Sat.Oct 05, 2019 - Fri.Oct 11, 2019

Most Americans Fail Cybersecurity Quiz


Study participants fail to correctly identify core security concepts and tools to help them stay safe online. Facebook Mobile Security Privacy Vulnerabilities Web Security 2FA americans cybersecurity awareness HTTPS Instagram Pew Research Center Phishing WhatsApp

Never Trust a Platform to Put Privacy Ahead of Profit

WIRED Threat Level

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Tech firms know more about us than any spy agency – ex-GCHQ chief

The Guardian Data Protection

David Omand warns festival Cheltenham festival audience of threat to democracy from monetisation of data Big internet firms know more about the lives of private individuals than any intelligence agency ever has and that is a dangerous threat to democracy, the former head of the spy agency GCHQ has said. David Omand was at the centre of British intelligence for decades, beginning his career at GCHQ after he graduated from Cambridge in 1969 and becoming its director from 1996-97. Continue reading. GCHQ Data protection UK security and counter-terrorism Espionage Internet UK news

IT 94

Unpatched VPN Servers Targeted by Nation-State Attackers

Data Breach Today

Pulse Secure, Palo Alto and Fortinet Devices Being Hit by APT Groups, NCSC Warns Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

SHARED INTEL: What it takes to preserve business continuity, recover quickly from a cyber disaster

The Last Watchdog

To pay or not to pay? That’s the dilemma hundreds of organizations caught in the continuing surge of crippling ransomware attacks have faced. Related: How ransomware became such a scourge The FBI discourages it, as you might have guessed. What’s more, the U.S.

More Trending

Own Your Cloud Security

Thales eSecurity

It’s hard to believe it’s mid-October. Along with autumn, comes National Cybersecurity Awareness Month (NCSAM). The NCSAM 2019 focuses on personal accountability. Driven through mass public engagement, the ‘Own IT. Secure. Protect IT.’

Cloud 119

How Cybercriminals Continue to Innovate

Data Breach Today

Europol Report: Ransomware, DDoS, Business Email Compromises Are Persistent Threats Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency.

MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

The Last Watchdog

Cloud Access Security Brokers – aka “caz-bees” — have come a long way in a short time. CASBs, a term coined by tech industry consultancy Gartner, first cropped about seven years ago to help organizations enforce security and governance policies as they commenced, in earnest, their march into the cloud.

Risk 159

Planting Tiny Spy Chips in Hardware Can Cost as Little as $200

WIRED Threat Level

A new proof-of-concept hardware implant shows how easy it may be to hide malicious chips inside IT equipment. Security Security / Cyberattacks and Hacks

IT 114

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

D-Link router models affected by remote code execution issue that will not be fixed

Security Affairs

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920.

FBI: Cybercriminals Are Bypassing Multifactor Authentication

Data Breach Today

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections

NEW TECH: Human operatives maintain personas, prowl the Dark Net for intel to help companies

The Last Watchdog

It seems like any discussion of cybersecurity these days invariably circles back to automation. Our growing fixation with leveraging artificial intelligence to extract profits from Big Data – for both constructive and criminal ends—is the order of the day.

7 Cybersecurity Threats That Can Sneak Up on You

WIRED Threat Level

From rogue USB sticks to Chrome extensions gone wild, here is a quick guide to some basic risks you should look out for. Security Security / Security Advice

Risk 114

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Researchers released a free decryptor for the Nemty Ransomware

Security Affairs

Good news for the victims of the Nemty Ransomware , security researchers have released a free decryptor that could be used to recover files.

Compliance: Mississippi State Agencies Have a Long Way to Go

Data Breach Today

Audit Finds Agencies Not Following State's Cybersecurity Law The personal data of Mississippi citizens is susceptible to breaches because many state agencies, universities and other organizations are failing to comply with all the mandates of the state's cybersecurity law, according to a report issued by the Office of the State Auditor.

Speakers Censored at AISA Conference in Melbourne

Schneier on Security

Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. Thomas Drake , former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate.

A Controversial Plan to Encrypt More of the Internet

WIRED Threat Level

The road to routing all Domain Name System lookups through HTTPS is pocked with disagreements over just how much it will help. Security Security / Privacy

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Hackers compromised Volusion infrastructure to siphon card details from thousands of sites

Security Affairs

Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users.

Cloud 113

Capital One Hacking Trial Delay Likely

Data Breach Today

Prosecutors, Defense Attorneys Ask Judge for Delay, Citing Massive Amounts of Data to Review Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A.


7 SMB Security Tips That Will Keep Your Company Safe

Dark Reading

With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect themselves from cyberattacks

Illegal Data Center Hidden in Former NATO Bunker

Schneier on Security

Interesting : German investigators said Friday they have shut down a data processing center installed in a former NATO bunker that hosted sites dealing in drugs and other illegal activities. Seven people were arrested. [.].

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Hacker is auctioning a database containing details of 92 million Brazilians

Security Affairs

A database containing details of 92 million Brazilians was auctioned by a threat actor on underground forums along with a search service focused on Brazilians. Someone is auctioning on several restricted underground forums a database containing personal information of 92 million Brazilian citizens.

Health Data Breach Tally: Ransomware Proliferates

Data Breach Today

Here's An Update on Additions to the 'Wall of Shame' Ransomware attacks are among the largest incidents added to the federal tally of major health data breaches in recent weeks. Attacks on a variety of clinics affected a total of more than 1 million individuals

Attackers Hide Behind Trusted Domains, HTTPS

Dark Reading

One in four malicious URLs employed a legitimate domain, making it more difficult for potential victims to spot possible dangers, a mid-year report finds

IT 111

Wi-Fi Hotspot Tracking

Schneier on Security

Free Wi-Fi hotspots can track your location , even if you don't connect to them. This is because your phone or computer broadcasts a unique MAC address.

A bug in Signal for Android could be exploited to spy on users

Security Affairs

Researcher discovered a logical flaw in the Signal messaging app for Android that could be exploited by a malicious caller to force a call to be answered at the receiver’s end without interaction.

IT 111