Sat.Jan 04, 2020 - Fri.Jan 10, 2020

Eliminate the Password, Eliminate the Password Problem.

The Security Ledger

Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like?

What Orwell's '1984' Missed: Free Social Media Apps

Data Breach Today

UAE Green Lights All-Access Social Messaging App, Blocks Rivals Not even George Orwell could have predicted nation-state surveillance in the 21st century.

Access 163

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

In App Development, Does No-Code Mean No Security?

Dark Reading

No-code and low-code development platforms are part of application development, but there are keys to making sure that they don't leave security behind with traditional coding

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy

Threatpost

Project Zero vulnerability disclosures will now happen at 90 days, even if a patch becomes available before then. Bug Bounty Vulnerabilities 90 days coordinated disclosure google policy changes Project Zero Vulnerability Disclosure

64

ABCs of Data Normalization for B2B Marketers

Data normalization. It’s not a far stretch to suggest that the topic isn’t exactly what gets marketers excited in their day-to-day workflow. However, if lead generation, reporting, and measuring ROI is important to your marketing team, then data normalization matters - a lot. In this eBook, we’ll break down the ins and outs of data normalization and review why it’s so critical for your marketing strategies and goals!

11 cyber security predictions for 2020

IT Governance

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. Keeping aware of the latest cyber threats and the best solutions to combat them will put organisations in a better position to prevent attacks.

IoT 83

More Trending

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password.

5 Ways Data Modeling Is Critical to Data Governance

erwin

Enterprises are trying to manage data chaos. They might have 300 applications, with 50 different databases and a different schema for each one.

Mainframe Transformation awaits @SHARE in Texas

Micro Focus

As a native Texan, I am excited to help host this event in my backyard of Fort Worth, Texas, on February 23-28. A short drive to the venue beats a long flight hands down. Why ‘Cowtown’? Fort Worth got its nickname “Cowtown” in the 1800s as it became the center of the cattle drives, and. View Article.

IT 100

Router Cryptojacking Campaigns Disrupted

Data Breach Today

20,000 Hacked MikroTik Routers in Southeast Asia Were Malware-Infected Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation.

Mining 205

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Senators Prod FCC to Act on SIM Swapping

Krebs on Security

Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via “SIM swapping,” a particularly invasive form of fraud that involves tricking a target’s mobile carrier into transferring someone’s wireless service to a device they control. But the U.S.

Chinese Malware Found Preinstalled on US Government-Funded Phones

Dark Reading

Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless

MicroServices: Today’s data science gold rush

Thales eSecurity

Microservices are changing how organizations are doing business. And nowhere was this more clear than at KubeCon in San Diego last year. Microservices 1 is a powerful technology that is the kernel for modern cloud architecture, and it’s going to drive how people build, manage and deploy secure apps.

Voting Machine Firm CEOs Open to Greater Federal Oversight

Data Breach Today

Congress Wants Security Vulnerabilities Addressed to Thwart Foreign Interference The CEOs of the three largest voting machine manufacturers testified before a U.S.

The 2019 Technographic Data Report for B2B Sales Organizations

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization. The reason for this is simple—sales teams value technographic data because it makes essential selling activities easier and more efficient.

Alleged Member of Neo-Nazi Swatting Group Charged

Krebs on Security

Car Hacking Hits the Streets

Dark Reading

The top-three carmakers sell only connected vehicles in the United States - and other manufacturers are catching up - creating a massive opportunity for attacks, which black-hat hackers are not overlooking

MITRE presents ATT&CK for ICS, a knowledge base for ICS

Security Affairs

MITRE announced the initial release of a version of its MITRE ATT&CK knowledge base that focuses on industrial control systems (ICS). MITRE’s ATT&CK framework is becoming a standard in cybersecurity community for the classification of attacker behavior.

Risk 82

Lawsuit Filed in Wake of Ransomware Attack

Data Breach Today

Ryuk Attack on DCH Health System Disrupted Patient Care Last Fall A lawsuit filed against DCH Health System in the wake of a ransomware attack that disrupted medical services for several days alleges that the Alabama-based organization failed "to properly maintain and safeguard its computer systems and data."

The Time-Saving Power of Intent Data for Sales

By using the power of intent data, capturing buyer interest has become more feasible for sales. Not only that, but using it will save immense time during your workflow; a win-win on all fronts.

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network.

Iranian Hackers Have Been ‘Password-Spraying’ the US Grid

WIRED Threat Level

A state-sponsored group called Magnallium has been probing American electric utilities for the past year. Security Security / National Security

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability , tracked as CVE-2019-2215 , in Android.

FBI Asks Apple For Access to Saudi Shooter's iPhones

Data Breach Today

Request Echoes 2016 Legal Standoff Between Apple and the FBI The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption

Access 172

How ZoomInfo Enhances Your Database Management Strategy

Forward-thinking marketing organizations have continuously invested in a database strategy for enabling marketing processes. Download this ebook to learn how to maintain a strategy that includes refreshed information, database cleanses, and an accurate analysis at the same time.

7 Free Tools for Better Visibility Into Your Network

Dark Reading

It's hard to protect what you don't know is there. These free tools can help you understand just what it is that you need to protect -- and need to protect yourself from

IT 81

New SHA-1 Attack

Schneier on Security

There's a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack.

Paper 81

56.25 million US residents records collected by CheckPeople exposed on a Chinese server

Security Affairs

A database containing the personal details of 56.25 million US residents that allegedly belongs to CheckPeople.com website was exposed online. A database containing the personal details of 56.25

Patch or Perish: VPN Servers Hit by Ransomware Attackers

Data Breach Today

Pulse Secure Says Critical April 2019 Patch Protects Against Sodinokibi Too Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns.

How ZoomInfo Enhances Your ABM Strategy

For marketing teams to develop a successful account-based marketing strategy, they need to ensure good data is housed within its Customer Relationship Management (CRM) software. More specifically, updated data can help organizations outline key accounts for their campaigns. And to begin the targeting process, marketing teams must develop an Ideal Customer Profile (ICP) with appropriate firmographic and behavioral data to ensure they’re going after the correct audience.Download this eBook to learn how to start improving your marketing team's data!

Currency Exchange Company Travelex Hit By Ransomware Attack

Adam Levin

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . The attack was first detected the night of December 31. Soon after, the company took its systems offline.

How the US Knew Iranian Missiles Were Coming Before They Hit

WIRED Threat Level

The US has operated an extensive network of missile warning systems for over half a century, but next-generation missiles will put it to the test. Security Security / National Security Science Science / Space

IT 80

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited

Security Affairs

The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The U.S.