Sat.May 25, 2019 - Fri.May 31, 2019

Is your organisation equipped for long-term GDPR compliance?

IT Governance

Last week, the GDPR (General Data Protection Regulation) turned one year old.

GDPR 70

Focusing on Endpoints: 5 Steps to Fight Cybercrime

Dark Reading

Follow these best practices to strengthen endpoint management strategies and protect company data

America is losing its memory

IG Guru

By T.J. StilesMay 7 via the Washington Post T.J. Stiles received the 2016 Pulitzer Prize for History, the 2010 Pulitzer Prize for Biography and the 2009 National Book Award for Nonfiction.

IT 63

Business Associates Reminded of HIPAA Duties

Data Breach Today

New Guidance Clarifies BA's Responsibility to Safeguard PHI Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails?

More Trending

GUEST ESSAY: Only cloud-based security can truly protect cloud-delivered web applications

The Last Watchdog

Web applications have become central for the existence and growth of any business. This is partly the result of Software as a Service, or SaaS, becoming a preferred mode of consumption for software services.

Cloud 162

1 Million Windows Devices 'Vulnerable to Remote Desktop Flaw'

Data Breach Today

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation.

Google white hat hacker found code execution flaw in Notepad

Security Affairs

The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft’s Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft’s Notepad text editor.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

The Human Cost of Cyberattacks

Schneier on Security

The International Committee of the Red Cross has just published a report: " The Potential Human Cost of Cyber-Operations." It's the result of an "ICRC Expert Meeting" from last year, but was published this week. Here's a shorter blog post if you don't want to read the whole thing.

Checkers, Rally's Burger Joints Hit By POS Malware

Data Breach Today

Infections Started in 2015 and Ran Through April Checkers Drive-In Restaurants says 102 of its 900 U.S. locations were hit with point-of-sale malware, with one California restaurant infected over a more than two-year period starting in December 2015.

Retail 235

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Krebs on Security

Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software.

Tools 202

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Security Affairs

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Fraudulent Academic Papers

Schneier on Security

The term "fake news" has lost much of its meaning, but it describes a real and dangerous Internet trend. Because it's hard for many people to differentiate a real news site from a fraudulent one, they can be hoodwinked by fictitious news stories pretending to be real.

Paper 98

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple.

Seven Microservices Identity Questions to Secure your Data

Thales eSecurity

As I noted in my last blog post , containers, which are now pervasive in enterprises, are ephemeral, and microservices frameworks like Kubernetes treat them as such. Data security is a complex subject, and, unfortunately, microservices only add to the complexity.

Using Public Wi-Fi? Your data can be hacked easily! Here’s How…

Security Affairs

Public Wi-Fi is easily accessible by everyone, as much as free surfing sounds cool, it is risky as well. Let’s see how your data can be hacked easily. In the contemporary world of networking, Wi-Fi has become a vital commodity.

First American Financial Corp. Data Records Leak

Schneier on Security

Krebs on Security is reporting a massive data leak by the real estate title insurance company First American Financial Corp.

Microsoft Sounds Second Alarm Over BlueKeep Vulnerability

Data Breach Today

Security Experts Warn Exploits Are Coming Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems.

Kofax Launches Intelligent Automation Software Platform and Marketplace to Advance Future-of-Work Initiatives for Hyper-Connected Enterprises

Document Imaging Report

Industry’s First Integrated, AI-Enabled Platform Ecosystem Automates End-To-End Business Operations at Scale.

BlueKeep scans observed from exclusively Tor exit nodes

Security Affairs

GreyNoise experts detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability from exclusively Tor exit nodes.

Belgium: Belgian Data Protection Authority issues its first fine

DLA Piper Privacy Matters

By Patrick Van Eecke. The Belgian Data Protection Authority on Tuesday May 28 sanctioned a local politician with a fine of 2000 EUR for having abused e-mailaddresses of citizens for election purposes.

GDPR 93

Baltimore Ransomware Attack Triggers Blame Game

Data Breach Today

Debates Touch on NSA Exploit-Hoarding, City's Patch-Speed Failures, Windows Code Quality Reports that the city of Baltimore was attacked using a vulnerability in Windows originally stockpiled by the National Security Agency has triggered a blame game.

Data-Driven Enterprise Architecture: Why Enterprise Architects Need to Look at Data First

erwin

It’s time to consider data-driven enterprise architecture. The traditional approach to enterprise architecture – the analysis, design, planning and implementation of IT capabilities for the successful execution of enterprise strategy – seems to be missing something … data.

Hackers target MySQL databases to deliver the GandCrab ransomware

Security Affairs

Security experts at Sophos have detected a wave of attacks targeting Windows servers that are running MySQL databases with the intent of delivering the GandCrab ransomware.

How to Spring Clean Your Digital Clutter to Protect Yourself

WIRED Threat Level

You don't have to get your hands dirty to do the most important spring cleaning of the year. Security Security / Security Advice

Researcher Describes Docker Vulnerability

Data Breach Today

Access 210

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

IT Governance

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. The offender this time is the First American Financial Corp. which breached sixteen years’ worth of insurance data. That incident accounted for more than 60% of all of May’s breached records. In total, at least 1,389,463,242 records were compromised. That brings the annual running total to 7.28 billion and reduces the monthly average to 1.44 billion. Cyber attacks.

HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel

Security Affairs

Security experts at Intezer have discovered a new Linux malware tracked as ‘HiddenWasp’ that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions.

Mining 100

UCLA Health deploys Microsoft Azure to leverage big data

Information Management Resources

Healthcare system is adopting software giant’s cloud computing services to gain insights from vast clinical and genomic information. Cloud computing Big data EHR Patient data Genome sequencing Medical research Precision medicine Artificial intelligence Machine learning Predictive analytics

EHR Vendor Penalized Again, This Time by States

Data Breach Today