Sat.Jan 26, 2019 - Fri.Feb 01, 2019

Google Takes Its First Steps Toward Killing the URL

WIRED Threat Level

Google wants to get rid of URLs. But first, it needs to show you why. Security

IT 87

Apple Rushes to Fix Serious FaceTime Eavesdropping Flaw

Data Breach Today

Callers Can Hear and See Recipients Before They Pick Up Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call

Video 258

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car.

250 Webstresser Users to Face Legal Action

Krebs on Security

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S.,

Using steganography to obfuscate PDF exploits

Security Affairs

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files.

Stolen RDP Credentials Live On After xDedic Takedown

Data Breach Today

Customers of Notorious RDP Marketplace Expected to Move to Rival UAS Market The notorious xDedic Marketplace Russian-language cybercrime forum and shop remains offline following an international police takedown.

More Trending

OpenText Buys Catalyst Repository Systems, Inc.

OpenText Information Management

I’m pleased to announce that OpenText has acquired Catalyst Repository Systems, Inc., a leading provider of cloud-based eDiscovery software for large-scale discovery and regulatory compliance.

Cloud 97

Researchers published the PoC exploit code for Linux SystemD bugs

Security Affairs

Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January.

Apple Slams Facebook for Monitoring App Given to Minors

Data Breach Today

Access 231

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor.

Tools 125

Happy Data Privacy Day: City Planning Now Mines Everyone’s Data All the Time

Adam Levin

Sidewalk Labs, a subsidiary of Google’s parent company Alphabet, is the go-to story for Data Privacy Day with its new “user-friendly” tool called Replica, which allows city planners see “how, when, and where people travel in urban areas.”.

Anatova ransomware – Expert believe it will be a dangerous threat

Security Affairs

Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide. The name Anatova is based on a name in the ransom note that is dropped on the infected systems.

Privacy: Several States Consider New Laws

Data Breach Today

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline

MY TAKE: ‘Bashe’ attack theorizes a $200 billion ransomware raid using NSA-class cyber weapons

The Last Watchdog

A report co-sponsored by Lloyd’s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown.

Japanese Government Will Hack Citizens' IoT Devices

Schneier on Security

IoT 95

Exclusive: spreading CSV Malware via Google Sheets

Security Affairs

Cyber security expert Marco Ramilli, founder of Yoroi ,discovered a way to spread CSV malware via Google Sheets … but Big G says it is an Intended behavior. CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor !

Yahoo's Proposed Data Breach Lawsuit Settlement: Rejected

Data Breach Today

Why capture is a key foundation of information management strategies

OpenText Information Management

Today’s number one business challenge is keeping track of information.

Security Flaws in Children's Smart Watches

Schneier on Security

A year ago , the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children.

Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online

Security Affairs

Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers.

Airbus Hacked: Aircraft Giant Discloses Data Breach

Data Breach Today

Investigation Underway After Attack Compromises Employee Details Airbus says it suffered a hack attack, leading to a breach of "contact and IT identification details" for at least some of its EU employees.

8 key elements of an effective staff awareness training programme

IT Governance

Hackers Are Passing Around a Megaleak of 2.2 Billion Records

WIRED Threat Level

The so-called Collections #1-5 represent a gargantuan, patched-together Frankenstein of rotting personal data. Security

ROT 86

Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever

Security Affairs

Imperva mitigated a SYN flood DDoS attack against one of its clients that exceeded 500 million packets per second, this is the largest ever.

Tools 101

Intelligence Chiefs Expect More Cyberattacks Against US

Data Breach Today

China, Russia, Iran and North Korea Pose Increasing Risk, Congress Hears Efforts to exploit U.S.

Risk 193

List of data breaches and cyber attacks in January 2019 – 1,769,185,063 records leaked

IT Governance

The first of this year’s monthly lists amounts to an impressive 1,769,185,063 leaked records, which – let’s be honest – isn’t the greatest start to the year. Although there will be some debate about the usefulness of including the 772,904,991 records from the Collection #1 breach – which comprises data stolen from a number of historic data breaches – even without them, the number of breached records still stands at just under 1 billion records for January 2019.

IG GURU partners with the Institute of Information Management in Africa

IG Guru

IIM and IG GURU have agreed to partner and promote their organizations across the globe. Andrew Ysasi, the President of IG GURU, had this to say about the partnership, “IG GURUis committed to connecting practitioners and educators across the globe.

Hackers compromise WordPress sites via Zero-Day flaws in Total Donations plugin

Security Affairs

Security experts at Wordfence security firms discovered WordPress Sites compromised via Zero-Day vulnerabilities in Total Donations Plugin.

CMS 102

Brexit Preparation: Get Personal Data Flows in Order

Data Breach Today

Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K.

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm.

GDPR 84

New AIIM Research: Leveraging Machine Learning Capabilities

AIIM

There‘s a lot of excitement about Artificial Intelligence and business automation these days, and for good reason. Developments in AI — and its sidekicks “Deep Learning” and “Machine Learning” — bring the promise of transforming work as we know it.

Law enforcement worldwide hunting users of DDoS-for-Hire services

Security Affairs

Europol and law enforcement agencies worldwide are investigating DDoS-for-hire services and hunting users that paid them to carry out cyber attacks.

Embracing Digital Risk Protection: Take Your Threat Intelligence to the Next Level

Data Breach Today

Risk 186

Collibra Raises a $100M Series-E Round Led by Capital G

Collibra

Investment rounds off a year of phenomenal growth for Collibra as we help enterprise companies maximize today’s most valuable asset — data. I’m excited to announce that Collibra has raised a $100M Series-E funding round, led by CapitalG, Alphabet’s growth equity investment fund.