Sat.Feb 09, 2019 - Fri.Feb 15, 2019

article thumbnail

Blockchain and Trust

Schneier on Security

article thumbnail

Malicious PDF Analysis

Security Affairs

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. Because the manufacturer’s analysis was not satisfactory, the team responsible for handling the incident requested a second opinion, since in other anti-virus

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to Create a Dream Team for the New Age of Cybersecurity

Dark Reading

When each member of your security team is focused on one narrow slice of the pie, it's easy for adversaries to enter through the cracks. Here are five ways to stop them.

article thumbnail

Japan's Credit Card Fraud Debacle

Data Breach Today

Fraudsters Received 20 Percent Cashback for Fraudulent Purchases A convergence of events in December in Japan led to an unprecedented spike in card-not-present fraud. New statistics from a dark web monitoring firm explains how a promotion by PayPay, a third-party payments service, slid sideways.

249
249
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever. Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users.

More Trending

article thumbnail

MY TAKE: Can Project Furnace solve DX dilemma by combining serverless computing and GitOps?

The Last Watchdog

Assuring the privacy and security of sensitive data, and then actually monetizing that data, — ethically and efficiently — has turned out to be the defining challenge of digital transformation. Today a very interesting effort to address this complex dilemma is arising from the ferment, out of the UK. It’s called Project Furnace , an all-new open source software development platform.

article thumbnail

Report: Facebook Faces Multibillion Dollar US Privacy Fine

Data Breach Today

FTC and Social Network Are Negotiating Record Penalty, Washington Post Reports The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures. But the social network is alarmed about the proposed settlement agreement's terms and conditions, The Washington Post reports.

Privacy 239
article thumbnail

Bomb Threat Hoaxer Exposed by Hacked Gaming Site

Krebs on Security

Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused — who had fairly well separated his real life identity from his online personas — appears to have been caught after a gaming Web site he frequented got hacked.

article thumbnail

Creating Magic Moments for Your Customers with Intelligent Business Processes

AIIM

Content, documents, and information are at the center of all organizations, of all sizes, and in all industries. But once your clients need to review, approve, sign a document, or receive some information— efficiency is key. That is when you need your organization and processes to shine. Allen Bonde, an analyst at Forrester , defines “The Magic Moment” as the moment of communication between your organization and your customer.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

GUEST ESSAY: Australia’s move compelling VPNs to cooperate with law enforcement is all wrong

The Last Watchdog

The moment we’ve all feared has finally come to pass. When government agencies and international intelligence groups pooled together resources to gather user data, the VPN’s encryption seemed like the light at the end of the tunnel. Related: California enacts pioneering privacy law. However, it looks like things are starting to break apart now that Australia has passed the “Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018”.

article thumbnail

With Doctored Photos, Thieves Try to Steal Bitcoin

Data Breach Today

'Deep Fakes' May Eventually Complicate Identity Verification Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree of success, underscoring the difficulties around verifying identity on the internet.

233
233
article thumbnail

The Ocado fire – when disaster recovery becomes real

IT Governance

The recent fire at Ocado has been a devastating blow to the company and the local community. Hundreds of firefighters were involved in tackling the blaze; the smoke billowed for more than 48 hours, darkening the Hampshire sky; surrounding homes and businesses were evacuated due to the risk of explosion, and those further afield advised to keep windows and doors shut; and some firefighters needed treatment for smoke inhalation.

Retail 103
article thumbnail

Docker runc flaw opens the door to a ‘Doomsday scenario’

Security Affairs

Security experts found a serious flaw tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O.

Cloud 106
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

AIIM19 session preview - IIM Project Management and Self-Preservation: Why Successful Projects Are Not About You

AIIM

We have a number of important sessions planned for the AIIM19 conference coming to San Diego on March 26-28. I spoke with Carah Koch, the Director of Enterprise Content Management for the Metropolitan Council of the Twin Cities, about her session IIM Project Management and Self-Preservation: Why Successful Projects Are Not About You, and asked her to give us a short preview of what to expect.

article thumbnail

WannaCry Hero Loses Key Motions in Hacking Case

Data Breach Today

Judge Says 'Terrible Hangover' Didn't Fuzz Suspect's Miranda Rights Clarity A famed British computer security researcher has lost several key motions in a federal hacking case that stems from his alleged contribution to two types of banking malware. The rulings could complicate the challenges for the defense team of Marcus Hutchins, who remains in the U.S.

Security 228
article thumbnail

The Who, What and Why of Micro Focus

Micro Focus

Over the past decade, through a combination of organic growth and M&A, Micro Focus has grown precipitously. Today, the company has thousands of employees in 43 countries worldwide, and is one of the largest pure-play enterprise software companies in the world. Yet, despite this size and growth, and likely because the company is headquartered in.

article thumbnail

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the users, the malicious code adds some 700 entries to the /etc/hosts file that redirects requests to IP address 0.0.0.0.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Cybersecurity and the Human Element: We're All Fallible

Dark Reading

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers.

article thumbnail

No-Deal Brexit Threatens British Crime-Fighting

Data Breach Today

Police Say Data-Sharing Alternatives 'Will Not Be As Efficient Or Effective' British police say they're doing their best to cope with the possibility that the U.K. will crash out of the EU in 45 days and lose access to joint policing resources. But Richard Martin of the Met Police says replacements "will not be as efficient or effective as the tools we currently use.

Access 222
article thumbnail

The Queen of the Skies and Innovation

Adam Shostack

The Seattle Times has a story today about how “ 50 years ago today, the first 747 took off and changed aviation.” It’s true. The 747 was a marvel of engineering and luxury. The book by Joe Sutter is a great story of engineering leadership. For an upcoming flight, I paid extra to reserve an upper deck seat before the last of the passenger-carrying Queens of the Skies retires.

article thumbnail

620 million accounts stolen from 16 hacked websites available for sale on the dark web

Security Affairs

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. The advertising for the sale of the huge trove of data was published in the popular Dream Market black marketplace, data are available for less than $20,000 worth of Bitcoin.

Sales 96
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

IBM embraces multicloud warehouse availability on AWS, adds elastic SMP

IBM Big Data Hub

The focus on customer needs for greater choice and flexibility is a constant at the IBM Think 2019 conference. Nowhere is this more evident than in IBM Hybrid Data Management, which supports data of any type, source and structure, be it on-premises or in the cloud.

Cloud 85
article thumbnail

Major Flaw in Runc Poses Mass Container Takeover Risk

Data Breach Today

Attackers Could 'Break Out' via Runc Flaw to Compromise All Containers on Host Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.

Risk 220
article thumbnail

Takeaways From CCPA Public Forums

Data Matters

When California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018, there was broad agreement that revisions and clarifications were necessary. The CCPA was written and enacted with extraordinary speed, as legislators felt the need to move quickly in order to preempt a data privacy ballot initiative that had received enough signatures to be placed on California’s November ballot.

Sales 74
article thumbnail

Experts found a way to create a super-malware implanted in SGX-enclaves

Security Affairs

Researchers devised a new technique to hide malware in the security Intel SGX enclaves, making it impossible to detect by several security technologies. Security researchers devised a new technique to hide malware in the security Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a technology for application developers that allows protecting select code and data from disclosure or modification.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Artificial Intelligence: Start with the data and be digital first

OpenText Information Management

Many organizations around the world are looking to implement artificial intelligence (AI) into their day-to-day business practices. But if you’re new to AI, it can be difficult to know how to get started. According to Lalith Subramanian VP, Engineering, Analytics at OpenText™, organizations looking to implement AI should start with their data. “I always tell people … The post Artificial Intelligence: Start with the data and be digital first appeared first on OpenText Blogs.

article thumbnail

US Air Force Veteran Charged in Iran Hacking Scheme

Data Breach Today

Monica Witt Allegedly Aided Spear-Phishing Attacks Against US Military A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government.

Military 210
article thumbnail

How to improve your cyber resilience

IT Governance

Cyber resilience isn’t something you can buy. It’s not as simple as finding off-the-shelf tools to plug into your organisation. Rather, you must tailor your approach to your needs, assessing the way any one solution affects the whole. That may sound daunting, but when cyber resilience is done right, your cyber security and incident response strategy will seem straightforward.

Risk 83