrieks and screams coming from CISOs and their staffs over malware has led to zombie-like stares.

Canada's Mandatory Breach Notification Rules Now in Effect

Data Breach Today

Organizations Must Comply With Data Breach Reporting Requirements or Face Fines Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as part of revised rules to Canada's PIPEDA privacy law.

3 reasons cyber security training is essential

IT Governance

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches.

More on the Supermicro Spying Story

Schneier on Security

I've blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don't know if the story is true, although I am increasingly skeptical because of the lack of corroborating evidence to emerge.

Blog 95

Was There a New Stuxnet-like Attack in Iran?

Adam Levin

The Israeli evening news Hadashot reported that Iran “is again facing a [Stuxnet-like] attack, from a more violent, more advanced and more sophisticated virus than before.” According to sketchy reports, the attack hit infrastructure and strategic networks.

IT 91

Radisson Suffers Global Loyalty Program Data Breach

Data Breach Today

Hotel Giant Has Yet to Disclose Total Number of Affected Victims Radisson Hotel Group has suffered a data breach that resulted in the theft of data for its global loyalty program members. The company, which operates 1,400 hotels, says the breach touched data for "less than 10 percent" of all Radisson Rewards members, but it hasn't released a victim count

3 reasons cyber security training is essential

IT Governance

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches.

Key Metrics to Measure Performance of Your Healthcare App

Perficient Data & Analytics

In today’s digitally savvy world, consumers-patients-members expect to interact with healthcare organizations across a number of mobile devices whilst on the go, just as they do with organizations across other industries. As a result more and more healthcare providers and payers are leveraging mobile apps to connect with consumers-patients-members to make their services more accessible and efficient.

USGS Malware Infection Linked to Employee’s Porn Habit

Adam Levin

A network-wide infection of Russian malware at the U.S. Geological Survey was traced back to a single employee’s viewing of pornographic content on the job. In a study released by the U.S.

The Business Case for Better 'Cyber Hygiene'

Data Breach Today

GDPR compliance: why you should consider BS 10012 certification

IT Governance

The EU GDPR (General Data Protection Regulation) hasn’t been around for long but we’re already seeing a huge increase in reported data breaches to the ICO (Information Commissioner’s Office). In the past two years, the number of reported data breaches has risen by 75%.

How to Punish Cybercriminals

Schneier on Security

China's Five Steps for Recruiting Spies in the US

WIRED Threat Level

A series of high-profile cases involving alleged Chinese recruits shows how the country identifies and develops potential spies stateside. Security

IBM to Buy Red Hat for $34 Billion

Data Breach Today

Big Blue Moves to Acquire Enterprise Provider of Linux Open Source Software IBM plans to acquire enterprise Linux open source software provider Red Hat in a "hybrid cloud" deal valued at $33 billion that IBM CEO Ginni Rometty promises will be a "game changer."

Cloud 190