Sat.Jan 05, 2019 - Fri.Jan 11, 2019

Government Shutdown: Experts Fear Deep Cybersecurity Impact

Data Breach Today

Readiness, Morale, Investigations and Recruitment at Risk as Standoff Persists The U.S.

Machine Learning to Detect Software Vulnerabilities

Schneier on Security

No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how , or when.

No, Spotify Wasn't Hacked

Troy Hunt

Dirt-Cheap, Legit, Windows Software: Pick Two

Krebs on Security

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition.

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.

Port Covington, MD re-emerges as ‘CyberTown, USA’ — ground zero for cybersecurity research

The Last Watchdog

When CyberTown, USA is fully built out, it’s backers envision it emerging as the world’s premier technology hub for cybersecurity and data science. DataTribe , a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project , which broke ground last October in Port Covington, MD, once a bustling train stop on the south side of Baltimore.

More Trending

Secret Service: Theft Rings Turn to Fuze Cards

Krebs on Security

Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards , a smartcard technology that allows users to store dozens of cards on a single device, the U.S.

Retail 207

Feds Urge Private Sector 'Shields Up' Against Hackers

Data Breach Today

Trump Administration Warns of Economic Espionage Risk From China, Russia, Iran The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S.

Risk 235

Q&A: Why emerging IoT platforms require the same leading-edge security as industrial controls

The Last Watchdog

The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the golden age of cyber espionage is upon us.

IoT 144

Tens of thousands of hot tubs are exposed to hack

Security Affairs

Experts from security firm Pen Test Partners reported that tens of thousands of hot tubs are currently vulnerable to cyber attacks. Security experts at Pen Test Partners have discovered thousands of connected hot tubs vulnerable to remote cyber attacks.

Patch Tuesday, January 2019 Edition

Krebs on Security

Microsoft on Tuesday released updates to fix roughly four dozen security issues with its Windows operating systems and related software. All things considered, this first Patch Tuesday of 2019 is fairly mild, bereft as it is of any new Adobe Flash updates or zero-day exploits.

Tips 164

Lessons From Report on Massive Singapore Healthcare Hack

Data Breach Today

Analysis of SingHealth Attack Offers Recommendations That Could Be Applied Wordwide A variety of security weaknesses contributed to a massive 2017 health data security breach in Singapore, according to a new report.

Do you have a data breach response plan?

IT Governance

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection.

Three security bugs found in the popular Linux suite systemd

Security Affairs

Experts disclosed three flaws in the systemd , a software suite that provides fundamental building blocks for Linux operating systems.

Government Shutdown Hampers Cybersecurity

Adam Levin

The ongoing shutdown of the U.S. Government has impacted federal cybersecurity according to several reports.

Marriott Mega-Breach: Victim Count Drops to 383 Million

Data Breach Today

Hotel Giant Warns 5.3 Million Unencrypted Passport Numbers Also Stolen Marriott International's digital forensic investigation now counts not 500 million but an "upper limit" of 383 million customers affected by the four-year mega-breach of its Starwood reservations system.

IT 212

Germany’s cyber security authority criticised for failing to disclose data breach

IT Governance

Germany’s BSI (Federal Office for Information Security) has come under fire for its alleged mishandling of a security incident in which the personal details of almost a thousand public figures, including Chancellor Angela Merkel, were stolen and published online. .

Coinbase suspended Ethereum Classic (ETC) trading after a successful 51% attack

Security Affairs

The cryptocurrency exchange Coinbase suspended the trading of Ethereum Classic (ETC) after double-spend attacks worth $1.1 Million. The cryptocurrency exchange Coinbase has suspended the trading of Ethereum Classic (ETC) after double-spend attacks that consist in spending digital coins twice.

Quiet Lawsuit in Pennsylvania May Create a Groundbreaking Data Security Priority Shift. Are You Ready?

Thales eSecurity

Personally, I find the daily announcement of a company losing control of their employees’, partners’, or customers’ data depressing. My home state, California had 259 formally reported breaches in 2018 alone!

Risk 89

Encryption: Avoiding the Pitfalls That Can Lead to Breaches

Data Breach Today

Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps. Experts offer insights on making the right moves

Cyber resilience and the GDPR

IT Governance

We recently discussed the changing threat landscape and the need for all organisations to adopt a cyber resilience approach. This is essentially the combination of cyber security measures to prevent data breaches and business continuity measures to respond quickly when incidents can’t be stopped.

GDPR 97

Did Aurora Ransomware infect you? You can decrypt file for free

Security Affairs

Victims of the Aurora Ransomware could use a decryptor tool developed by the popular malware researcher Michael Gillespie to decrypt their data for free.

Linkedin Learning: Producing a Video

Adam Shostack

My Linkedin Learning course is getting really strong positive feedback. Today, I want to peel back the cover a bit, and talk about how it came to be. Before I struck a deal with Linkedin, I talked to some of the other popular training sites.

Video 83

German Police Identify Suspect Behind Massive Data Leak

Data Breach Today

Data 193

Solve fundamental IT issues within your business

IT Governance

As a framework in your business, governing your IT effectively helps ensure your organisation’s IT infrastructure supports and enables the corporate strategies and objectives.

IT 86

High Severity DoS bug affects Several Yokogawa products

Security Affairs

A serious DoS flaw affects several industrial automation products manufactured by the Yokogawa Electric. The DoS vulnerability in several Yokogawa Electric products affects the Open Communication Driver for Vnet/IP, a real-time plant network system for process automation.

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

A potentially problematic challenge for industry and legislators is the apparent tension between privacy rights and the rapid adoption of blockchain-based applications which are expected to reach $10.6 billion in revenue by 2023.

BEC Scam Leads to Theft of $18.6 Million

Data Breach Today

Chinese Hackers Stole From Indian Unit of Italian Firm In a case of business email compromise, Chinese hackers stole $18.6 million from the Indian arm of Tecnimont SpA, an Italian engineering company, through an elaborate cyber fraud scheme that included impersonating the firm's chief executive

180
180

Xerox Production Scanner Turns Heads with Breakthrough Technology and Disruptive Economics

Document Imaging Report

PLEASANTON, Calif., 8, 2019 – From showstopping parallel scanning technology to image enhancement capabilities, the Xerox DocuMate ® 6710 Scanner hosts the innovations to help customers accelerate towards their digital transformation goals.

Nine 2019 Cybersecurity Predictions

Security Affairs

Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives and livelihoods.

Security Vulnerabilities in Cell Phone Systems

Schneier on Security

Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged their feet when it comes to blocking cell-site simulators and SS7 attacks.

Neiman Marcus Settles Lawsuit Over Payment Card Breach

Data Breach Today

Agreement With 43 States Requires Retailer to Use Encryption, Tokenization Forty-three states have reached a settlement with Neiman Marcus over its 2013 data breach, one of several breaches from that period blamed on in-memory malware. The retailer will pay $1.5

Retail 178

Mueller Investigation 2019: Indictments, Witnesses, and More

WIRED Threat Level

The special counsel has lots of unfinished business on his to-do list this year, including a final report. Here's a rundown. Security

Ironic turn … Kaspersky Labs helped NSA to catch alleged data thief

Security Affairs

Kaspersky was a long accused to support Russian intelligence, in an ironic turn, source now revealed it helped to catch alleged NSA data thief.