Sat.Oct 05, 2019 - Fri.Oct 11, 2019

Most Americans Fail Cybersecurity Quiz

Threatpost

Study participants fail to correctly identify core security concepts and tools to help them stay safe online. Facebook Mobile Security Privacy Vulnerabilities Web Security 2FA americans cybersecurity awareness HTTPS Instagram Pew Research Center Phishing WhatsApp

Never Trust a Platform to Put Privacy Ahead of Profit

WIRED Threat Level

Tech firms know more about us than any spy agency – ex-GCHQ chief

The Guardian Data Protection

IT 80

Unpatched VPN Servers Targeted by Nation-State Attackers

Data Breach Today

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

SHARED INTEL: What it takes to preserve business continuity, recover quickly from a cyber disaster

The Last Watchdog

To pay or not to pay? That’s the dilemma hundreds of organizations caught in the continuing surge of crippling ransomware attacks have faced. Related: How ransomware became such a scourge The FBI discourages it, as you might have guessed. What’s more, the U.S.

More Trending

Own Your Cloud Security

Thales eSecurity

It’s hard to believe it’s mid-October. Along with autumn, comes National Cybersecurity Awareness Month (NCSAM). The NCSAM 2019 focuses on personal accountability. Driven through mass public engagement, the ‘Own IT. Secure. Protect IT.’

Cloud 119

How Cybercriminals Continue to Innovate

Data Breach Today

Europol Report: Ransomware, DDoS, Business Email Compromises Are Persistent Threats Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency.

MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

The Last Watchdog

Cloud Access Security Brokers – aka “caz-bees” — have come a long way in a short time. CASBs, a term coined by tech industry consultancy Gartner, first cropped about seven years ago to help organizations enforce security and governance policies as they commenced, in earnest, their march into the cloud.

Risk 162

Planting Tiny Spy Chips in Hardware Can Cost as Little as $200

WIRED Threat Level

A new proof-of-concept hardware implant shows how easy it may be to hide malicious chips inside IT equipment. Security Security / Cyberattacks and Hacks

IT 114

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Details on Uzbekistan Government Malware: SandCat

Schneier on Security

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers.

FBI: Cybercriminals Are Bypassing Multifactor Authentication

Data Breach Today

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections

NEW TECH: Human operatives maintain personas, prowl the Dark Net for intel to help companies

The Last Watchdog

It seems like any discussion of cybersecurity these days invariably circles back to automation. Our growing fixation with leveraging artificial intelligence to extract profits from Big Data – for both constructive and criminal ends—is the order of the day.

Researchers released a free decryptor for the Nemty Ransomware

Security Affairs

Good news for the victims of the Nemty Ransomware , security researchers have released a free decryptor that could be used to recover files.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Wi-Fi Hotspot Tracking

Schneier on Security

Free Wi-Fi hotspots can track your location , even if you don't connect to them. This is because your phone or computer broadcasts a unique MAC address.

Capital One Hacking Trial Delay Likely

Data Breach Today

Prosecutors, Defense Attorneys Ask Judge for Delay, Citing Massive Amounts of Data to Review Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A.

209
209

A Controversial Plan to Encrypt More of the Internet

WIRED Threat Level

The road to routing all Domain Name System lookups through HTTPS is pocked with disagreements over just how much it will help. Security Security / Privacy

Hackers compromised Volusion infrastructure to siphon card details from thousands of sites

Security Affairs

Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users.

Cloud 113

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

New Reductor Nation-State Malware Compromises TLS

Schneier on Security

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor.

Compliance: Mississippi State Agencies Have a Long Way to Go

Data Breach Today

7 Cybersecurity Threats That Can Sneak Up on You

WIRED Threat Level

From rogue USB sticks to Chrome extensions gone wild, here is a quick guide to some basic risks you should look out for. Security Security / Security Advice

Risk 114

D-Link router models affected by remote code execution issue that will not be fixed

Security Affairs

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920.

Illegal Data Center Hidden in Former NATO Bunker

Schneier on Security

Interesting : German investigators said Friday they have shut down a data processing center installed in a former NATO bunker that hosted sites dealing in drugs and other illegal activities. Seven people were arrested. [.].

Health Data Breach Tally: Ransomware Proliferates

Data Breach Today

Here's An Update on Additions to the 'Wall of Shame' Ransomware attacks are among the largest incidents added to the federal tally of major health data breaches in recent weeks. Attacks on a variety of clinics affected a total of more than 1 million individuals

FBI Warns of Cyber Attacks on Multi-Factor Authentication

Adam Levin

The FBI is warning businesses about a new series of cyberattacks that can circumvent multi-factor authentication (MFA).

UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities

Security Affairs

The UK’s National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure.

Speakers Censored at AISA Conference in Melbourne

Schneier on Security

Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. Thomas Drake , former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate.

New Zealand Breach May Affect 1 Million

Data Breach Today

Health Data Breach Could Have Started as Early as 2016 Officials in New Zealand are investigating one or more data breaches at a healthcare provider that could have affected nearly 1 million patients.