Sat.Jun 29, 2019 - Fri.Jul 05, 2019

Quantifying the value of risk management and compliance

TAB OnRecord

Over the years, we have talked with countless clients about "making the business case" for their records management programs. Each records management program is different, but the business cases themselves tend to follow a similar script. They usually go something like this… Read More.

The Biggest Cybersecurity Crises of 2019 So Far

WIRED Threat Level

Ransomware attacks, supply chain hacks, escalating tensions with Iran—the first six months of 2019 have been anything but boring. Security Security / Cyberattacks and Hacks

Amazon Admits Alexa Voice Recordings Saved Indefinitely

Threatpost

Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.

IT 114

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

Groups 280

Contact Center Cloud Migration Done Right

Speaker: Sheila McGee-Smith, Founder and Principal Analyst, McGee-Smith Analytics

Many companies are in the midst of migrating their contact center to the cloud. Understanding how best to execute the transition of premises to cloud is part of that process. Join contact center industry analyst and No Jitter blogger Sheila McGee-Smith as she discussed tried and true best practices for avoiding the potential pitfalls of CX migration.

The Changing Face of Data Security in Federal Government

Thales eSecurity

More Trending

Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

Google has released an open-source cryptographic tool: Private Join and Compute.

More US Cities Battered by Ransomware

Data Breach Today

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents

The Simple Way Apple and Google Let Domestic Abusers Stalk Victims

WIRED Threat Level

To prove a point about common location-sharing apps, I asked my wife to use them to spy on me. Security Security / Privacy

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

Austin Thompson (23) from Utah, the hacker who carried out massive DDoS attacks on Sony, EA, and Steam gets a 27-months prison sentence. The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

US Journalist Detained When Returning to US

Schneier on Security

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico.

Mining 107

UpGuard: Unsecured Amazon S3 Buckets Exposed 1TB of Data

Data Breach Today

Cloud-Based Databases Belonged to IT Firm Attunity Several unsecured Amazon S3 buckets belonging to IT services firm Attunity left at least 1TB of data, including files from companies such as Netflix, TD Bank and Ford, exposed to the internet, UpGuard researchers disclosed.

Cloud 250

Ransomware Hits Georgia Courts As Municipal Attacks Spread

WIRED Threat Level

Almost every month in 2019 so far has seen reports of a local government falling prey to ransomware, but this series of attacks belies an even broader threat. Security Security / Cyberattacks and Hacks

7 tips for preventing ransomware attacks

IT Governance

The threat of r ansomware isn ’ t going away – in fact, it’s worse than ever, with 28 reported attacks in the past three months. . That’s not a surprise, given how often victims pay fraudsters to free their infrastructure from the crippling malware.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Research on Human Honesty

Schneier on Security

New research from Science : " Civic honesty around the globe ": Abstract: Civic honesty is essential to social capital and economic development, but is often in conflict with material self-interest.

Data 93

Facebook Takes Down Pages Loaded With Malware

Data Breach Today

Campaign Targeted Those Interested in Libyan Politics Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims.

LooCipher: The New Infernal Ransomware

Security Affairs

A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher. Introduction. A new Ransomware began to threats the digital world. This time using a nice but scary name: LooCipher.

NEW TECH: A couple of tools that deserve wide use — to preserve the integrity of U.S. elections

The Last Watchdog

As the presidential debate season ramps up, the specter of nation-state sponsored hackers wreaking havoc, once more, with U.S. elections, looms all too large. It’s easy to get discouraged by developments such as Sen. McConnell recently blocking a bi-partisan bill to fund better election security , as well as the disclosure that his wife, Transportation Security Elaine Chao, has accepted money from voting machine lobbyists. Related: Why not train employees as phishing cops?

Tools 130

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Microsoft MVP Award, Year 9

Troy Hunt

I've become especially reflective of my career this year, especially as Project Svalbard marches forward and I look back on what it's taken to get here.

Automated Peril: Researchers Hack 'Smart Home' Hubs

Data Breach Today

Vulnerabilities Found in APIs Controlling Croatia-Based Zipato's IoT Devices Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices.

IoT 221

Prison Time for Former Equifax Executive

Adam Levin

The former CIO of Equifax has been sentenced to prison for selling his stock in the company before news of its 2017 data breach was publicly announced. Jun Ying, the former Chief Information Office of Equifax U.S.

Vulnerability in Medtronic insulin pumps allow hacking devices

Security Affairs

Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to cyber attacks. Medtronic and the United States government have warned of a security vulnerability affecting some Medtronic MiniMed insulin pumps that could be exploited by hackers.

Applied Cryptography is Banned in Oregon Prisons

Schneier on Security

My Applied Cryptography is on a list of books banned in Oregon prisons. It's not me -- and it's not cryptography -- it's that the prisons ban books that teach people to code. The subtitle is "Algorithms, Protocols, and Source Code in C" -- and that's the reason. My more recent Cryptography Engineering is a much better book for prisoners, anyway. appliedcryptography books censorship cryptography prisons

IT 87

Hackers Slurp $500,000 Through 7-Eleven Mobile Payment App

Data Breach Today

Poor Password Reset Process Proves Too Convenient, as 900 Customers Affected Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days.

I Opted Out of Facial Recognition at the Airport—It Wasn't Easy

WIRED Threat Level

Opinion: We've been assured that facial recognition technology is secure, reliable, and accurate. That's far from certain. Security Opinion

IT 87

Tens of VMware Products affected by SACK Panic and SACK Slowness flaws

Security Affairs

Tens of VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities. At least 30 VMware products are affected by recently discovered SACK Panic and SACK Slowness Linux kernel vulnerabilities.

New OMB/NARA Memorandum on Transition to Electronic Records

National Archives Records Express

Late last week, the Office of Management and Budget (OMB) and NARA jointly issued a new memorandum with guidance on managing Federal records. The new memo, titled Transition To Electronic Records (OMB/NARA M-19-21) is available at [link]. NARA is pleased to have the Administration’s continuing support for modernizing Federal agency recordkeeping and bringing about the necessary transformation to a fully electronic government.

DDoS Attacker Austin 'DerpTrolling' Thompson Gets Sentenced

Data Breach Today

Defendant Pleaded Guilty to Disrupting Sony Online Entertainment and Others A distributed denial-of-service attacker who crashed a popular gaming service at Christmas has been sentenced to serve 27 months in prison.

219
219

Yubico Security Keys with a Crypto Flaw

Schneier on Security

Wow, is this an embarrassing bug : Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys it generates. The security keys are used by thousands of federal employees on a daily basis, letting them securely log-on to their devices by issuing one-time passwords.

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

Attunity data integration and big data management firm exposed a significant amount of sensitive data through unprotected Amazon S3 buckets. Data integration and big data management firm Attunity exposed a significant amount of sensitive data through unprotected Amazon S3 buckets.

Sales 88

How does OpenText Extended ECM accelerate sales processes?

OpenText Information Management

Connecting content to key business processes across lead business applications can dramatically increase efficiencies and improve insights for different users across the Enterprise.

ECM 82