Sat.Jun 29, 2019 - Fri.Jul 05, 2019

Quantifying the value of risk management and compliance

TAB OnRecord

Over the years, we have talked with countless clients about "making the business case" for their records management programs. Each records management program is different, but the business cases themselves tend to follow a similar script. They usually go something like this… Read More.

The Biggest Cybersecurity Crises of 2019 So Far

WIRED Threat Level

Ransomware attacks, supply chain hacks, escalating tensions with Iran—the first six months of 2019 have been anything but boring. Security Security / Cyberattacks and Hacks

Amazon Admits Alexa Voice Recordings Saved Indefinitely

Threatpost

Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.

IT 114

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

Groups 277

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

NEW TECH: A couple of tools that deserve wide use — to preserve the integrity of U.S. elections

The Last Watchdog

As the presidential debate season ramps up, the specter of nation-state sponsored hackers wreaking havoc, once more, with U.S. elections, looms all too large. It’s easy to get discouraged by developments such as Sen. McConnell recently blocking a bi-partisan bill to fund better election security , as well as the disclosure that his wife, Transportation Security Elaine Chao, has accepted money from voting machine lobbyists. Related: Why not train employees as phishing cops?

Tools 128

More Trending

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

Austin Thompson (23) from Utah, the hacker who carried out massive DDoS attacks on Sony, EA, and Steam gets a 27-months prison sentence. The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison.

More US Cities Battered by Ransomware

Data Breach Today

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents

US Journalist Detained When Returning to US

Schneier on Security

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico.

The Changing Face of Data Security in Federal Government

Thales eSecurity

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

LooCipher: The New Infernal Ransomware

Security Affairs

A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher. Introduction. A new Ransomware began to threats the digital world. This time using a nice but scary name: LooCipher.

UpGuard: Unsecured Amazon S3 Buckets Exposed 1TB of Data

Data Breach Today

Cloud-Based Databases Belonged to IT Firm Attunity Several unsecured Amazon S3 buckets belonging to IT services firm Attunity left at least 1TB of data, including files from companies such as Netflix, TD Bank and Ford, exposed to the internet, UpGuard researchers disclosed.

Cloud 254

Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

Google has released an open-source cryptographic tool: Private Join and Compute.

The Simple Way Apple and Google Let Domestic Abusers Stalk Victims

WIRED Threat Level

To prove a point about common location-sharing apps, I asked my wife to use them to spy on me. Security Security / Privacy

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

FBI warns on sextortion scams targeting teenagers

Security Affairs

The Federal Bureau of Investigation (FBI) issued a warning on Twitter regarding sextortion campaigns that are targeting teenagers in the United States. The FBI issued a warning on Twitter regarding sextortion attacks that are targeting teenagers in the United States.

Video 104

Facebook Takes Down Pages Loaded With Malware

Data Breach Today

Campaign Targeted Those Interested in Libyan Politics Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims.

Research on Human Honesty

Schneier on Security

New research from Science : " Civic honesty around the globe ": Abstract: Civic honesty is essential to social capital and economic development, but is often in conflict with material self-interest.

Data 90

Ransomware Hits Georgia Courts As Municipal Attacks Spread

WIRED Threat Level

Almost every month in 2019 so far has seen reports of a local government falling prey to ransomware, but this series of attacks belies an even broader threat. Security Security / Cyberattacks and Hacks

Tens of VMware Products affected by SACK Panic and SACK Slowness flaws

Security Affairs

Tens of VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. At least 30 VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities.

Access 105

Automated Peril: Researchers Hack 'Smart Home' Hubs

Data Breach Today

Vulnerabilities Found in APIs Controlling Croatia-Based Zipato's IoT Devices Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices.

IoT 228

7 tips for preventing ransomware attacks

IT Governance

The threat of r ansomware isn ’ t going away – in fact, it’s worse than ever, with 28 reported attacks in the past three months. . That’s not a surprise, given how often victims pay fraudsters to free their infrastructure from the crippling malware.

Prison Time for Former Equifax Executive

Adam Levin

The former CIO of Equifax has been sentenced to prison for selling his stock in the company before news of its 2017 data breach was publicly announced. Jun Ying, the former Chief Information Office of Equifax U.S.

Cryptomining Campaign involves Golang malware to target Linux servers

Security Affairs

Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers.

DDoS Attacker Austin 'DerpTrolling' Thompson Gets Sentenced

Data Breach Today

Defendant Pleaded Guilty to Disrupting Sony Online Entertainment and Others A distributed denial-of-service attacker who crashed a popular gaming service at Christmas has been sentenced to serve 27 months in prison.

227
227

Microsoft MVP Award, Year 9

Troy Hunt

I've become especially reflective of my career this year, especially as Project Svalbard marches forward and I look back on what it's taken to get here.

The quality of its data can make or break an organization

Information Management Resources

High quality data can improve decision making, customer service, business processes and competitiveness. Poor quality data can potentially lead to financial ruin. Data quality Data management Data discovery

IT 121

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

Attunity data integration and big data management firm exposed a significant amount of sensitive data through unprotected Amazon S3 buckets. Data integration and big data management firm Attunity exposed a significant amount of sensitive data through unprotected Amazon S3 buckets.

Sales 105

Hackers Slurp $500,000 Through 7-Eleven Mobile Payment App

Data Breach Today

Poor Password Reset Process Proves Too Convenient, as 900 Customers Affected Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days.

I Opted Out of Facial Recognition at the Airport—It Wasn't Easy

WIRED Threat Level

Opinion: We've been assured that facial recognition technology is secure, reliable, and accurate. That's far from certain. Security Opinion

IT 87

New OMB/NARA Memorandum on Transition to Electronic Records

National Archives Records Express

Late last week, the Office of Management and Budget (OMB) and NARA jointly issued a new memorandum with guidance on managing Federal records. The new memo, titled Transition To Electronic Records (OMB/NARA M-19-21) is available at [link]. NARA is pleased to have the Administration’s continuing support for modernizing Federal agency recordkeeping and bringing about the necessary transformation to a fully electronic government.

Vulnerability in Medtronic insulin pumps allow hacking devices

Security Affairs

Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to cyber attacks. Medtronic and the United States government have warned of a security vulnerability affecting some Medtronic MiniMed insulin pumps that could be exploited by hackers.

The 'Going Dark' Debate: It's Back

Data Breach Today

Trump Administration Reportedly Weighs Forcing Tech Firms to Use Weak Crypto The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned.

IT 220