Sat.Nov 03, 2018 - Fri.Nov 09, 2018

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

It's just another day on the internet when the news is full of headlines about accounts being hacked. Yesterday was a perfect example of that with 2 separate noteworthy stories adorning my early morning Twitter feed.

GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data?

The Last Watchdog

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike. Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules. From smart phones, to smart TVs, location services, and speech capabilities, often times user data is stored without your knowledge.

Sales 140

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Data Breach Today

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack.

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide

Security Affairs

Security researchers revealed in a recent paper that over the past years, China Telecom used BGP hijacking to misdirect Internet traffic through China. Security researchers Chris C.

Paper 113

More Trending

How Cyber Insurance Is Changing in the GDPR Era

Data Breach Today

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force , a team of law enforcement officers and prosecutors based in Santa Clara, Calif.

Data from ‘almost all’ Pakistani banks stolen, Pakistani debit card details surface on the dark web

Security Affairs

According to the head of the Federal Investigation Agency’s (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach.

Sales 110

Search is Becoming Everything, And Vice Versa

Weissman's World

I’ve just come out of a series of discussions on the issue of records preservation, and one of my take-aways is how similar at least one current approach to the issue is to what we nominally call “search.” And the more I think about it, the more I wonder whether search is on its way […].

Groups 156

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

HSBC Bank Alerts US Customers to Data Breach

Data Breach Today

Unauthorized Entry' to Some Accounts Exposes Account Details and Statements HSBC bank is warning some of its U.S. customers that their personal data was compromised in a breach, although it says it's detected no signs of fraud following the "unauthorized entry."

Who’s In Your Online Shopping Cart?

Krebs on Security

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that was obvious even to the untrained eye.

Crooks offered for sale private messages for 81k Facebook accounts

Security Affairs

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account.

Sales 110

Security of Solid-State-Drive Encryption

Schneier on Security

Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Bankers Life Hack Affects More Than 566,000

Data Breach Today

Company Says Medicare Supplemental Plan Policyholders Among Those Impacted Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident.

Bug Bounty Hunter Ran ISP Doxing Service

Krebs on Security

A Connecticut man who’s earned bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that leveraged these same flaws to sell their customers’ personal data, KrebsOnSecurity has learned.

Sales 208

Kraken ransomware 2.0 is available through the RaaS model

Security Affairs

The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web.

iOS 12.1 Vulnerability

Schneier on Security

This is really just to point out that computer security is really hard : Almost as soon as Apple released iOS 12.1

Access 106

Georgia Patches Voter Website, But Hacking Accusation Stands

Data Breach Today

Disclosure Flow Suggests Georgia's Secretary of State's Office May Have Erred Georgia quietly fixed two flaws in its voter registration website that could have exposed personal information.

IT 208

What’s the difference between business continuity and disaster recovery?

IT Governance

Disasters happen, whether it’s a cyber attack, flood, power outage, road closure or any other type of disruption. And when it strikes, your organisation needs to be ready to implement its business continuity and disaster recovery plans. .

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems.

IoT 107

The Pentagon is Publishing Foreign Nation-State Malware

Schneier on Security

Pakistan: Banks Weren't Hacked, But Card Details Leaked

Data Breach Today

Card Details From 22 Banks Appeared On Underground Market Pakistan says the nation's banks have not been hacked, but are taking defensive steps after nearly 20,000 payment card details appeared for sale online.

Sales 202

What’s the difference between business continuity and disaster recovery?

IT Governance

Disasters happen, whether it’s a cyber attack, flood, power outage, road closure or any other type of disruption. And when it strikes, your organisation needs to be ready to implement its business continuity and disaster recovery plans. .

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data.

FIFA Hacked Again

Adam Levin

The international soccer league FIFA announced it had been hacked earlier this year and is bracing itself for a potential data breach. This latest cyber incident marks the second major successful hack on the organization, the first reported in 2017.

Symantec Buys Javelin Networks and Appthority

Data Breach Today

Separately, Thoma Bravo Moves to Acquire Veracode Software From Broadcom Symantec has announced not one but two acquisitions of private cybersecurity firms: Javelin Networks and Appthority.

How the General Data Protection Regulation (GDPR) Helps Improve RIM Policies and Processes

InfoGoTo

A good incentive to update and strengthen your organization’s records and information management (RIM) policies is the looming threat of fines upwards of 20 million euros, courtesy of the European Union’s General Data Protection Regulation (GDPR) , which became effective on May 25, 2018.

GDPR 91

Researcher discloses VirtualBox Zero-Day without reporting it to Oracle

Security Affairs

Security expert disclosed the details of a zero-day flaw affecting Oracle’s VirtualBox virtualization software without waiting for a patch from Oracle.

IT 103

Privacy and Security of Data at Universities

Schneier on Security

FDA Reacts to Critique of Medical Device Security Strategy

Data Breach Today

Watchdog Agency Cited Deficiencies, But Agency Says Many Have Already Been Addressed The FDA's procedures for handling cybersecurity concerns in medical devices once they are on the market are deficient, according to a new federal watchdog agency report.

It's End of Life for ASafaWeb

Troy Hunt

A lot has changed in the Microsoft technology world in the last 7 years since I launched ASafaWeb in September 2011. Windows XP is no longer the dominant operating system ( Win 7 actually caught up the month I launched ASafaWeb ).

IT 89