Sat.Sep 28, 2019 - Fri.Oct 04, 2019

Just How Widespread Is Ransomware Epidemic?

Data Breach Today

Report: Over 600 Attacks in First 8 Months of Year More than 600 ransomware attacks pummelled local governments, schools districts and healthcare providers across the U.S. in the first three quarters of this year, according to a study by security firm Emsisoft.

Blind Spots in AI Just Might Help Protect Your Privacy

WIRED Threat Level

Researchers have found a potential silver lining in so-called adversarial examples, using it to shield sensitive data from snoops. Security Security / Privacy

SHARED INTEL: Threat actors add a human touch to boost effectiveness of automated attacks

The Last Watchdog

Trends in fashion and entertainment come and go. The same holds true for the cyber underground.

Measuring the Security of IoT Devices

Schneier on Security

In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software.

IoT 96

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

We need to talk about Go

Thales eSecurity

I love the Go programming language. It’s easy to use, concise and powerful. These characteristics appeal to the typical programmer’s mindset. Yet, the brevity of the language can be a source of frustration.

More Trending

Decades-Old Code Is Putting Millions of Critical Devices at Risk

WIRED Threat Level

Nearly two decades ago, a company called Interpeak created a network protocol that became an industry standard. It also had severe bugs that are only now coming to light. Security Security / Cyberattacks and Hacks

Risk 114

MY TAKE: The case for assessing, quantifying risks as the first step to defending network breaches

The Last Watchdog

It’s clear that managed security services providers (MSSPs) have a ripe opportunity to step into the gap and help small- to medium-sized businesses (SMBs) and small- to medium-sized enterprises (SMEs) meet the daunting challenge of preserving the privacy and security of sensitive data.

Risk 159

Apple iOS Has Permanent Bootrom Vulnerability

Data Breach Today

Checkm8' Exploit Poses Risk to Hundreds of Millions of Devices A security researcher has uncovered what may rank as one of the most significant iOS weaknesses ever discovered: a flaw that enables bypassing the security protections present in most Apple mobile devices.

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

Security Affairs

The Ukrainian police dismantled a bot farm involved in spam campaigns carried out through various services, including email and social networks.

IoT 113

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

The Ukraine Whistle-Blower Did Everything Right

WIRED Threat Level

The Trump administration's attacks on the whistle-blower aren't just baseless—they could have a corrosive long-term effect. Security Security / National Security

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

The Last Watchdog

Homomorphic encryption has long been something of a Holy Grail in cryptography. Related: Post-quantum cryptography on the horizon For decades, some of our smartest mathematicians and computer scientists have struggled to derive a third way to keep data encrypted — not just the two classical ways, at rest and in transit. The truly astounding feat, aka homomorphic encryption, would be to keep data encrypted while it is being actively used by an application to run computations.

Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners

Data Breach Today

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks.

Mining 239

Egypt regularly spies on opponents and activists with mobile apps

Security Affairs

Researchers at Check Point discovered that Egypt ‘ government has been spying citizens in a sophisticated surveillance program. Researchers at Check Point discovered that the Egyptian government has been spying on activists and opponents as part of a sophisticated surveillance program.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

The Same Old Encryption Debate Has a New Target: Facebook

WIRED Threat Level

Attorney general William Barr seems eager to reignite the encryption wars, starting with the social media giant. Security Security / Privacy

Supply-Chain Security and Trust

Schneier on Security

The United States government's continuing disagreement with the Chinese company Huawei underscores a much larger problem with computer technologies in general: We have no choice but to trust them completely, and it's impossible to verify that they're trustworthy.

Rheinmetall Investigating Malware Attack at Three Plants

Data Breach Today

German Defense Contractor Says Incident Costing $4 Million a Week An unspecified malware attack against the IT systems of Rheinmetall's automotive division in Brazil, Mexico and the U.S. is costing the company an estimated $4 million a week, the company says.

IT 227

Expert disclosed details of remote code execution flaw in Whatsapp for Android

Security Affairs

Researcher discovered a double-free vulnerability in WhatsApp for Android that could be exploited by remote attackers to execute arbitrary code on the vulnerable device.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

A DoorDash Breach Exposes Data of 4.9 Million Customers

WIRED Threat Level

A NotPetya lawsuit, bricked Mac Pros, and more of the week's top security news. Security Security / Security News

Data 114

NSA on the Future of National Cybersecurity

Schneier on Security

Glenn Gerstell, the General Counsel of the NSA, wrote a long and interesting op-ed for the New York Times where he outlined a long list of cyber risks facing the US.

Former Army Contractor Gets Prison Term for Insider Attack

Data Breach Today

Access 226

6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Security Affairs

Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG.

Groups 112

Iranian Hackers Targeted a US Presidential Candidate

WIRED Threat Level

A revelation from Microsoft offers a chilling reminder that Russia is not the only country interested in swaying the 2020 election. Security Security / Cyberattacks and Hacks

Hacker Claims to Have Compromised 200 Million Words with Friends Accounts

Adam Levin

The hacker allegedly behind the Collection #1 and Collection #2 data breaches has claimed responsibility for the compromise of more than 200 million users of a popular iOS and Android gaming app.

Latest U.S. Healthcare Ransomware Attacks Have Harsh Impact

Data Breach Today

In Worst-Case Scenarios, Patient Care Directly Affected A recent rash of ransomware attacks in the U.S. healthcare sector shows the serious disruptions these assaults can pose - including temporarily, or even permanently, stopping patient care

The sLoad Threat: Ten Months Later

Security Affairs

Since September 2018, SLoad (tracked as TH-163) is the protagonist of an increasing and persistent wave of attacks against Italian organizations. Introduction.

What Past Whistle-Blowers Think of the Trump-Ukraine Complaint

WIRED Threat Level

Two former intelligence community whistle-blowers say the life of whoever wrote the Trump-Ukraine complaint has been permanently altered. Security Security / National Security

Tracking by Smart TVs

Schneier on Security

Long Twitter thread about the tracking embedded in modern digital televisions. The thread references three academic papers. academicpapers internetofthings tracking

Paper 95