Sat.May 11, 2019 - Fri.May 17, 2019

How Hackers Broke WhatsApp With Just a Phone Call

WIRED Threat Level

All it took to compromise a smartphone was a single phone call over WhatsApp. The user didn't even have to pick up the phone. Security Security / Cyberattacks and Hacks

IT 93

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

$63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018.

How to create an ethical framework for artificial intelligence

Information Management Resources

Such frameworks ensure that AI continues to lead to the best decisions, without unintended consequences or misuse of data and analytics. Artificial intelligence Corporate ethics Machine learning

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

A Tough Week for IP Address Scammers

Krebs on Security

In the early days of the Internet, there was a period when Internet Protocol version 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked.

More Trending

Why Are Cryptographers Being Denied Entry into the US?

Schneier on Security

In March, Adi Shamir -- that's the "S" in RSA -- was denied a US visa to attend the RSA Conference. He's Israeli. This month, British citizen Ross Anderson couldn't attend an awards ceremony in DC because of visa issues. You can listen to his recorded acceptance speech.)

A Cisco Router Bug Has Massive Global Implications

WIRED Threat Level

Researchers have discovered a way to break one of Cisco's most critical security features, which puts countless networks at potential risk. Security Security / Cyberattacks and Hacks

Risk 112

Feds Target $100M ‘GozNym’ Cybercrime Network

Krebs on Security

Intel's 'ZombieLoad' Fixes May Slow Processors by 9 Percent

Data Breach Today

CPUs Shipped From 2011 Onward Have Flaws of the Meltdown and Spectre Variety Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments.

Cloud 260

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

More Attacks against Computer Automatic Update Systems

Schneier on Security

Last month, Kaspersky discovered that Asus's live update system was infected with malware , an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers.

Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs

WIRED Threat Level

Two different groups of researchers found another speculative execution attack that can steal all the data a CPU touches. Security Security / Cyberattacks and Hacks

Groups 109

Strengthening Our Salesforce Capabilities with Sundog Interactive

Perficient Data & Analytics

Today, Perficient announced it is planning to acquire Sundog Interactive, an award-winning marketing and technology consulting firm that delivers Salesforce solutions to the world’s leading manufacturers.

Equifax's Data Breach Costs Hit $1.4 Billion

Data Breach Today

Massive 2017 Breach Continues to Bite the Credit Reporting Giant's Bottom Line Equifax has reported a loss in its latest quarter due to ongoing incident response, legal, investigative and corporate information security overhaul costs resulting from its 2017 data breach.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Reverse Engineering a Chinese Surveillance App

Schneier on Security

Human Rights Watch has reverse engineered an app used by the Chinese police to conduct mass surveillance on Turkic Muslims in Xinjiang. The details are fascinating, and chilling. Boing Boing post. china privacy reverseengineering surveillance

Expert discovered how to brick all Samsung mobile phones

Security Affairs

The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones. French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones.

How To 105

Introducing OpenText Enterprise World Learn Paths

OpenText Information Management

OpenText™ Enterprise World has always been a best place to get detailed information and expert advice on the latest OpenText products and solutions.

Demo 97

Attackers Exploit WhatsApp Flaw to Auto-Install Spyware

Data Breach Today

Immediate App Updating Required to Protect Apple and Android Device Users Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group.

Groups 255

Another Intel Chip Flaw

Schneier on Security

Remember the Spectre and Meltdown attacks from last year? They were a new class of attacks against complex CPUs, finding subliminal channels in optimization techniques that allow hackers to steal information. Since their discovery, researchers have found additional similar vulnerabilities.

IT 103

Chinese state-sponsored hackers breached TeamViewer in 2016

Security Affairs

The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel.

Groups 101

BYOE offers Data Security and Compliance in the Cloud

Thales eSecurity

We are seeing more organizations use a ‘lift and shift’ policy, where data is moved to the cloud to satisfy project requirements. But safe migration to the cloud requires that the process be secure, compliant and easy to implement.

FBI and Europol Disrupt GozNym Malware Attack Network

Data Breach Today

6 Suspects Arrested on Money Laundering, Malware-Writing or Fraud Charges Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym.

246
246

WhatsApp Vulnerability Fixed

Schneier on Security

WhatsApp fixed a devastating vulnerability that allowed someone to remotely hack a phone by initiating a WhatsApp voice call. The recipient didn't even have to answer the call.

Experts found a remote-code execution flaw in SQLite

Security Affairs

Researchers at Cisco Talos discovered an use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device.

WhatsApp urges users to update app after massive security failure

IT Governance

If you’ve recently had a missed call on WhatsApp from a number you didn’t recognise, cyber criminals might be spying on you. The Facebook-owned app has admitted that cyber criminals have exploited a major vulnerability in its voice call function and are planting spyware on users’ phones.

Nigerian BEC Scammers Use Malware to Up the Ante

Data Breach Today

Business Email Compromise Schemes Get More Sophisticated A growing area of concern for security researchers is a new crop of business email compromise schemes originating from Nigeria, with scammers upping their game by using new malware.

BEST PRACTICES: The case for ‘adaptive MFA’ in our perimeter-less digital environment

The Last Watchdog

One of the catch phrases I overheard at RSA 2019 that jumped out at me was this: “The internet is the new corporate network.” Related: ‘Machine identities’ now readily available in the Dark Net Think about how far we’ve come since 1999, when the Y2K scare alarmed many, until today, with hybrid cloud networks the norm. There’s no question the benefits of accelerating digital transformation are astounding.

Hacking the ‘Unhackable’ eyeDisk USB stick

Security Affairs

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way.

Connected healthcare: Why mobility matters to the clinician

DXC Technology

by Dr. Shainal Nathoo Technology experts will often talk about the benefits of mobility in healthcare, but to understand why mobility matters and how it might improve both workflow and clinical benefits for patients, it’s vital to get a user’s perspective.

IT 95

Surge in JavaScript Sniffing Attacks Continues

Data Breach Today

Forbes Subscription Site, Picreel and CloudCMS All Hit This Week The magazine subscription page for Forbes magazine and two web service platforms were hit with separate skimming attacks this week, security researchers say.

Microsoft’s First Windows XP Patch in Years Is a Very Bad Sign

WIRED Threat Level

A very bad vulnerability in Windows XP could have serious ramifications, even with a patch. Security Security / Cyberattacks and Hacks

Millions of computers powered by Intel chips are affected by MDS flaws

Security Affairs

Millions of computers powered by Intel processors are affected by a new class of vulnerabilities ( MDS ) that can leak potentially sensitive data.