The Last Watchdog

MARCH 29, 2019

A discussion of how – and why – adversaries are using artificial intelligence to juice up malicious activities. When antivirus (AV) software first arrived in the late 1980s, the science of combating computer viruses was very straightforward. AV kept close track of known malicious files, and then quarantined or deleted any known malware that had managed to embed itself on the protected computing device.

Artificial Intelligence 113

Artificial Intelligence Cybersecurity Phishing Security 113

Adam Levin

MARCH 28, 2019

Florida police officer Leonel Marines resigned after a police investigation revealed the 12-year veteran of the Bradenton Police Department had been using police databases like a dating app to locate potential women for fun and maybe more. He’d been doing it for years. While it’s surprising this 5-0 Romeo actually got some dates playing fast and loose with his access to driver’s license and vehicle registration databases, the more shocking thing about this story is that it co

Cybersecurity 73

Cybersecurity Access Privacy IT 73

Data Breach Today

MARCH 27, 2019

Norwegian Aluminum Maker Still Fighting LockerGoga Ransomware Attack Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online.

Ransomware 259

Ransomware Manufacturing IT 259

Krebs on Security

MARCH 29, 2019

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems at dozens of restaurants, including some locations of its other brands such as Earl of Sandwich and Planet Hollywood.

Sales 247

Sales Data breaches Retail IT 247

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

The Last Watchdog

MARCH 28, 2019

A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts. In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods.

IoT 263

IoT Mining Manufacturing Security 263

Data Breach Today

MARCH 28, 2019

SonicWall's Bill Conner on Side-Channel Attacks and Other Emerging Threats The information security world has been beset by the emergence of multiple side-channel attacks, including Meltdown, Spectre and most recently Spoiler, that have proven difficult to fully fix, says Bill Conner, president and CEO of SonicWall.

Security 259

Security Information Security 259

Krebs on Security

MARCH 29, 2019

Tyler Barriss , a 26-year-old California man who admitted making a phony emergency call to police in late 2017 that led to the shooting death of an innocent Kansas resident, has been sentenced to 20 years in federal prison. Tyler Barriss, in an undated selfie. Barriss has admitted to his role in the Kansas man’s death, as well as to dozens of other non-fatal “swatting” attacks.

Communications 185

Communications IT 185

The Last Watchdog

MARCH 25, 2019

Remember when software used to come on CDs packaged in shrinked-wrapped boxes, or even before that, on floppy disks? Related: Memory-based attacks on the rise. If you bought a new printer and wanted it to work on your desktop PC, you’d have to install a software driver, stored on a floppy disk or CD, to make that digital handshake for you. Today software is developed and deployed in the cloud, on the fly.

Digital transformation 154

Digital transformation Security Cloud Authentication 154

Security Affairs

MARCH 23, 2019

Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. The security experts Amat Cama and Richard Zhu of team Fluoroacetate, earned $35,000 for their exploit, along with the Tesla they hacked.

Security 111

Security 111

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Data Breach Today

MARCH 29, 2019

Phosphorus Group Waged Spear-Phishing Campaign, Company Reports Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with Iranian hackers." Following court approval, it is taking control of 99 website domains allegedly used by the attackers as part of an ongoing spear-phishing campaign.

Phishing 243

Phishing IT 243

Schneier on Security

MARCH 27, 2019

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good job at it. In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

Security 110

Security Passwords IT 110

The Last Watchdog

MARCH 26, 2019

One way to grasp how digital transformation directly impacts the daily operations of any organization – right at this moment — is to examine the company’s application environment. Related: How new exposures being created by API sprawl. Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality – and you’ll find employees, partners, third-party suppliers and customers all demanding remote access to an

Security 145

Security Digital transformation Financial Services Risk 145

Security Affairs

MARCH 25, 2019

It is a battle with no holds barred between T-Series and PewDiePie, their fans are spreading the PewDiePie ransomware to force users to subscribe to PewDiePie Youtube channel. The story I’m going to tell you is another chapter of the battle between the most followed Youtuber T-Series and PewDiePie. T-Series is an Indian music company, while PewDiePie a Youtuber whom fans are accused to use any means to increase the number of subscribers to its channel.

Ransomware 110

Ransomware Encryption Security Access 110

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

MARCH 26, 2019

Report: Poor Asus Security Allowed Its PCs to be Infected with Backdoors A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.

Security 231

Security IT 231

Dark Reading

MARCH 26, 2019

Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.

Security 109

Security 109

Schneier on Security

MARCH 29, 2019

This is an interesting story of a serious vulnerability in a Huawei driver that Microsoft found. The vulnerability is similar in style to the NSA's DOUBLEPULSAR that was leaked by the Shadow Brokers -- believed to be the Russian government -- and it's obvious that this attack copied that technique. What is less clear is whether the vulnerability -- which has been fixed -- was put into the Huwei driver accidentally or on purpose.

Government 107

Government IT 107

Security Affairs

MARCH 29, 2019

Commando VM — Turn Your Windows Computer Into A Hacking Machine. FireEye released Commando VM , a Windows-based security distribution designed for penetration testers that intend to use the Microsoft OS. FireEye released Commando VM , the Windows-based security distribution designed for penetration testing and red teaming. FireEye today released an automated installer called Commando VM (Complete Mandiant Offensive VM) , it is an automated installation script that turns a Windows operating sy

Passwords 106

Passwords Libraries Security IT 106

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Data Breach Today

MARCH 27, 2019

Socure's Tom Thimot and George Tubin on Securing Identity As fraud has shifted over the past decade from basic account takeover to synthetic identities and new account fraud, so has the field of identity protection evolved. Tom Thimot and George Tubin of Socure say they are here to disrupt the industry.

Security 219

Security 219

Jamf

MARCH 28, 2019

The integration with Google Cloud allows IT admins to easily set up and manage local educator and student Mac accounts, while also requiring users to authenticate with their G Suite credentials. Read more.

Cloud 106

Cloud Education Authentication IT 106

IBM Big Data Hub

MARCH 26, 2019

IBM announced Informix V14.10 at Think 2019, revealing a host of new capabilities to clients and partners in attendance. Now, after beta testing with more than 25 customers and partners, it is available to the public.

IT 104

IT 104

OpenText Information Management

MARCH 29, 2019

The digital twin is one of the fastest growing applications of Industrial IoT technology. It creates a complete digital replica of a physical object and uses the twin as the main point of digital communication. Today, almost a half of organizations using IoT say they already have or are planning to adopt digital twins. Without … The post Five use cases for digital twins in manufacturing appeared first on OpenText Blogs.

Manufacturing 103

Manufacturing IoT Communications Digital transformation 103

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

Data Breach Today

MARCH 28, 2019

Kory Daniels of Trustwave on Scaling Security at the Speed of Business Identifying the data gaps in the rapidly expanding attack surface is critical to allow more sophisticated preventive and response capabilities, says Kory Daniels of Trustwave.

Digital transformation 217

Digital transformation Security 217

Security Affairs

MARCH 27, 2019

Operation SaboTor – A coordinated operation conducted by law enforcement agencies from Europe, Canada, and the United States targeted vendors and buyers of illegal goods on dark web marketplaces. The international operations, dubbed operation SaboTor, involved 17 countries, notably Germany, the Netherlands, Austria, and Portugal. “During the course of this operation, international law enforcement agencies made 61 arrests and shut down 50 dark web accounts used for illegal activity.&#

Marketing 101

Marketing Security 101

IT Governance

MARCH 29, 2019

A recent report has found that just 15% of IT decision makers in small organisations “completely agree” that their employees have a good understanding of cyber security, and 20% believe their employees don’t care about cyber security at all. What’s more worrying is that despite these concerns, just 26% have introduced cyber security training for their employees. 15% stated that they “haven’t got around to it yet” while 5% think additional training should be offered but confessed that “they didn’

Security 101

Security Security awareness Risk Information Security 101

Schneier on Security

MARCH 28, 2019

Kaspersky Labs is reporting on a new supply chain attack they call "Shadowhammer.". In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. [.]. The goal of the attack was to surgically target an unknown pool of users, which were identified by their network adapters' MAC addresses.

Security 100

Security IT 100

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Breach Today

MARCH 27, 2019

Blueliv's Liv Rowley Reviews the Latest Fraud, Malware, Credential Theft Trends Some 96 percent of all compromised payment cards have been issued by U.S. banks, reflecting not only the prevalence of credit cards held by Americans, but the relative ease with which they can be used for fraud, says Liv Rowley, a threat intelligence analyst at Blueliv.

212

212

Security Affairs

MARCH 26, 2019

Good news for the victims of the Hacked Ransomware, the security firm Emsisoft has released a free decryptor to decrypt the data of infected computers. Security experts at Emsisoft released a free decryptor for the Hacked Ransomware. The Hacked Ransomware was first spotted in 2017, it appends.hacked extension to the encrypted files and includes ransom notes in Italian, English, Spanish, and Turkish.

Encryption 100

Encryption Ransomware Security IT 100

Adam Levin

MARCH 29, 2019

The email addresses and personal information of 982 million people were compromised in a leak from an unsecured database. The database belonged to Verifications.io, an “email validation service” that aggregates and sells information about the validity and associated personal data associated with email lists. Security researcher Bob Diachenko found the information in an unsecured 150GB-sized MongoDB database.

Data breaches 96

Data breaches Personal data Access Security 96