Sat.May 18, 2019 - Fri.May 24, 2019

Facial Recognition Has Already Reached Its Breaking Point

WIRED Threat Level

Facial recognition technology has proliferated unchecked in the US so far. Congress finally seems ready to do something about it. Security Security / Privacy

IT 102

Database May Have Exposed Instagram Data for 49 Million

Data Breach Today

Email Addresses, Phone Numbers Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.

Legal Threats Make Powerful Phishing Lures

Krebs on Security

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else.

GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value

The Last Watchdog

Social media consumers are getting wise to the joke that when the product is free, they’re the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants.

Blog 218

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

Germany Talking about Banning End-to-End Encryption

Schneier on Security

Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn't say how.

More Trending

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity.

MY TAKE: Android users beware: Google says ‘potentially harmful apps’ on the rise

The Last Watchdog

Even if your company issues you a locked-down smartphone, embracing best security practices remains vital Our smartphones. Where would we be without them? Related Q&A: Diligence required of Android users If you’re anything like me, making a phone call is the fifth or sixth reason to reach for your Android or iPhone.

Tips 121

PayPal's Beautiful Demonstration of Extended Validation FUD

Troy Hunt

Sometimes the discussion around extended validation certificates (EV) feels a little like flogging a dead horse. In fact, it was only September that I proposed EV certificates are already dead for all sorts of good reasons that have only been reinforced since that time.

Google Stored Unhashed G Suite Passwords for Years

Data Breach Today

Passwords Remained Encrypted for Enterprise Users Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Account Hijacking Forum OGusers Hacked

Krebs on Security

Ogusers[.]com

Google Glitch Left Passwords Unprotected for 14 Years

Adam Levin

Google announced a glitch that stored unencrypted passwords belonging to several business customers, a situation that had been exploitable since 2005.

Fingerprinting iPhones

Schneier on Security

This clever attack allows someone to uniquely identify a phone when you visit a website, based on data from the accelerometer, gyroscope, and magnetometer sensors. We have developed a new type of fingerprinting attack, the calibration fingerprinting attack.

Paper 108

Is Healthcare Sector Better Prepared for Ransomware Attacks?

Data Breach Today

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Google Tracks What You Buy Online With Gmail

WIRED Threat Level

Adobe fixes, an executive order, and more of the week's top security news. Security Security / Security News

Unistellar attackers already wiped over 12,000 MongoDB databases

Security Affairs

Unistellar attackers have already wiped roughly 12,000 unsecured MongoDB databases exposed online over the past three. Every time hackers deleted a MongoDB database they left a message asking the administrators to contact them to restore the data.

Thangrycat: A Serious Cisco Vulnerability

Schneier on Security

Summary : Thangrycat is caused by a series of hardware design flaws within Cisco's Trust Anchor module.

Security at the Speed of the Cloud

Data Breach Today

McKinsey CISO Dan Fitzgerald on DevSecOps and the Future of Cloud Security Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co.,

Cloud 218

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

We Are Tenants on Our Own Devices

WIRED Threat Level

It's time to assert our sovereignty over our own stuff. Security Security / Privacy

IT 98

Chronicle experts spotted a Linux variant of the Winnti backdoor

Security Affairs

Security researchers from Chronicle, Alphabet’s cyber-security division, have spotted a Linux variant of the Winnti backdoor. Security experts from Chronicle, the Alphabet’s cyber-security division, have discovered a Linux variant of the Winnti backdoor.

Open the Gates for Next-Gen Loyalty

Reltio

Ankur Gupta, Sr. Product Marketing Manager, Reltio. I was in Boston last week. Coincidently, Martha had dropped a mail and wanted to talk. So I decided to take the opportunity and meet her.

Misconfigured IT (Again) Leads to Big Health Data Breach

Data Breach Today

Did Company Also Bungle Notification for Some Victims Impacted? A misconfigured IT setting has landed a Puerto Rico-based clearinghouse and cloud software services vendor at the top of federal regulators' list of largest health data breaches so far this year.

Avoiding cyber attacks while on the road to digital transformation

DXC Technology

No matter where your organization may be on its digital transformation journey, beware the dangers lurking along the way.

One Year After GDPR: Significant Rise on Data Breach Reporting from European Businesses

Thales eSecurity

It’s been one year since the European Union (EU) enforced the General Data Protection Regulation (GDPR) 1 , a legislation designed to protect the personal data of EU citizens and lay specific rules and guidelines on how their data is collected, stored, processed and deleted by various entities.

Chronicle’s study reveals CAs that issued most certificates to sign malware samples on VirusTotal

Security Affairs

Most of the digital certificates used to sign malware samples found on VirusTotal have been issued by the Certificate Authority (CA) Comodo CA.

Study 88

Lack of Secure Coding Called a National Security Threat

Data Breach Today

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

How Technology and Politics Are Changing Spycraft

Schneier on Security

Interesting article about how traditional nation-based spycraft is changing.

Google Has Stored Some Passwords in Plaintext Since 2005

WIRED Threat Level

On the heels of embarrassing disclosures from Facebook and Twitter, Google reveals its own password bugs—one of which lasted 14 years. Security Security / Security News

Data belonging to Instagram influencers and celebrities exposed online

Security Affairs

A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers , celebrities and brand accounts has been found online.

Phishing: Mitigating Risk, Minimizing Damage

Data Breach Today

In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage

How Document Scanning Can Improve Productivity at Your Workplace

AIIM

Companies are always looking for ways to make their workplace more productive and efficient and to reduce costs. Document management has an important part to play here. A survey conducted in 2012 showed that 21.3%